Uber Uploader Uploading Issue
We have a site using Uber Uploader (http://uber-uploader.sourceforge.net) but I just found a wired issue.
The problem is, if the uploaded file is larger than 127MB, it will give a "Failed To Find Flength File" error message.
Normally it should display "ERROR: Maximum upload size of 50.00 MB exceeded" because I set the max file size to 50MB.
Does anyone know why?
Thanks and advance.
Ah, and please ask if anything else is required to help determine the issue, thanks!
The problem is, if the uploaded file is larger than 127MB, it will give a "Failed To Find Flength File" error message.
Normally it should display "ERROR: Maximum upload size of 50.00 MB exceeded" because I set the max file size to 50MB.
Does anyone know why?
Thanks and advance.
Ah, and please ask if anything else is required to help determine the issue, thanks!
#!/usr/bin/perl -w
#**********************************************************************************************************************************
# ATTENTION: THIS FILE HEADER MUST REMAIN INTACT. DO NOT DELETE OR MODIFY THIS FILE HEADER.
#
# Name: ubr_upload.pl
# Link: http://uber-uploader.sourceforge.net/
# Revision: 1.9
# Date: 8:42 PM Saturday, June 21, 2008
# Initial Developer: Peter Schmandra
# Description: Upload files to a temp dir based on upload id, transfer files to upload dir and redirects.
#
# Licence:
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
#**********************************************************************************************************************************
#****************************************************************************************
# ATTENTION: The $TEMP_DIR values MUST be duplicated in the "ubr_ini.php" file
#****************************************************************************************
my $TEMP_DIR = '/tmp/ubr_temp/'; # MUST be duplicated in the "ubr_ini.php" file
$|++; # Auto flush output buffer
use strict; # Insert whipping sound here
use CGI::Carp 'fatalsToBrowser'; # Dump fatal errors to screen
use CGI qw(:cgi); # Load the CGI.pm module
use File::Copy; # Module for moving uploaded files
use File::Path; # Module for creating and removing directories
my $UBER_VERSION = "6.3.8"; # Version of UU
my $THIS_VERSION = "1.9"; # Version of this script
my $UPLOAD_ID = ''; # Initialize upload id
# Makes %ENV safer
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
###############################################################
# The following possible query string formats are assumed
#
# 1. ?upload_id=32_alpha_numeric_string
# 2. ?about=1
###############################################################
my %query_string = parse_query_string($ENV{'QUERY_STRING'}); # Parse query string
my $print_issued = 0; # Track print statement
my $remove_temp_dir = 0; # Track remove upload_id.dir
# Check for tainted upload id
if(exists($query_string{'upload_id'})){
if($query_string{'upload_id'} !~ m/(^[a-zA-Z0-9]{32}$)/){ die("Invalid upload id\n"); }
else{ $UPLOAD_ID = $1; }
}
elsif(exists($query_string{'about'})){
if($query_string{'about'} == 1){ &kak("<u><b>UBER UPLOADER VERSION</b><\/u><br> UBER UPLOADER VERSION = <b>" . $UBER_VERSION . "<\/b><br> UBR_UPLOAD = <b>" . $THIS_VERSION . "<\/b><br>\n", 1, __LINE__); }
}
else{ die("Invalid parameters passed\n"); }
my $found_link_file = 0;
my $start_upload = 0; # Timestamp start of upload
my $end_upload = 0; # Timestamp end of upload
my $sleep_time = 1; # Seconds to wait before upload proceeds (for small file uploads)
my %uploaded_files = (); # Hash used to store uploaded file names, sizes and types
my %config = &load_config_file($TEMP_DIR, $UPLOAD_ID); # Hash containig configuration settings
my $temp_dir_id = $TEMP_DIR . $UPLOAD_ID . '.dir'; # The upload dir appendided to the temp dir
my $flength_file = $temp_dir_id . '/' . $UPLOAD_ID . '.flength'; # Flength file is used to store the size of the upload in bytes
my $redirect_file = $TEMP_DIR . $UPLOAD_ID . '.redirect'; # Redirect file (upload id.redirect)
# Dump info to screen and exit if $DEBUG_UPLOAD=1
if($config{'debug_upload'}){ &show_debug_info($UBER_VERSION, $THIS_VERSION, $TEMP_DIR, $UPLOAD_ID, %config); }
umask(0);
$SIG{HUP} = 'IGNORE'; # Ignore sig hup
$CGI::POST_MAX = $config{'max_upload_size'}; # Set the max post value
$CGI::PRIVATE_TEMPFILES = 0; # Disable private temp files
# Create a temp directory based on upload id
mkpath($temp_dir_id, 0, 0777) or die("Failed to make $temp_dir_id: $!\n");
# Prepare the flength file for writing
open(FLENGTH, ">" , "$flength_file") or die("Failed to open $flength_file: $!\n");
if(!$found_link_file){
# If fail to find upload_id.link file, write error to flength file and exit
print FLENGTH "ERROR:1:Failed to open link file " . $TEMP_DIR . $UPLOAD_ID . ".link";
close(FLENGTH);
chmod 0666, $flength_file;
die("Failed to open $UPLOAD_ID.link: $!\n");
}
elsif($ENV{'CONTENT_LENGTH'} > $config{'max_upload_size'}){
# If file size exceeds maximum write error to flength file and exit
my $max_size = &format_bytes($config{'max_upload_size'}, 99);
print FLENGTH "ERROR:2:Maximum upload size of $max_size exceeded";
close(FLENGTH);
chmod 0666, $flength_file;
die("Maximum upload size of $max_size exceeded\n");
}
else{
# Write total upload size in bytes to flength file
print FLENGTH $ENV{'CONTENT_LENGTH'};
close(FLENGTH);
chmod 0666, $flength_file;
# Clean up upload_id.dir when the script exits
$remove_temp_dir = 1;
}
# Let progress bar get some info (for small file uploads)
sleep($sleep_time);
# Timestamp start of upload
$start_upload = time();
# Tell CGI.pm to use our directory based on upload id
if($TempFile::TMPDIRECTORY){ $TempFile::TMPDIRECTORY = $temp_dir_id; }
elsif($CGITempFile::TMPDIRECTORY){ $CGITempFile::TMPDIRECTORY = $temp_dir_id; }
else{ die("Failed to assign CGI temp directory\n"); }
my $query = new CGI;
####################################################################################################################
# The upload is complete at this point, so you can now access post values. eg. $query->param("some_post_value");
####################################################################################################################
####################################################################################################################
# IF you are modifying the upload directory with a post or config value, it may be done here.
#
# Note: Making modifications based on posted input may be unsafe. Make sure your posted input is safe!
#
# You must override the $config{'upload_dir'} value
# If you are linking to the file you must also override the $config{'path_to_upload'} value
#
# eg. $config{'upload_dir'} .= $query->param("employee_num") . '/';
# eg. $config{'path_to_upload'} .= $query->param("employee_num") . '/';
# eg. $config{'upload_dir'} .= $config{'employee_num'} . '/';
# eg. $config{'path_to_upload'} .= $config{'employee_num'} . '/';
###################################################################################################################
# Create a directory based on upload_id inside the upload directory if config setting 'unique_upload_dir' is enabled
if($config{'unique_upload_dir'}){
$config{'upload_dir'} .= $UPLOAD_ID . '/';
if($config{'link_to_upload'} || $config{'link_to_upload_in_email'}){ $config{'path_to_upload'} .= $UPLOAD_ID . '/'; }
}
# Create upload directory if it does not exist
if(!-d $config{'upload_dir'}){ mkpath($config{'upload_dir'}, 0, 0777) or die("Failed to make $config{'upload_dir'}: $!\n"); }
# Start processing the uploaded files
for my $upload_key (keys %{$query->{'.tmpfiles'}}){
# Get the file slot name eg. 'upfile_0'
$query->{'.tmpfiles'}->{$upload_key}->{info}->{'Content-Disposition'} =~ / name="([^"]*)"/;
my $file_slot = $1;
# Get uploaded file name
my $file_name = param($file_slot);
# Get the upload file handle
my $upload_filehandle = $query->upload($file_slot);
# Get the CGI temp file name
my $tmp_filename = $query->tmpFileName($upload_filehandle);
# Get the type of file being uploaded
my $content_type = $query->uploadInfo($upload_filehandle)->{'Content-Type'};
# Strip extra path info from the file (IE). Note: Will likely cause problems with foreign languages like chinese
$file_name =~ s/.*[\/\\](.*)/$1/;
# Get the file extention
my ($f_name, $file_extension) = ($file_name =~ /(.*)\.(.+)/);
########################################################################################################
# IF you are modifying the file name with a post or config value, it may be done here.
#
# Note: Making modifications based on posted input may be unsafe. Make sure your posted input is safe!
#
# eg. $file_name = $f_name . "_" . $config{'employee_num'} . "." . $file_extension;
# eg. $file_name = $f_name . "_" . $query->param("employee_num") . "." . $file_extension;
########################################################################################################
my $allow_extensions_check = 1; # Default to pass check
my $disallow_extensions_check = 1; # Default to pass check
# Check file extension
if($config{'check_allow_extensions_on_server'}){ $allow_extensions_check = &check_file_extension($file_extension, $config{'allow_extensions'}, 1); }
if($config{'check_disallow_extensions_on_server'}){ $disallow_extensions_check = &check_file_extension($file_extension, $config{'disallow_extensions'}, 2); }
# Do not process zero length files or files with illegal extensions
if((-s $tmp_filename) && $allow_extensions_check && $disallow_extensions_check){
# Create a unique filename if config setting 'unique_filename' is enabled
if($config{'unique_file_name'}){
my $unique_file_name = generate_random_string($config{'unique_file_name_length'});
$unique_file_name = $unique_file_name . "." . $file_extension;
$file_name = $unique_file_name;
}
elsif($config{'normalize_file_names'}){ $file_name = &normalize_filename($file_name, $config{'normalize_file_delimiter'}, $config{'normalize_file_length'}); }
# Check for an existing file and rename if it already exists
if(!$config{'overwrite_existing_files'}){ $file_name = &rename_filename($file_name, 1, $config{'upload_dir'}); }
my $upload_file_path = $config{'upload_dir'} . $file_name;
# Win wants the file handle closed before transfer
close($upload_filehandle);
# Transfer uploaded file to final destination
move($tmp_filename, $upload_file_path) or copy($tmp_filename, $upload_file_path) or die("Cannot move/copy from $tmp_filename to $upload_file_path: $!");
chmod 0666, $upload_file_path;
}
else{ close($upload_filehandle); }
# Store the upload file info
$uploaded_files{$file_slot}{'file_size'} = &get_file_size($config{'upload_dir'}, $file_name);
$uploaded_files{$file_slot}{'file_name'} = $file_name;
$uploaded_files{$file_slot}{'file_type'} = $content_type;
}
# Timestamp end of upload (includes file transfer)
$end_upload = time();
# Delete the temp directory based on upload id and everything in it
rmtree($temp_dir_id, 0, 1) or warn("Failed to remove $temp_dir_id: $!\n");
# Purge old temp directories
if($config{'purge_temp_dirs'}){ &purge_ubr_dirs($TEMP_DIR, $config{'purge_temp_dirs_limit'}); }
# Log Upload
if($config{'log_uploads'}){
my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time());
$year += 1900;
$mon++;
my $log_day = $config{'log_dir'} . $year . '-' . $mon . '-' . $mday . '/';
# Create log directory if it does not exist
if(!-d $log_day){ mkpath($log_day, 0, 0777) or die("Failed to make $log_day: $!\n"); }
my $log_file = $log_day . $UPLOAD_ID . ".log";
open(LOGG, ">", "$log_file") or die("Failed to open $UPLOAD_ID.log $!\n");
my $file_handle = *LOGG;
&write_uu_file($file_handle, $start_upload, $end_upload, %config, %uploaded_files);
}
# Open redirect file
open(REDIRECT, ">", "$redirect_file") or die("Failed to open $UPLOAD_ID.redirect $!\n");
my $file_handle = *REDIRECT;
# Write redirect file
&write_uu_file($file_handle, $start_upload, $end_upload, %config, %uploaded_files);
# Append upload id to redirect url
my $redirect_url = $config{'redirect_url'} . "?upload_id=" . $UPLOAD_ID;
# Do redirect
if(!$config{'embedded_upload_results'} && ($config{'opera_browser'} || $config{'safari_browser'})){
# Deal with Opera and Safari browser limitations
$config{'redirect_using_js'} = 1;
$config{'redirect_using_html'} = 0;
$config{'redirect_using_location'} = 0;
&kak("<script language=\"javascript\" type=\"text/javascript\">top.location.href='$redirect_url';</script>", 1, __LINE__);
}
else{
if($config{'redirect_using_html'}){
print "content-type:text/html; charset=utf-8\n\n";
print "<html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"><meta http-equiv=\"refresh\" content=\"0; url='$redirect_url'\"></head><body></body></html>";
}
elsif($config{'redirect_using_js'}){
&kak("<script language=\"javascript\" type=\"text/javascript\">document.location.href='$redirect_url';</script>", 1, __LINE__);
}
elsif($config{'redirect_using_location'}){
# Uncomment next line if using Webstar V
# print "HTTP/1.1 302 Redirection\n";
print "Location: $redirect_url\n\n";
}
}
exit;
######################################################## START SUB ROUTINES ############################################################
#########################################
# Clean up the upload_id.dir and everything in it
#########################################
END{
if(-d $temp_dir_id && $remove_temp_dir){ rmtree($temp_dir_id, 0, 1) or warn("Failed to remove $temp_dir_id: $!\n"); }
}
#########################################
# Check file extension
#########################################
sub check_file_extension{
my $file_extension = shift;
my $config_extensions = shift;
my $mode = shift;
if($mode == 1){
if($file_extension =~ m/^$config_extensions$/i){ return 1; }
else{ return 0; }
}
elsif($mode == 2) {
if($file_extension !~ m/^$config_extensions$/i){ return 1; }
else{ return 0; }
}
else{ return 0; }
}
##################################################
# Get the size of the ploaded file if it exists
##################################################
sub get_file_size{
my $upload_dir = shift;
my $file_name = shift;
my $path_to_file = $upload_dir . $file_name;
my $file_size = 0;
if(-e $path_to_file && -f $path_to_file){ $file_size = -s $path_to_file; }
return $file_size;
}
####################################################
# formatBytes($file_size, 99) mixed file sizes
# formatBytes($file_size, 0) KB file sizes
# formatBytes($file_size, 1) MB file sizes etc
####################################################
sub format_bytes{
my $bytes = shift;
my $byte_format = shift;
my $byte_size = 1024;
my $i = 0;
my @byte_type = (" KB", " MB", " GB", " TB", " PB", " EB", " ZB", " YB");
$bytes /= $byte_size;
if($byte_format == 99 || $byte_format > 7){
while($bytes > $byte_size){
$bytes /= $byte_size;
$i++;
}
}
else{
while($i < $byte_format){
$bytes /= $byte_size;
$i++;
}
}
$bytes = sprintf("%1.2f", $bytes);
$bytes .= $byte_type[$i];
return $bytes;
}
############################################
# Rename uploaded file if it already exists
############################################
sub rename_filename{
my $file_name = shift;
my $count = shift;
my $upload_dir = shift;
my $path_to_file = $upload_dir . $file_name;
if(-e $path_to_file && -f $path_to_file){
if($file_name =~ /(.*)_(\d*)\.(.*)/){
# Already renamed so count on
$count = $2 + 1;
$file_name =~ s/(.*)_(\d*)\.(.*)/$1_$count\.$3/;
}
else{
# Not renamed so start counting
$file_name =~ s/(.*)\.(.*)/$1_$count\.$2/;
}
&rename_filename($file_name, $count, $upload_dir);
}
else{ return $file_name; }
}
#######################
# Normalize file name
######################
sub normalize_filename{
my $file_name = shift;
my $delimiter = shift;
my $max_file_length = shift;
$file_name =~ s/^\s+//; # Trim left
$file_name =~ s/\s+$//; # Trim right
# Check the length of the file name and cut if neseccary
if(length($file_name) > $max_file_length){ $file_name = substr($file_name, length($file_name) - $max_file_length); }
# Search and replace illegal file name characters
$file_name =~ s/[^a-zA-Z0-9\_\.\-\s]/$delimiter/g;
return $file_name;
}
#########################
# Generate Randon String
#########################
sub generate_random_string{
my $length_of_randomstring = shift;
my @chars=('a'..'z', '0'..'9');
my $random_string;
for(my $i = 0; $i < $length_of_randomstring; $i++){ $random_string .= $chars[int(rand(36))]; }
return $random_string;
}
##########################
# Parse the query string
##########################
sub parse_query_string{
my $buffer = shift;
my @pairs = split(/&/, $buffer);
my %query_string = ();
foreach my $pair (@pairs){
my ($name, $value) = split(/=/, $pair);
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$query_string{$name} = $value;
}
return %query_string;
}
##########################
# Load config file
##########################
sub load_config_file{
my $temp_dir = shift;
my $upload_id = shift;
my $config_file = $temp_dir . $upload_id . ".link";
my %config = ();
if(open(CONFIG, $config_file)){
$found_link_file = 1;
my @raw_config = <CONFIG>;
close(CONFIG);
foreach my $config_line (@raw_config){
chop($config_line);
my($config_setting, $config_value) = split(/<=>/, $config_line);
$config{$config_setting} = $config_value;
}
if($config{'delete_link_file'}){ rmtree($config_file, 0, 1) or warn("Failed to remove $config_file: $!\n"); }
}
return %config;
}
################################
# Purge old upload directories
################################
sub purge_ubr_dirs{
my $temp_dir = shift;
my $purge_temp_dirs_limit = shift;
my @upload_dirs = glob("$temp_dir*.dir");
my $now_time = time();
foreach my $upload_dir (@upload_dirs){
my $dir_time = (stat($upload_dir))[9];
if(($now_time - $dir_time) > $purge_temp_dirs_limit){ rmtree($upload_dir, 0, 1) or warn("Failed to remove $upload_dir: $!\n"); }
}
}
####################################################
# Write a XML file containing configuration upload
# and post information
####################################################
sub write_uu_file{
my $file_handle = shift;
my $start_upload = shift;
my $end_upload = shift;
my $config = shift;
my $uploaded_files = shift;
my @names = $query->param;
binmode $file_handle;
print $file_handle "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
print $file_handle "<uu_upload>\n";
print $file_handle " <config>\n";
print $file_handle " <remote_ip>$ENV{REMOTE_ADDR}<\/remote_ip>\n";
print $file_handle " <user_agent>$ENV{HTTP_USER_AGENT}<\/user_agent>\n";
print $file_handle " <start_upload>$start_upload<\/start_upload>\n";
print $file_handle " <end_upload>$end_upload<\/end_upload>\n";
for my $config_setting (keys %config){ print $file_handle " <$config_setting>$config{$config_setting}<\/$config_setting>\n"; }
print $file_handle " <\/config>\n";
print $file_handle " <post>\n";
foreach my $key (@names){
my @post_values = $query->param($key);
foreach my $post_value (@post_values){
$post_value =~ s/&/&/g;
$post_value =~ s/</</g;
$post_value =~ s/>/>/g;
$post_value =~ s/'/'/g;
$post_value =~ s/"/"/g;
$key =~ s/[^a-zA-Z0-9\_\-]//g;
print $file_handle " <$key>$post_value<\/$key>\n";
}
}
print $file_handle " <\/post>\n";
print $file_handle " <file>\n";
# Log upload file info
for my $file_slot (keys %uploaded_files){
my $file_name = $uploaded_files{$file_slot}{'file_name'};
my $file_size = $uploaded_files{$file_slot}{'file_size'};
my $file_type = $uploaded_files{$file_slot}{'file_type'};
print $file_handle " <file_upload>\n";
print $file_handle " <slot>$file_slot<\/slot>\n";
print $file_handle " <name>$file_name<\/name>\n";
print $file_handle " <size>$file_size<\/size>\n";
print $file_handle " <type>$file_type<\/type>\n";
print $file_handle " <\/file_upload>\n";
}
print $file_handle " <\/file>\n";
print $file_handle "<\/uu_upload>\n";
close($file_handle);
chmod 0666, $file_handle;
}
########################################################################
# Output a message to the screen
#
# You can use this function to debug your script.
#
# eg. &kak("The value of blarg is: " . $blarg . "<br>", 1, __LINE__);
# This will print the value of blarg and exit the script.
#
# eg. &kak("The value of blarg is: " . $blarg . "<br>", 0, __LINE__);
# This will print the value of blarg and continue the script.
########################################################################
sub kak{
my $msg = shift;
my $kak_exit = shift;
my $line = shift;
if(!$print_issued){
print "Content-type: text/html\n\n";
$print_issued = 1;
}
print "<!DOCTYPE HTML PUBLIC \"-\/\/W3C\/\/DTD HTML 4.01 Transitional\/\/EN\">\n";
print "<html>\n";
print " <head>\n";
print " <title>Uber-Uploader - Free File Upload Progress Bar<\/title>\n";
print " <meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">\n";
print " <meta http-equiv=\"Pragma\" content=\"no-cache\">\n";
print " <meta http-equiv=\"CACHE-CONTROL\" content=\"no-cache\">\n";
print " <meta http-equiv=\"expires\" content=\"-1\">\n";
print " <meta name=\"robots\" content=\"none\">\n";
print " <\/head>\n";
print " <body style=\"background-color: #EEEEEE; color: #000000; font-family: arial, helvetica, sans_serif;\">\n";
print " <br>\n";
print " <div align='center'>\n";
print " $msg\n";
print " <br>\n";
print " <!-- kak on line $line -->\n";
print " </div>\n";
print " </body>\n";
print "</html>\n";
if($kak_exit){
close(STDIN);
exit;
}
}
#####################################################################
# Print config, driver settings and 'Environment Variables' to screen
#####################################################################
sub show_debug_info{
my $uber_version = shift;
my $this_version = shift;
my $temp_dir = shift;
my $upload_id = shift;
my $config = shift;
my $msg = '';
my $perlversion = $];
my $perlos = $^O;
my $cgiversion = $CGI::VERSION;
my $filecopyversion = $File::Copy::VERSION;
my $filepathversion = $File::Path::VERSION;
$msg .= "<div align='left'>\n";
$msg .= "<u><b>UBER UPLOADER DEBUG UPLOAD<\/b><\/u><br>\n";
$msg .= "UBER UPLOADER VERSION = <b>$uber_version<\/b><br>\n";
$msg .= "UBR_UPLOAD = <b>$this_version<\/b><br>\n";
$msg .= "PERL VERSION = <b>$perlversion<\/b><br>\n";
$msg .= "PERL OS = <b>$perlos<\/b><br>\n";
$msg .= "CGI.PM VERSION = <b>$cgiversion<\/b><br>\n";
$msg .= "FILE::COPY VERSION = <b>$filecopyversion<\/b><br>\n";
$msg .= "FILE::PATH VERSION = <b>$filepathversion<\/b><br>\n";
$msg .= "<br><u><b>CONFIGURATION VARIABLES<\/b><\/u><br>\n";
# Print loaded config settings to screen
foreach my $key (sort keys(%config)){ $msg .= "$key = <b>$config{$key}<\/b><br>\n"; }
$msg .= "<br><u><b>ENVIRONMENT VARIABLES<\/b><\/u><br>\n";
# Print environment variables to screen
foreach my $key (sort keys(%ENV)){ $msg .= "$key = <b>$ENV{$key}<\/b><br>\n"; }
$msg .= "<\/div>\n";
if($config{'embedded_upload_results'} || ($config{'opera_browser'} || $config{'safari_browser'})){ $msg .= "<script language=\"javascript\" type=\"text/javascript\">parent.document.getElementById('upload_div').style.display = '';</script>\n"; }
&kak($msg, 1, __LINE__);
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well I already tried putting the following in a .htaccess file, but the error still remains :
<IfModule mod_security.c>
# Turn off mod_security filtering.
SecFilterEngine Off
</IfModule>
So currently I'm trying to find out which mod_security version I'm using.
<IfModule mod_security.c>
# Turn off mod_security filtering.
SecFilterEngine Off
</IfModule>
So currently I'm trying to find out which mod_security version I'm using.
ASKER
Yes the script uses some PHP files too, I have included the file where I set the max file size with this reply, thanks!
<?php
//******************************************************************************************************
// ATTENTION: THIS FILE HEADER MUST REMAIN INTACT. DO NOT DELETE OR MODIFY THIS FILE HEADER.
//
// Name: ubr_default_config.php
// Revision: 1.5
// Date: 3/16/2008 12:22:27 PM
// Link: http://uber-uploader.sourceforge.net
// Initial Developer: Peter Schmandra http://www.webdice.org
// Description: Configure upload options
//
// Licence:
// The contents of this file are subject to the Mozilla Public
// License Version 1.1 (the "License"); you may not use this file
// except in compliance with the License. You may obtain a copy of
// the License at http://www.mozilla.org/MPL/
//
// Software distributed under the License is distributed on an "AS
// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
// implied. See the License for the specific language governing
// rights and limitations under the License.
//********************************************************************************************************
//***************************************************************************************************************
// ATTENTION
//
// Any extra config settings added to this file will be passed through the uploader
// and can be accessed using the $_CONFIG_DATA array in the 'ubr_finished.php' file.
//***************************************************************************************************************
$_CONFIG['config_file_name'] = 'ubr_default_config'; // Name of this config file
$_CONFIG['upload_dir'] = $_SERVER['DOCUMENT_ROOT'] . '/uploads/'; // Path to upload directory
$_CONFIG['multi_upload_slots'] = 0; // Allow the user to upload more than one file at a time
$_CONFIG['max_upload_slots'] = 10; // Maximum number of files a user can upload at once
$_CONFIG['embedded_upload_results'] = 0; // Display the upload results in an iframe
$_CONFIG['check_file_name_format'] = 1; // Check the format of the file names BEFORE upload
$_CONFIG['check_null_file_count'] = 1; // Make sure the user selected at least one file to upload
$_CONFIG['check_duplicate_file_count'] = 1; // Make sure the user did not select duplicate files
$_CONFIG['show_percent_complete'] = 1; // Show percent complete info
$_CONFIG['show_files_uploaded'] = 1; // Show files uploaded info
$_CONFIG['show_current_position'] = 1; // Show current bytes uploaded info
$_CONFIG['show_elapsed_time'] = 1; // Show elapsed time info
$_CONFIG['show_est_time_left'] = 1; // Show estimated time left info
$_CONFIG['show_est_speed'] = 1; // Show estimated speed info
$_CONFIG['cedric_progress_bar'] = 1; // Enable the 'Cedric' progress bar (smooths out the progress bar and bytes uploaded)
$_CONFIG['cedric_hold_to_sync'] = 0; // Hold 'Cedric' progress bar if it races ahead of actual upload
$_CONFIG['progress_bar_width'] = 400; // The width of the progress bar in pixels (IMPORTANT, USED IN CALCULATIONS)
$_CONFIG['unique_upload_dir'] = 0; // Upload the files to a folder based on upload id inside the upload folder
$_CONFIG['unique_file_name'] = 0; // Rename the file to a unique file name
$_CONFIG['unique_file_name_length'] = 16; // Number of characters to use in the unique anme
$_CONFIG['max_upload_size'] = 52428800; // Maximum upload size (5 * 1024 * 1024 = 5242880 = 5MB)
$_CONFIG['overwrite_existing_files'] = 0; // Overwrite any existing files by the same name in the upload folder
$_CONFIG['redirect_url'] = 'http://' . $_SERVER['HTTP_HOST'] . '/process.php'; // What page to load after the upload completes
$_CONFIG['redirect_using_location'] = 1; // Redirect using perl location
$_CONFIG['redirect_using_html'] = 0; // Redirect using html
$_CONFIG['redirect_using_js'] = 0; // Redirect using javascript
$_CONFIG['check_allow_extensions_on_client'] = 0; // Check allow file extensions BEFORE upload
$_CONFIG['check_disallow_extensions_on_client'] = 1; // Check disallow file extensions BEFORE upload
$_CONFIG['check_allow_extensions_on_server'] = 0; // Checks for allow file extensions on the server
$_CONFIG['check_disallow_extensions_on_server'] = 1; // Checks for dissalow file extensions on the server
$_CONFIG['allow_extensions'] = '(zip|exe|mp3|rar|wma|wmv|mpg3|mpg|mpeg|avi|mov|jpg|jpeg|gif|bmp|png|tiff)'; // Include file extentions that are allowed to be uploaded
$_CONFIG['disallow_extensions'] = '(sh|php|php3|php4|php5|py|shtml|phtml|html|htm|asp|aspx|exe|cgi|pl|plx|htaccess|htpasswd)'; // Include file extentions that are NOT allowed to be uploaded
$_CONFIG['normalize_file_names'] = 1; // Only allows a-z A-Z 0-9 _ . - and space characters in file names
$_CONFIG['normalize_file_delimiter'] = '_'; // The character that is used as a replacement any disallowed characters in the file name
$_CONFIG['normalize_file_length'] = 92; // The maximum characters allowed in the file name
$_CONFIG['link_to_upload'] = 0; // Create a web link to the uploaded file
$_CONFIG['path_to_upload'] = 'http://'. $_SERVER['HTTP_HOST'] . '/uploads/'; // Used for a web link to the uploaded file
$_CONFIG['send_email_on_upload'] = 0; // Send an email when the upload is finished
$_CONFIG['html_email_support'] = 0; // Add html support to email
$_CONFIG['link_to_upload_in_email'] = 0; // Provide web links to uploaded files in email
$_CONFIG['email_subject'] = 'Uber File Upload'; // Subject of the email
$_CONFIG['to_email_address'] = 'email1@yoursite.com,email2@yoursite.com'; // To Email addresses
$_CONFIG['from_email_address'] = 'admin@yoursite.com'; // From email address
$_CONFIG['log_uploads'] = 0; // Log all uploads
$_CONFIG['log_dir'] = '/tmp/ubr_logs/'; // Path to log directory
$_CONFIG['opera_browser'] = (strstr(getenv("HTTP_USER_AGENT"), "Opera")) ? 1 : 0; // Track Opera browser ( must unfortunately post to iframe )
$_CONFIG['safari_browser'] = (strstr(getenv("HTTP_USER_AGENT"), "Safari")) ? 1 : 0; // Track Safari browser ( must unfortunately post to iframe )
?>
I had the same problem today (coincidence?) with uber uploader and the solution was to disable mod_security. I am using mod_security 2 and wasn't able to disable it from the .htaccess file, so had to disable it from the httpd.conf file. To disable in .htaccess file I tried the following but it caused " 500 Internal Server Error".
<IfModule mod_security.c>
# Turn off mod_security filtering.
SecRuleEngine Off
</IfModule>
Which version of Apache are you using? If you are using Apache 2.x then you are using mod_security 2.
<IfModule mod_security.c>
# Turn off mod_security filtering.
SecRuleEngine Off
</IfModule>
Which version of Apache are you using? If you are using Apache 2.x then you are using mod_security 2.
ASKER
Ok, it is mod_security causing this issue.
I'm using Apache 2 with Mod_Security 2.5.7 and after it's disabled the problem isn't happening anymore.
Additionally, if you write:
SecFilterEngine Off
SecFilterScanPOST Off
Into your .htaccess file, you can turn off mod_security for that particular directory. See if that helped prevent the 500 error.
I'm using Apache 2 with Mod_Security 2.5.7 and after it's disabled the problem isn't happening anymore.
Additionally, if you write:
SecFilterEngine Off
SecFilterScanPOST Off
Into your .htaccess file, you can turn off mod_security for that particular directory. See if that helped prevent the 500 error.
"SecFilterEngine Off" didn't work for me. It also caused "500 Internal Server Error". But good to know that it works for you. :D
ASKER
Well if it's possible you can just comment out Mod_Security in httpd.conf and that's what I did.
Thanks for your help.
Thanks for your help.
If you comment out mod_security in httpd.conf file that will disable mod_security entirely. Not a good idea to do that. But if you have only one site in your server, then its okay I guess. I am still testing my script, so using it on a sub domain and have disabled mod_security for that particular sub domain only. Later I will have to find out how to disable it for the particular directory which contains ubr_upload.pl only.
ASKER
Http://FileDeck.net
Thanks again.