PHP file uploads being “hijacked” by partial uploads

Question

I have a site that is receiving 30-40k photo uploads a day and I\'ve been seeing an issue pop up with more frequency now. This issue is this:

Our upload script recei

Answer 1

PHP's built-in file handling does not support partial uploads.

Turn off KeepAlives and/or send a 'Connection: close' header after each upload.

Configure your webserver to send the header 'Allow-Ranges: none'.

Answer 2

First off, check you PHP version.

Second, check your file upload limits and POST_MAX_SIZE in php.ini

It might just be that someone tries to upload a file that's too large :-)

Answer 3

Can you try different names for the temp file to avoid its being overwritten? Can you identify the origin of the new, incorrect and incomplete file?

Is this a development environment? Is it possible that more than one user is uploading files at the same time?

Try your program with very small images to check if SchizoDuckie is correct about filesize problems.

Try with different navigators to eliminate the admittedly remote possibility that it is a local problem.

Check permissions on the directory where the temp file is stored.