d) in the Directory tab, make sure, READ, WRITE, AND DIRECTORY BROWSING are checked.
Putting it into your web tree, even with all the checks you can think of, is just too dangerous, imnsho.Seems that the browser continues to post up the entire file, even though PHP throws the MAX_FILE_SIZE error properly.Turning zlib compression to OFF seems to solve the issue.Nor should any directory within your web tree have permissions sufficient for an upload to succeed, on a shared server. One's code should INSPECT the actual file to see if it looks kosher.
Any other user on that shared server could write a PHP script to dump anything they want in there! Browsers aren't consistent in their mime-types, so you'll never catch all the possible combinations of types for any given file format. For example, images can quickly and easily be run through imagegetsize and you at least know the first N bytes LOOK like an image.The PHP documentation implies that a browser may alert the user that his upload is too big - this is simply wrong.