The MAX_FILE_SIZE item cannot
specify a file size greater than the file size that has been
set in the
upload_max_filesize ini-setting. The default is 2
Megabytes.
If memory limit is enabled, larger
memory_limit may be needed. Make sure to set
memory_limit large enough.
If
max_execution_time is set too small, script execution may
be exceeded the value. Make sure to set
max_execution_time large enough.
If
post_max_size set too small, large files cannot be
uploaded. Make sure to set
post_max_size large enough.
Not validating which file you operate on may mean that
users can access sensitive information in other
directories.
Please note that the CERN httpd seems to strip off
everything starting at the first whitespace in the
content-type mime header it gets from the client. As long as
this is the case, CERN httpd will not support the file upload
feature.
Due to the large amount of directory listing styles we
cannot guarantee that files with exotic names (like
containing spaces) are handled properly.