Category: PHP

How to Change File Upload Size in Ubuntu via php.ini

Learn how to increase the file upload limit on Ubuntu by editing the php.ini file. Follow this easy guide to update post_max_size and upload_max_filesize.

On Ubuntu server, maximal file size upload limit in php scripts is set to 2Mb as default.  There may be different filesize updated later in php.ini which is not sufficient to upload large database backup in phpMyAdmin.

In order to change that, two things are important,

  • Current upload_max_filesize value
  • Current location of php.ini file

To find current upload_max_filesize value, create a file called ‘pinfo.php’ at your webserver root folder with following content:

phpinfo();

Now, open recently created file in browser via http://localhost/pinfo.php (replace localhost with the servername if necessary) and look for the line

upload_max_filesize 2M

which will show you the actual maximum file size.

To change the upload_max_filesize value, open php.ini file from the location provided in information displayed from pinfo.php file. If php.ini file location is/etc/php5/apache2/php.ini, then open a ssh connection to your server and edit the file /etc/php5/apache2/php.ini as follows

sudo nano /etc/php5/apache2/php.ini

search for “upload_max_filesize” with Ctrl-W and change “2M” to “20M”. Save the file with Ctrl-O and exit with Ctrl-X. Restart the apache server with

sudo /etc/init.d/apache2 restart

and visit again http://localhost/info.php to check if the maximum file size was changed.

There is another way to change upload_max_filesize value for specific project or website only.

If you enabled mod_rewrite you can also put this to your .htaccess file:

php_value upload_max_filesize = 16G
php_value post_max_size = 16G

So, upload_max_filesize value in php.ini file can be changed using .htaccess for project specific and from php.ini file itself for whole server specific.

How to Get Response Headers Using file_get_contents in PHP

Learn how to retrieve HTTP response headers using file_get_contents in PHP. A practical guide with examples for handling headers efficiently.

file_get_contents() is the preferred way to read the contents of a file into a string. It will use memory mapping techniques if supported by your OS to enhance performance.

A URL can be used as a filename with this function if the fopen wrappers have been enabled.

But, reading URL becomes difficult to identify that URL is not available. And if URL is not available, it’s also difficult to process that URL. So, it is necessary that there is a response for every request fired by file_get_contents() for any URL.

PHP has a predefined variable named $http_response_header, which provides a response header for any HTTP request sent by PHP code.

For Example,

file_get_contents("http://example.com");
var_dump($http_response_header);

The above example will output something similar to:

array(9) {
  [0]=>
  string(15) "HTTP/1.1 200 OK"
  [1]=>
  string(35) "Date: Sat, 12 Apr 2008 17:30:38 GMT"
  [2]=>
  string(29) "Server: Apache/2.2.3 (CentOS)"
  [3]=>
  string(44) "Last-Modified: Tue, 15 Nov 2005 13:24:10 GMT"
  [4]=>
  string(27) "ETag: "280100-1b6-80bfd280""
  [5]=>
  string(20) "Accept-Ranges: bytes"
  [6]=>
  string(19) "Content-Length: 438"
  [7]=>
  string(17) "Connection: close"
  [8]=>
  string(38) "Content-Type: text/html; charset=UTF-8"
}

Note that the HTTP wrapper has a hard limit of 1024 characters for the header lines.
Any HTTP header received that is longer than this will be ignored and won’t appear in $http_response_header.

The cURL extension doesn’t have this limit.

How to Find YouTube Video ID from Any YouTube URL

Learn how to extract the YouTube video ID from different types of YouTube URLs using simple methods and regex examples. Ideal for developers and marketers.

YouTube has so many types of URLs to embed the video on your site. Sometimes it’s difficult to find a single regular expression to parse all type of YouTube URL and retrieve the video ID from it.

To retrieve the video ID from the YouTube URL, use this function,

function getVideoID($url) {
    $pattern = '#^(?:https?://)?(?:www\.)?(?:youtu\.be/|youtube\.com(?:/embed/|/v/|/watch\?v=|/watch\?.+&v=))([\w-]{11})(?:.+)?$#x';
    preg_match($pattern, $url, $matches);
    return (isset($matches[1])) ? $matches[1] : false;
}

Regular Expression explanation is as follows,

$pattern = '#^(?:https?://)?';    # Either http or https.
$pattern .= '(?:www\.)?';         #  Optional, www subdomain.
$pattern .= '(?:';                #  Group host alternatives:
$pattern .=   'youtu\.be/';       #    Either youtu.be,
$pattern .=   '|youtube\.com';    #    or youtube.com
$pattern .=   '(?:';              #    Group path alternatives:
$pattern .=     '/embed/';        #      Either /embed/,
$pattern .=     '|/v/';           #      or /v/,
$pattern .=     '|/watch\?v=';    #      or /watch?v=,    
$pattern .=     '|/watch\?.+&v='; #      or /watch?other_param&v=
$pattern .=   ')';                #    End path alternatives.
$pattern .= ')';                  #  End host alternatives.
$pattern .= '([\w-]{11})';        # Youtube video ids with standard length of 11 chars.
$pattern .= '(?:.+)?$#x';         # Optional other ending URL parameters.

SPF Record for Outgoing Mails: What It Is and How to Set It Up

Learn what an SPF record is, why it’s essential for email deliverability, and how to configure it properly for sending outgoing emails from your domain.

SPF record is used to accurately calculate the reputations of envelope-sender domains and mailservers by mailbox-providers. It works as follows: If many users flag emails as spam from example.com, then SPF allows the mailbox-provider to more accurately say that, “example.com is a spammer”, because the SPF record of example.com is used to identify it as a spam. Conversely, if any user flag spoofed email as spam from example.com, then SPF allows the mailbox-providers to maintain the good reputation for example.com and makes the email flow normal. So, we should always use SPF to make spam filtering more accurate.

As a PHP developer, everyone familiars with the PHP mail (http://php.net/manual/en/function.mail.php) function, which is used for sending emails. But, one can’t send email using SMTP authentication using this mail function. This makes most outgoing emails caught by spam-filters because of the SPF (Sender Policy Framework) check.

An important thing about SPF is that, it only performs checks on the envelope sender (Return-Path header), not on the user-visible from header. You can read about this at http://www.openspf.org/FAQ/Envelope_from_scope.

In most of the application, we use PHP’s mail function. If we check the outgoing mail header sent using the mail function, we can see that the envelope sender (Return-Path header) is a common address of the server or localhost even if you provide the From header of your domain to the mail.

So, when SPF checks performed by mailserver, it checks only the envelope sender which is a common address of the server or localhost and ignoring the from address, which is a genuine email address of the domain. So, our SPF record will be ignored. And, the server may not have an SPF record. In such case mail server detect a softfail. If you notice in Gmail, it identifies such softfail with phrase “best guess record”. Gmail uses a heuristic system to create best-guess SPF records for domains that don’t use SPF. For more details, go to http://www.ceas.cc/2006/19.pdf

As Gmail is using a best-guess records for server/domains that don’t have an SPF record, this guess is sometimes wrong, which cause a softfail. If your mail is being routed through a new mailserver, which may not add to the best-guess SPF records by Gmail, then we can see the softfail disappear after a while.

There is some basic solution to avoid softfails due to SPF record.

One solution would be to use SMTP mailer instead of PHP’s simple mail function. There are many SMTP mailer classes available free, like PHPMailer. SMTP mailer is directly talking to the mail server, so it can set the envelope-sender to be same as the From address. You can also specify the envelope-sender while using SMTP mailer.

Alternatively, we can also use Google’s SMTP (smtp.google.com) to send outgoing mails using Google’s username and password. In this case, we have to simplify our SPF record to identify Google by adding “include:_spf.google.com ~all”.

But, if we have already used a PHP’s mail function throughout the application, and switching to SMTP mailer requires so much time and effort, we can still set an envelope-sender using PHP’s mail function. To set the envelope-sender, use sendmail’s -f/-F command as a fifth additional-options parameter of the PHP’s mail function.

PHP Code:

mail("user@example.com",  "test subject",  "test message",  $headers,  "-F 'Example  Envelope-sender' -f returnpath@example.com");

We can use any of domain email addresses or from address instead of returnpath@example.com in the above code snippet.

There may be other solutions to achieve this. The key is to set the envelope-sender (Return-Path) to the email address of the domain.