Keeping track of php uploads

[opencombatclan]

Hello all.

 

I was looking at the way PHP handles file uploads.

It seems that PHP uses a temporarily directory and file name for file uploads.

e.g. /var/www/virtual/SITE/phptmp/phpMhOniL

 

This file is deleted/moved straight after the upload finished.

Now I was wondering what this file looks like, so I decided to log on with filezilla, navigate to that dir, upload a HUGE file with php (takes a lot of time), and then refresh the directory listing in filezilla.

 

To my suprise: No file to be found... (exept for some sessions)

 

How is this possible?

How can the move_uploaded_file function work, while I cant find the file?

 

I hope someone can help me out.

[opencombatclan]

Anyone? Because I can't figure this out...

[premiso]

I take it that you are looking at the tmp directory of PHP through filezilla, if so, the reason you cannot see the file is it is being moved and or deleted after the script is done processing. PHP only stores the file temporarily for the duration of the script life or until it is moved. Once the script ends, if the file was not moved it is deleted.

[opencombatclan]

"PHP only stores the file temporarily for the duration of the script life or until it is moved."

Euhm, thats the problem. I am uploading 160mb, takes 10min for me, and still NO temp php file (php exec limit is high enough).

(I am looking with filezilla at the temp directory WHILE i am uploading)

 

How is this possible?

[premiso]

I am not 100% how PHP does handle file uploads and why you cannot view them, but you can put a sleep function before you move the file, say a 60 second sleep (be sure to set the set_time_limit to 90 so the script does not time out. Using this method you can upload a very small file and you should be able to see it. within those 60 seconds.

 

It could possibly be that the file is created as a "hidden" file and the FTP does not show those, I do not know. But try the above and see if you can see it then. Alternatively, you can look at the PHP Manual for Handling POST Uploads if you have not already to find out more information.

[opencombatclan]

I did what you said, and guess what.

 

The php uploading process goes as follows:

1. Client uploads file

2. When php received the FULL file (all bytes) it creates the temp file

3. Move_uploaded_file() moves that file almost a split second later

4. The temp file is deleted if move failed

 

So now I have a new question.

Where is the file between step 1-2

Where is the REAL php temp dir which is used during uploads.

Or does it store the file in its memory or so?

 

[PFMaBiSmAd]

It's the web server that processes the file while it is being uploaded. The web server only invokes the .php file that is the target of the upload once the request has been received (i.e. the whole file has been uploaded.)

 

It's likely the size of the file you are trying is small enough that it is being entirely held in the disk cache in memory while the web server is receiving it. You might try a larger file.

 

Why exactly do you need to know this?

[opencombatclan]

I wanted to be able to count how many files are uploaded at a certain moment. (real time)

Isn't it possible to somehow tell php to write its buffer to the disk every 2 seconds?

[PFMaBiSmAd]

Here is some information I just found out by testing under Windows -

 

If the CONTENT_LENGTH header (it's the sum of the size of all files under one form submission) of the file(s) being uploaded is greater than either the post_max_size or upload_max_filesize setting, then the temp file(s) is(are) not written to the temporary directory. When the CONTENT_LENGTH of the file(s) being uploaded is less then both those settings, the files are written to the temp folder as they are being uploaded.