[pmwiki-users] Token invalid or missing on upload

Neil Herber (nospam) nospam at eton.ca
Tue May 13 11:06:39 PDT 2025 

Thanks Petko

Problem solved. To my surprise, the values shown by phpinfo were:

   post_max_size = 8M
   upload_max_filesize = 2M

This despite the fact that I was sure I had set them to 128M and 64M 
respectively in the cPanel PHP configuration widget.

It turns out that there are THREE widgets in cPanel that seem to be able 
to set PHP configuration, and I am constantly confused as to which one 
will "win". They are the "MultiPHP INI Editor", the "PHP Selector", and 
the "cPanel Multi PHP Manager".

In my case, it looks like the PHP Selector has won, and that is where I 
set  post_max_size 128M and upload_max_filesize = 64M. Those values can 
only be chosen from a drop down, so I could not enter anything other 
than a power of 2.

A quick test showed that a file a bit smaller than the PmWiki upload 
limit worked fine while a file over the PmWiki limit but under the PHP 
limits failed with a "file too large" message. Perfect!

Again - many thanks for the quick and clear response.

Neil

On 2025-05-13 10:13 AM, Petko Yotov wrote:
> You need to check in ?action=phpinfo these constants in the "Local 
> value" column:
>
>   post_max_size
>   upload_max_filesize
>
> The former needs to be larger than the latter, and in config.php 
> $UploadMaxSize only matters if it is less than upload_max_filesize in 
> php.ini.
>
> The total post size is the uploaded file but also other data like the 
> pmtoken, the current page name, the action=postupload, the new name of 
> the file, possibly the author name.
>
> The total post size needs to be less than post_max_size, otherwise it 
> is fully rejected/deleted before even this comes to PmWiki. PmWiki 
> first checks for the token, and as it is has been deleted, it returns 
> the error.
>
> There is also a Warning: "PHP Request Startup: POST Content-Length of 
> XXX bytes exceeds the limit of YYY bytes in Unknown on line 0", but 
> you may not notice it as the token error redirects back to the upload 
> form.
>
> I should think about how to catch these cases and show a more 
> appropriate diagnostic but there are different upload forms, AJAX 
> recipes, and other, this should be done carefully.
>
> Petko
>
>
> On 12/05/2025 23:09, Neil Herber (nospam) wrote:
>> Using the vanilla PmWiki upload form I can successfully upload files
>> that are well below the size limit I have set, namely 50MB
>>
>> But when I try to upload a file that is 48,971,776 bytes it fails with
>> the error message "Token invalid or missing".
>>
>> Using version 2.4.4  with PHP 7.4 and  Apache 2.4.63 on shared hosting.
>>
>> ??? Beats me!
>>
>> Neil

-- 
Neil Herber

More information about the pmwiki-users mailing list