使用 PHP 上传非常大的文件
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/864570/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Very large uploads with PHP
提问by Evert
I want to allow uploads of very large files into our PHP application (hundred of megs - 8 gigs). There are a couple of problems with this however.
我想允许将非常大的文件上传到我们的 PHP 应用程序中(数百兆 - 8 演出)。然而,这有几个问题。
Browser:
浏览器:
- HTML uploads have crappy feedback, we need to either poll for progress (which is a bit silly) or show no feedback at all
- Flash uploader puts entire file into memory before starting the upload
- HTML 上传有糟糕的反馈,我们需要轮询进度(这有点傻)或根本不显示反馈
- Flash 上传器在开始上传之前将整个文件放入内存中
Server:
服务器:
- PHP forces us to set post_max_size, which could result in an easily exploitable DOS attack. I'd like to not set this setting globally.
- The server also requires some other variables to be there in the POST vars, such as an secret key. We'd like to be able to refuse the request right away, instead of after the entire file is uploaded.
- PHP 强制我们设置 post_max_size,这可能导致容易被利用的 DOS 攻击。我不想全局设置此设置。
- 服务器还需要一些其他变量存在于 POST 变量中,例如密钥。我们希望能够立即拒绝请求,而不是在整个文件上传之后。
Requirements:
要求:
- HTTP is a must.
- I'm flexible with client-side technology, as long as it works in a browser.
- PHP is not a requirement, if there's some other technology that will work well on a linux environment, that's perfectly cool.
- HTTP 是必须的。
- 我对客户端技术很灵活,只要它在浏览器中工作。
- PHP 不是必需的,如果有其他一些技术可以在 linux 环境中很好地工作,那就太酷了。
采纳答案by Marc W
How about a Java applet? That's how we had to do it at a company I previously worked for. I know applets suck, especially in this day and age with all our options available, but they really are the most versatile solution to desktop-like problems encountered in web development. Just something to consider.
Java小程序怎么样?这就是我们在我以前工作过的公司必须这样做的方式。我知道小程序很糟糕,尤其是在这个时代,我们有所有可用的选项,但对于 Web 开发中遇到的类似桌面的问题,它们确实是最通用的解决方案。只是需要考虑的事情。
回答by Frank Farmer
upload_max_filesize can be set on a per-directory basis; the same goes for post_max_size
可以在每个目录的基础上设置 upload_max_filesize ;post_max_size 也是如此
e.g.:
例如:
<Directory /uploadpath/>
php_value upload_max_filesize 10G
php_value post_max_size 10G
</IfModule>
回答by Filkor
It's old I know, but maybe someone have this problem nowdays ,too. Now you can do this with only Javascript and, say, PHP. No Flash or Java required on client side.
我知道它很老了,但也许现在有人也有这个问题。现在,您可以仅使用 Javascript 和 PHP 来完成此操作。客户端不需要 Flash 或 Java。
demo: http://dnduploader.filkor.org/
演示:http: //dnduploader.filkor.org/
The idea is to slice the files with Javascript's Blob slice() method...
这个想法是使用 Javascript 的 Blob slice() 方法对文件进行切片......
回答by Aiden Bell
Python Handler?
Python 处理程序?
Using a Python POST handler instead of PHP. Generate a unique identifier from your PHP app that the client can put in the HTTP headers. With mod_python to reject or accept the large upload before the entire POST body is transmitted.
使用 Python POST 处理程序而不是 PHP。从您的 PHP 应用程序生成一个唯一标识符,客户端可以将其放入 HTTP 标头中。使用 mod_python 在整个 POST 正文传输之前拒绝或接受大型上传。
I think http://www.modpython.org/live/current/doc-html/dir-handlers-hph.html
我认为 http://www.modpython.org/live/current/doc-html/dir-handlers-hph.html
Allows you to check headers and decline the rest of the POST input. I haven't tried it but might be the right path?
允许您检查标题并拒绝其余的 POST 输入。我还没有尝试过,但可能是正确的道路?
Looking at the source of mod_python, the buffering of the input via read() seems to allow bit-at-a-time evaluation of the HTTP input. Headers are first.
查看 mod_python 的来源,通过 read() 对输入的缓冲似乎允许对 HTTP 输入进行一次位评估。标题是第一位的。
https://svn.apache.org/repos/asf/quetzalcoatl/mod_python/trunk/src/filterobject.c
https://svn.apache.org/repos/asf/quetzalcoatl/mod_python/trunk/src/filterobject.c
回答by acrosman
You can set the post_max_size for just scripts in 1 directory. Place your upload script there, and allow only that script to handle large sizes. It's still possible for that script to be attacked with large/useless files, but it avoids setting it globally.
您可以为 1 个目录中的脚本设置 post_max_size。将您的上传脚本放在那里,并只允许该脚本处理大尺寸。该脚本仍有可能受到大文件/无用文件的攻击,但它避免了全局设置。
Use that with APC and you might be able to work out something good: IBM Developer works article on APC
将它与 APC 结合使用,您可能会做出一些不错的事情: IBM 开发人员在 APC 上的工作文章
回答by MichaelICE
Tried all of this... this is by far the best I have used yet...
尝试了所有这些......这是迄今为止我用过的最好的......
回答by Johan
Take a look at jumploader.com
A good java-applet for uploading.
一个很好的用于上传的java小程序。
I've used it for uploading images and it works fine. Haven't tried with bigger files than 10MB, but i should work for really big files too.
我用它来上传图片,效果很好。还没有尝试过大于 10MB 的文件,但我也应该处理非常大的文件。
回答by Phill Pafford
I would look into FTP, SSH or SCPthis allows you to upload a large file and still have access control over the file as well. This might take a little longer to implement but its probably the most secure way I could think of.
我会研究FTP、SSH 或 SCP,这允许您上传大文件,并且仍然可以对文件进行访问控制。这可能需要更长的时间来实现,但它可能是我能想到的最安全的方法。
回答by Peter D
Have you looked into using APC to check the progress and total file size. Here is a good blog postabout it. It might help.
回答by Aiden Bell
Maybe you could use Webdav and Javascript in the browser
也许你可以在浏览器中使用 Webdav 和 Javascript
AJAX Big file upload, with progress, to WebDAV
AJAX 大文件上传,有进展,到 WebDAV
http://www.webdavsystem.com/ajax/programming/upload_progress
http://www.webdavsystem.com/ajax/programming/upload_progress
A simple library
一个简单的图书馆
http://debris.demon.nl/projects/davclient.js/doc/README.html
http://debris.demon.nl/projects/davclient.js/doc/README.html
You can then get the JS to redirect the user to a success page. Secret keys and what-not can be handled in a PHP prelude before handing off the JS Client->WebDAV
然后,您可以让 JS 将用户重定向到成功页面。在移交 JS Client->WebDAV 之前,可以在 PHP prelude 中处理秘密密钥和其他东西
