Letting users upload files to your server can be very risky. If you’re not careful, you could get users uploading all sorts of files which could be harmful for out of disk and tons of virus in your server.
Let’s go into very interesting topic of tmp folder
/tmp folder gets cleared on shutdown or boot time but never effect in runtime. Even if /tmp is getting cleared at runtime any decent script wouldn’t delete a file that new.
check the script timeout settings in phpinfo(). PHP may be terminating the script because its taking too long to upload (ie, the script is taking too long to execute).
Timeouts Connection: 300 – Keep-Alive: 5
default_socket_timeout 60 60
Set upload_tmp_dir to a folder that is:
You can set upload_tmp_dir in the php.ini file:
Set upload_tmp_dir to a safe location
upload_tmp_dir = /var/www/foo.bar/sessions
The setting can also be applied in apache’s httpd.conf file, or an .htaccess file:
# Set upload_tmp_dir to a safe location
php_value upload_tmp_dir /var/www/foo.bar/sessions