Question
I have a website hosted on a machine that I cannot directly access. My site includes a PHP upload form that allows users to upload MP3 files up to 30 MB.
However, each time I try to upload a file, I get an error saying the file exceeds the maximum allowed size. I need to increase that limit.
I found suggestions online to modify the .htaccess file, but I do not have access to that file. I also tried placing a custom php.ini file in the project root, but that did not work.
Are there any other ways to increase the maximum upload file size in PHP when server configuration access is limited?
Short Answer
By the end of this page, you will understand which PHP settings control file upload limits, why changing your form alone is not enough, and what your options are when you do not have access to server configuration files such as php.ini or .htaccess. You will also learn how to detect upload errors in PHP and build safer upload handling code.
Concept
PHP file uploads are controlled by server configuration, not just by your HTML form or PHP script.
When a user uploads a file, several limits may block it before your script can process it:
upload_max_filesize— the maximum size allowed for a single uploaded filepost_max_size— the maximum total size of the entire POST requestmax_file_uploads— how many files may be uploaded at oncememory_limit— sometimes relevant if your script reads large files into memory- web server limits — Apache, Nginx, or hosting panel settings may also impose limits
For a 30 MB upload to work, both of these must be large enough:
upload_max_filesizemust be at least30Mpost_max_sizemust be larger than30M, because the request includes file data plus form fields and request overhead
A common setup would be:
upload_max_filesize = 30M
post_max_size = 32M
or slightly higher.
Why this matters in real programming:
- File uploads are common in apps that accept images, audio, PDFs, and backups.
- Upload failures are often caused by infrastructure settings, not code bugs.
- If you do not know where the limit is enforced, you can waste time changing the wrong file.
In your situation, the key idea is this:
Mental Model
Think of a file upload like bringing a package into a building.
- Your HTML form is the delivery label.
- Your PHP script is the employee inside the office.
- PHP configuration and web server settings are the security desk at the entrance.
If security says, "No packages over 8 MB," the employee inside never even gets the package. That means your PHP code cannot fix the problem after the upload has already been rejected.
So if the package is blocked at the entrance, you must change the building rules—or ask the person who controls them to do it.
Syntax and Examples
The HTML form can suggest a limit, but it does not override PHP server limits.
<form action="upload.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="31457280">
<input type="file" name="audio">
<button type="submit">Upload</button>
</form>
MAX_FILE_SIZE is optional and only acts as a client-side hint. It does not bypass PHP configuration.
A basic PHP upload handler looks like this:
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!isset($_FILES[])) {
();
}
([][] !== UPLOAD_ERR_OK) {
( . [][]);
}
= * * ;
([][] > ) {
();
}
= . . ([][]);
(([][], )) {
;
} {
;
}
}
Step by Step Execution
Consider this PHP code:
<?php
echo 'upload_max_filesize: ' . ini_get('upload_max_filesize') . "\n";
echo 'post_max_size: ' . ini_get('post_max_size') . "\n";
if (!isset($_FILES['audio'])) {
exit('No file received.');
}
if ($_FILES['audio']['error'] === UPLOAD_ERR_INI_SIZE) {
exit('The uploaded file exceeds the server upload limit.');
}
echo 'File arrived at the script.';
Now trace what happens:
- The browser sends the form and file to the server.
- Before your main PHP upload logic runs, PHP checks request limits.
- If the file is larger than
upload_max_filesizeor the full request exceedspost_max_size, PHP marks the upload as failed. - Your script starts running.
ini_get()prints the configured limits.$_FILES['audio']may exist, but its value can indicate a size failure.
Real World Use Cases
File upload limits matter in many real applications:
- Music platforms: uploading MP3, WAV, or demo tracks
- Image galleries: large photos from phones or cameras
- Document systems: PDFs, resumes, invoices, contracts
- Admin dashboards: importing CSV exports or backup files
- APIs: receiving media from mobile apps
Typical practical needs:
- Limit avatars to 2 MB
- Allow product images up to 10 MB
- Allow audio uploads up to 30 MB
- Allow video uploads up to 100 MB or more
In all these cases, developers must align:
- frontend expectations
- PHP settings
- web server settings
- disk space and storage strategy
- validation and security rules
A common mistake is setting a 30 MB limit in the form or script, while the server still allows only 2 MB.
Real Codebase Usage
In real projects, developers usually treat upload size handling as part of a broader upload pipeline.
Common patterns include:
Validation before storage
Check:
- upload error codes
- MIME type
- extension
- file size
- destination path
<?php
if ($_FILES['audio']['error'] !== UPLOAD_ERR_OK) {
throw new RuntimeException('Upload failed.');
}
$allowedTypes = ['audio/mpeg'];
if (!in_array($_FILES['audio']['type'], $allowedTypes, true)) {
throw new RuntimeException('Invalid file type.');
}
Guard clauses
Developers often return early when upload conditions fail.
<?php
if (!isset($_FILES['audio'])) {
exit('Missing file.');
}
([][] !== UPLOAD_ERR_OK) {
();
}
Common Mistakes
Here are common beginner mistakes when dealing with PHP upload limits.
1. Assuming the HTML form controls the real limit
Broken assumption:
<input type="hidden" name="MAX_FILE_SIZE" value="31457280">
Why it fails:
- This does not override
upload_max_filesize. - Users can change or remove it.
- The server still decides what is allowed.
How to avoid it:
- Treat form limits as helpful hints only.
- Always validate on the server.
2. Setting only upload_max_filesize
Broken configuration:
upload_max_filesize = 30M
post_max_size = 8M
Why it fails:
- The entire request must fit inside
post_max_size. - If
post_max_sizeis smaller, the upload still fails.
How to avoid it:
- Make larger than the largest expected upload.
Comparisons
| Approach | What it does | Can it raise PHP upload limits? | Notes |
|---|---|---|---|
HTML MAX_FILE_SIZE | Suggests a max size in the form | No | Client-side hint only |
| PHP size check in script | Rejects files after upload reaches PHP | No | Useful for app rules, not server limits |
php.ini | Sets PHP configuration globally or per environment | Yes | Most direct solution if you control server config |
.htaccess | Can change some PHP settings on some Apache setups | Sometimes | Not available on all hosts or servers |
ini_set() | Changes some PHP settings at runtime |
Cheat Sheet
// Check current settings
echo ini_get('upload_max_filesize');
echo ini_get('post_max_size');
// Check for upload errors
if ($_FILES['file']['error'] !== UPLOAD_ERR_OK) {
// handle error
}
Common PHP upload-related settings:
upload_max_filesize= max size of one filepost_max_size= max size of total POST requestmax_file_uploads= max number of uploaded filesmemory_limit= script memory limit
Important rules:
post_max_sizeshould be larger thanupload_max_filesize- HTML
MAX_FILE_SIZEdoes not override server settings ini_set()usually cannot solve upload size limits for the current upload request- If server config is locked down, ask the host or administrator
Useful upload error constants:
FAQ
Can I increase PHP upload size from inside my PHP script?
Usually no. Upload limits such as upload_max_filesize and post_max_size are applied before your script can fully process the request.
Why is my upload still failing after changing upload_max_filesize?
Because post_max_size may still be too small, or the web server itself may have a lower limit.
Does MAX_FILE_SIZE in the HTML form enforce the real limit?
No. It is only a browser-side hint and can be bypassed. The server configuration is the real limit.
How do I know which limit is blocking my upload?
Check ini_get('upload_max_filesize'), ini_get('post_max_size'), and inspect $_FILES['your_field']['error'] for values like UPLOAD_ERR_INI_SIZE.
What should I do if I cannot access php.ini or .htaccess?
Ask your hosting provider or server administrator to raise the upload limits, or use a hosting control panel if one is available.
Do I need to set both upload_max_filesize and post_max_size for a 30 MB file?
Mini Project
Description
Build a small PHP upload diagnostic page that helps you understand why file uploads fail. Instead of only trying to save a file, this page reports the current PHP upload limits, accepts an MP3 upload, and displays a clear error message when the upload is blocked by configuration. This is useful in real projects because it helps separate application bugs from hosting or server restrictions.
Goal
Create a PHP upload form and handler that shows current upload settings, validates an uploaded MP3 file, and reports whether the failure comes from PHP configuration or from your own application rules.
Requirements
- Display the current
upload_max_filesizeandpost_max_sizevalues. - Provide a form for uploading one file using
multipart/form-data. - Detect common upload errors using
$_FILES['audio']['error']. - Reject files larger than 30 MB at the application level.
- Save valid files into an
uploadsdirectory.
Keep learning
Related questions
Are PDO Prepared Statements Enough to Prevent SQL Injection in PHP?
Learn how PDO prepared statements prevent SQL injection in PHP, what they protect, and the mistakes that still leave MySQL apps vulnerable.
Can You Bind an Array to an IN Clause in PHP PDO?
Learn how PDO handles placeholders in IN() clauses, why arrays cannot be bound directly, and the safe PHP pattern to build dynamic queries.
Choosing the Right MySQL Collation for PHP and UTF-8
Learn how MySQL character sets and collations work with PHP, and how to choose a practical UTF-8 setup for web applications.