diff --git a/milfs/images/secure/index.php b/milfs/images/secure/index.php
index 08a168d..cb4339c 100755
--- a/milfs/images/secure/index.php
+++ b/milfs/images/secure/index.php
@@ -11,7 +11,7 @@ if(!isset($_GET['file']) ){
 	 header("Location: ../sinimagen.jpg");
 	 
 	}
-$dir='../../../../images_secure/';
+$dir="$_SESSION[path_images_secure]/";
 if ((!$file=realpath($dir.$_GET['file']))
     || strpos($file,realpath($dir))!==0 || substr($file,-4)=='.php'){
  //header('HTTP/1.0 404 Not Found');
diff --git a/milfs/includes/datos.php b/milfs/includes/datos.php
index 1b4b661..e38cad8 100644
--- a/milfs/includes/datos.php
+++ b/milfs/includes/datos.php
@@ -6,5 +6,6 @@ $db="milfs";
 $path_instalacion ="/var/www/html/milfs";
 $path_images_secure ="/var/www/images_secure";
 $url = "http://localhost/milfs";
+/// Depende de la variable http://php.net/upload-max-filesize o en el .htaccess
 $upload_size = 6 ; 	// Tamaño permitido para las imagenes en MB
 ?>
diff --git a/milfs/includes/upload.php b/milfs/includes/upload.php
index 376a506..e2c10fe 100644
--- a/milfs/includes/upload.php
+++ b/milfs/includes/upload.php
@@ -23,7 +23,8 @@ if (isset($_FILES['fileUpload']['tmp_name'])) {
 //	$nombre =MD5(time()).".jpg";
 // (2) - Comprobamos que se trata de un archivo de imágen
 //if ($tipo == 'image/jpeg' AND $size  <= 4000000 ) {
-if (($tipo == 'image/jpeg' or $tipo =='image/png') AND $size  <= 10000000 ) {
+	$upload_size = ($_SESSION[upload_size]*1024*1024);
+if (($tipo == 'image/jpeg' or $tipo =='image/png') AND $size  <= $upload_size ) {
 // (3) Por ultimo se intenta copiar el archivo al servidor.
 $name = MD5(time())."$ext";
 $nombre= "$_SESSION[path_images_secure]/full/".$name;