Jump to content

PHP Include


NLCJ

Recommended Posts

Hello,

I created a script at my server, but would like to upload files to my other server. The website runs on server 1 and the upload form on server 2. I want to include the file of server 2 at the page at server 1; I've tried:

include("http://ipaddress/upload.php");

Sadly, this doesn't work. I get the error:

URL file-access is disabled in the server configuration in

Is there another way to do it? Or should I change the php.ini and allow this (why isn't it allowed by default? What are the risks?).

 

iFrames aren't what I need here.

 

Thanks,

NLCJ

Link to comment
Share on other sites

I think you should just copy the files you need to the other server too. Is there something wrong with that?

That other server is located here at home, with a 10Mbit uplink. I don't think that that is fast enough to handle the traffic that we expect.

 

@desjardins2010;

What are the risks if I enable this feature? I can't think of some evil events...

Link to comment
Share on other sites

Security reasons. To the other server you could be a malicious hacker. Best way IMO is to do all the logic on server 1 as to whether to upload or not, then use PHP's FTP functions to upload it.

I've thought of that, the problem though is that files can be up to 5GB in size. If I change the php.ini to allow such big files I think all other (internet) 'friends' may abuse it, that's why I started the home server.

Link to comment
Share on other sites

Security reasons. To the other server you could be a malicious hacker. Best way IMO is to do all the logic on server 1 as to whether to upload or not, then use PHP's FTP functions to upload it.

I've thought of that, the problem though is that files can be up to 5GB in size. If I change the php.ini to allow such big files I think all other (internet) 'friends' may abuse it, that's why I started the home server.

 

Well protect the page with some kind of username/password? Even htaccess would suffice if it is a small time thing.

Link to comment
Share on other sites

Security reasons. To the other server you could be a malicious hacker. Best way IMO is to do all the logic on server 1 as to whether to upload or not, then use PHP's FTP functions to upload it.

I've thought of that, the problem though is that files can be up to 5GB in size. If I change the php.ini to allow such big files I think all other (internet) 'friends' may abuse it, that's why I started the home server.

 

Well protect the page with some kind of username/password? Even htaccess would suffice if it is a small time thing.

 

I mean that those internetfriends might abuse it with their scripts, they got an account on my dedicated server.

Link to comment
Share on other sites

Well, presuming you are using Apache and virtual hosts for the different websites on your server.. you could just change the ini for your virtual host?

I've got a cPanel license, and those users all got an account over there. As far as I know it's not possible to create a seperate php.ini for one user.

Link to comment
Share on other sites

on a cpanel-hosted site, you can typically use php.ini in the web document_root, or alternatively set the values in .htaccess

Interesting, so basically every user can bypass these limits set in cPanel? Ah well, as long as they don't discover it...

Link to comment
Share on other sites

Okay, so I manually set the values in a .htaccess file:

php_value upload_max_filesize 5120M
php_value post_max_size 5120M
php_value max_execution_time 65536
php_value max_input_time 65536

Looking at phpinfo it says Local Value like those above, and master value set in cPanel. That makes sense, but what is 'higher'. Does it look at the cPanel limits? Because I still cannot upload files bigger than the limit set in cPanel.

Link to comment
Share on other sites

  • 2 weeks later...

In my opinion it is better if I place the upload script at my homeserver, I will disable that security thing. There are no very important files on that server, and still can't think of anything bad that can happen...

 

Thanks for your advices though, I still learned from it. ;)

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.