NLCJ Posted December 28, 2010 Share Posted December 28, 2010 Hello, I created a script at my server, but would like to upload files to my other server. The website runs on server 1 and the upload form on server 2. I want to include the file of server 2 at the page at server 1; I've tried: include("http://ipaddress/upload.php"); Sadly, this doesn't work. I get the error: URL file-access is disabled in the server configuration in Is there another way to do it? Or should I change the php.ini and allow this (why isn't it allowed by default? What are the risks?). iFrames aren't what I need here. Thanks, NLCJ Link to comment https://forums.phpfreaks.com/topic/222821-php-include/ Share on other sites More sharing options...
johnny86 Posted December 28, 2010 Share Posted December 28, 2010 I think you should just copy the files you need to the other server too. Is there something wrong with that? Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152130 Share on other sites More sharing options...
desjardins2010 Posted December 28, 2010 Share Posted December 28, 2010 No, for this you would need to give access. You cannot fetch a file from server to server without security issues being present! Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152132 Share on other sites More sharing options...
NLCJ Posted December 28, 2010 Author Share Posted December 28, 2010 I think you should just copy the files you need to the other server too. Is there something wrong with that? That other server is located here at home, with a 10Mbit uplink. I don't think that that is fast enough to handle the traffic that we expect. @desjardins2010; What are the risks if I enable this feature? I can't think of some evil events... Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152133 Share on other sites More sharing options...
PHPTOM Posted December 28, 2010 Share Posted December 28, 2010 Security reasons. To the other server you could be a malicious hacker. Best way IMO is to do all the logic on server 1 as to whether to upload or not, then use PHP's FTP functions to upload it to server 2. Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152134 Share on other sites More sharing options...
NLCJ Posted December 28, 2010 Author Share Posted December 28, 2010 Security reasons. To the other server you could be a malicious hacker. Best way IMO is to do all the logic on server 1 as to whether to upload or not, then use PHP's FTP functions to upload it. I've thought of that, the problem though is that files can be up to 5GB in size. If I change the php.ini to allow such big files I think all other (internet) 'friends' may abuse it, that's why I started the home server. Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152135 Share on other sites More sharing options...
PHPTOM Posted December 28, 2010 Share Posted December 28, 2010 Security reasons. To the other server you could be a malicious hacker. Best way IMO is to do all the logic on server 1 as to whether to upload or not, then use PHP's FTP functions to upload it. I've thought of that, the problem though is that files can be up to 5GB in size. If I change the php.ini to allow such big files I think all other (internet) 'friends' may abuse it, that's why I started the home server. Well protect the page with some kind of username/password? Even htaccess would suffice if it is a small time thing. Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152138 Share on other sites More sharing options...
NLCJ Posted December 28, 2010 Author Share Posted December 28, 2010 Security reasons. To the other server you could be a malicious hacker. Best way IMO is to do all the logic on server 1 as to whether to upload or not, then use PHP's FTP functions to upload it. I've thought of that, the problem though is that files can be up to 5GB in size. If I change the php.ini to allow such big files I think all other (internet) 'friends' may abuse it, that's why I started the home server. Well protect the page with some kind of username/password? Even htaccess would suffice if it is a small time thing. I mean that those internetfriends might abuse it with their scripts, they got an account on my dedicated server. Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152139 Share on other sites More sharing options...
PHPTOM Posted December 28, 2010 Share Posted December 28, 2010 Well, presuming you are using Apache and virtual hosts for the different websites on your server.. you could just change the ini for your virtual host? Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152140 Share on other sites More sharing options...
NLCJ Posted December 28, 2010 Author Share Posted December 28, 2010 Well, presuming you are using Apache and virtual hosts for the different websites on your server.. you could just change the ini for your virtual host? I've got a cPanel license, and those users all got an account over there. As far as I know it's not possible to create a seperate php.ini for one user. Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152142 Share on other sites More sharing options...
BlueSkyIS Posted December 28, 2010 Share Posted December 28, 2010 on a cpanel-hosted site, you can typically use php.ini in the web document_root, or alternatively set the values in .htaccess Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152153 Share on other sites More sharing options...
NLCJ Posted December 28, 2010 Author Share Posted December 28, 2010 on a cpanel-hosted site, you can typically use php.ini in the web document_root, or alternatively set the values in .htaccess Interesting, so basically every user can bypass these limits set in cPanel? Ah well, as long as they don't discover it... Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152156 Share on other sites More sharing options...
BlueSkyIS Posted December 28, 2010 Share Posted December 28, 2010 -> typically <- depends on primary PHP configuration. and TYPICALLY the user can only modify a select collection of values. Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152158 Share on other sites More sharing options...
NLCJ Posted December 28, 2010 Author Share Posted December 28, 2010 Okay, so I manually set the values in a .htaccess file: php_value upload_max_filesize 5120M php_value post_max_size 5120M php_value max_execution_time 65536 php_value max_input_time 65536 Looking at phpinfo it says Local Value like those above, and master value set in cPanel. That makes sense, but what is 'higher'. Does it look at the cPanel limits? Because I still cannot upload files bigger than the limit set in cPanel. Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1152165 Share on other sites More sharing options...
NLCJ Posted January 6, 2011 Author Share Posted January 6, 2011 In my opinion it is better if I place the upload script at my homeserver, I will disable that security thing. There are no very important files on that server, and still can't think of anything bad that can happen... Thanks for your advices though, I still learned from it. Link to comment https://forums.phpfreaks.com/topic/222821-php-include/#findComment-1155463 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.