1

This script is working but only for files around 10 MB or less. Anything more and I am getting a file error:

error = There was an error uploading software

I want to upload larger files, like 50MB, or even files several GB large.

<form action="../../programming/softupload.php" enctype="multipart/form-data" method="POST" class="uploader">
    <p class="close">x</p>
    <h3>Upload software</h3>
    <input type="text" class="f1" name="name" placeholder="Software name" required>
    <input class="ch1" type="file" id="file" name="filer" required>
    <label for="file" class="f2">Upload software</label>
    <input class="ch2" type="file" id="file2" name="filer2" required>
    <label for="file2" class="f3">Upload image</label>
    <select name="bitss" class="bitss" required>
        <option value="0" selected="1">Version</option>
        <option value="32">32 [Bit]</option>
        <option value="64">64 [Bit]</option>
    </select>
    <input class="ch3" type="submit" name="submit" value="Upload">
</form>

<?php
    require_once 'dbh.php';
    if (isset($_POST['submit'])) {
        $getFileName = mysqli_real_escape_string($mysqli, $_POST['name']);
        $getFileNameRel = mysqli_real_escape_string($mysqli, $_POST['bitss']);
        $file = $_FILES['filer'];
        $fileName = $_FILES['filer']['name'];
        $fileTmpName = $_FILES['filer']['tmp_name'];
        $fileSize = $_FILES['filer']['size'];
        $fileError = $_FILES['filer']['error'];
        $fileType = $_FILES['filer']['type'];

        $fileExt = explode('.', $fileName);
        $fileActualExt = strtolower(end($fileExt));
        $uploadDate = date("M d Y");
        $allowed = array("exe", "zip", "msi", "rar");
            if (in_array($fileActualExt, $fileExt)) {
                if ($fileError === 0) {
                    if ($fileSize < 2000000000000) {
                        $fileNewName = uniqid('', true).".".$fileActualExt;
                        $fileDestination = "software/".$fileNewName;
                        $file1 = $_FILES['filer2'];
                        $fileName1 = $_FILES['filer2']['name'];
                        $fileTmpName1 = $_FILES['filer2']['tmp_name'];
                        $fileSize1 = $_FILES['filer2']['size'];
                        $fileError1 = $_FILES['filer2']['error'];
                        $fileType1 = $_FILES['filer2']['type'];

                        $fileExt1 = explode('.', $fileName1);
                        $fileActualExt1 = strtolower(end($fileExt1));
                        $allowed1 = array("jpeg", "jpg", "png");

                        if (in_array($fileActualExt1, $fileExt1)) {
                            if ($fileError1 === 0) {
                                if ($fileSize1 < 2000000000) {
                                    $fileNewName1 = uniqid('', true).
                                    ".".$fileActualExt1;
                                    $fileDestination1 = "software/img/".$fileNewName1;
                                    $stmt = mysqli_stmt_init($mysqli);
                                    $sql = "INSERT INTO softwares (name, img, file, bit, uploadDate) VALUES ('$getFileName', '$fileNewName1','$fileNewName', '$getFileNameRel', '$uploadDate')";
                                    if (!mysqli_stmt_prepare($stmt, $sql)) {
                                        header("Location: ../includes/the_areas/nanosoft?error=Software could not uploaded");
                                        exit();
                                    }else{
                                        mysqli_stmt_bind_param($stmt, "sssss", $getFileName, $fileNewName1, $fileNewName, $getFileNameRel, $uploadDate);
                                        mysqli_stmt_execute($stmt);
                                        move_uploaded_file($fileTmpName1, $fileDestination1);
                                        move_uploaded_file($fileTmpName, $fileDestination);
                                        header("Location: ../includes/the_areas/nanosoft?success=Software uploaded successfully!");
                                        exit();
                                    }
                                } else {
                                    echo "Your image is too big";
                                }
                            } else {
                                echo "There was an error uploading image";
                            }
                        } else {
                            echo "You cannot upload image of this type";
                        }
                    } else {
                        echo "Your movie is too big";
                    }
                } else {
                    echo "There was an error uploading software";
                }
            } else {
                echo "You cannot upload this type of software";
            }
    }else{
        header("Location: ../includes/the_areas/nanosoft?error");
        exit();
    }

I think there is something wrong in my script, but I can't figure it out.

TylerH
  • 20,799
  • 66
  • 75
  • 101
Alex
  • 11
  • 6
  • you should check the `max_execution_time`, `post_max_size` and `upload_max_filesize` settings - override if necessary. Also - `set_time_limit(0);` – Professor Abronsius Dec 15 '19 at 07:49
  • You're not using prepared statements correctly. You need to parameterize your variables. – Dharman Dec 15 '19 at 11:35
  • @RamRaider I think it should help – Alex Dec 15 '19 at 22:52
  • @Dharman can you tell me how if you don't mind please. – Alex Dec 15 '19 at 22:52
  • Sure please read this carefully. You have PHP variables in your SQL instead of placeholders `?` https://stackoverflow.com/questions/7537377/how-to-include-a-php-variable-inside-a-mysql-statement – Dharman Dec 15 '19 at 22:55
  • @Dharman bro i am getting confused can you fix my code if you don't mind please. – Alex Dec 15 '19 at 23:27
  • Look into chunked uploads. You’re going to need to break your file into chunks and upload them asynchronously using JavaScript. – Martin Bean Dec 16 '19 at 16:41
  • @Alex Please check the value of `$fileError` against the list of error codes on https://www.php.net/manual/en/features.file-upload.errors.php. Which error code is it when you get the error message you printed? – Progman Dec 16 '19 at 18:00

1 Answers1

0

Create a file .htaccess add the following code 

php_value upload_max_filesize 72M
php_value post_max_size 72M

It will increase your upload limit (if the server allows PHP config changes through.htaccess). or do it using PHP 

ini_set('post_max_size', '72M');
ini_set('upload_max_filesize', '72M');

Where 72M is your maximum allowed upload size

Stack
  • 11
  • 6
  • The problem is some images are showing but some images are not showing. What should i do with that any suggestions. – Alex Dec 15 '19 at 20:53
  • Very difficult to suggest, i can only say when i see the code or the breakdown of the image - But if the solution sorted your problem please accept the answer. – Stack Dec 16 '19 at 05:53