1

I'm trying to upload images using the FileReader API, and writing the data URL from the FileReader.readAsDataURL() method to a file using PHP on the server side.

The method works with smaller images (not sure exactly how small, but < 1MB is probably fairly acurate). However, when uploading larger images, I get a 413 Request Entity Too Large error. I saw this question and tried both of the solutions, however the first did nothing and the second gave a 500 error. When I checked the error log it said:

 /home/username/public_html/.htaccess: LimitRequestFieldsize not allowed here

Why isn't this working?

php.ini

file_uploads = On
post_max_size = 50M
upload_max_filesize = 50M

.htaccess

RewriteEngine On 

# LimitRequestFieldSize 2097152

SSLRenegBufferSize 1000000

JS

function readURL(input) {
  if (input.files && input.files[0]) {
    var reader = new FileReader();

    reader.onload = function(e) {

      $.ajax({
        url: "?action=saveImg",
        type: "POST",
        dataType: "json",
        data: {
          image: e.target.result,
          id: id
        },
        success: function(data){
          $.dialog(data.message, data.title);
        }
      });
    }
    for(var i = 0; i < input.files.length; i++){
      reader.readAsDataURL(input.files[i]);
    }
  }
}

$("#file").change(function() {
  readURL(this);
});

PHP

$id = $_POST["id"];

$filetype = str_replace('data:', '', explode(";", $_POST["image"])[0]);

$data = $_POST["image"];

list($type, $data) = explode(';', $data);
list(, $data)      = explode(',', $data);
$data = base64_decode($data);

$rand = random_str(6);

$ext = explode("/", $filetype)[1];

if(!is_dir("../../images/product/{$id}/")){
  mkdir("../../images/product/{$id}/");
}

$fh = fopen("../../images/product/{$id}/{$rand}.{$ext}", "w+");
fwrite($fh, $data);
fclose($fh);

$return = ["message" => "ID is $id. Saved image as /images/product/{$id}/{$rand}.{$ext}.", "title" => "Saved Image", "image" => "/images/product/{$id}/{$rand}.{$ext}"];
echo json_encode($return);

die();

How can I make this work?

yaakov
  • 4,568
  • 4
  • 27
  • 51
  • Are you sure you are reading the right error line? – revo Jan 09 '18 at 20:32
  • Pretty sure. What else could it be? – yaakov Jan 09 '18 at 20:32
  • I wonder if `LimitRequestFieldsize` directive has anything to do with *413 Request Entity Too Large* error. – revo Jan 09 '18 at 20:36
  • ... and obviously it is logged since you used directive directly inside .htaccess file which you shouldn't. – revo Jan 09 '18 at 20:38
  • The answer I saw seemed to think that `LimitRequestFieldsize` had something to do, and where else should I have used the directive? I'm on a godaddy shared server. – yaakov Jan 09 '18 at 20:43
  • Possible duplicate of [How to change the limitrequestfieldsize in Apache 2.4.2](https://stackoverflow.com/questions/24273399/how-to-change-the-limitrequestfieldsize-in-apache-2-4-2) – Tony Chiboucas Jan 09 '18 at 20:45
  • Are you sure your php.ini file got read? – revo Jan 09 '18 at 20:47
  • Fairly sure. I checked on the [godaddy help site](https://www.godaddy.com/help/phpiniuserini-changes-not-taking-effect-5647), and they said that starting a new session would read the php.ini file. – yaakov Jan 09 '18 at 20:53
  • Well, don't post it as a base64 url... it's ~3x larger! use [FormData](https://developer.mozilla.org/en-US/docs/Web/API/FormData)! – Endless Jan 09 '18 at 21:13

1 Answers1

-1

This is an apache config issue

There are many potential causes of this issue, aside from LimitRequestFieldsize.

LimitRequestFieldsize

First, LimitRequestFieldsize usually must be set in a .conf file, rather than .htaccess. Additionally, there are significant security implications to increasing the limit. (slow loris attack for one)

SecRequestBodyLimit (if you're using mod_security)

Also must be set in a .conf file. Also has security implications.

SecRequestBodyLimit 10485760

Your question belongs on ServerFault

Tony Chiboucas
  • 5,505
  • 1
  • 29
  • 37