[FX.php List] [OFF] Potential gotchas with uploading files?
Dale Bengston
dbengston at tds.net
Thu Apr 2 20:57:49 MDT 2009
Hi Joel,
The biggest headaches I've had with file upload have come from PHP and
Apache settings for file sizes and memory allocations. They're set
pretty low by default. Depending on what you're allowing for uploads,
this may not be an issue at all, but it got me. Also, validate,
validate, validate what's being uploaded.
On Apr 2, 2009, at 9:15 PM, Joel Shapiro wrote:
> Hi all
>
> I'm looking for thoughts on how complicated an upload-file site can
> be.
>
> I've got a potential new project that would involve people uploading
> files via the Web and then having those files accessible to FMP
> clients. I haven't worked with uploading before, but I've
> successfully put together the basics of uploading files and moving
> them to a specified directory. In my brief experimenting, though,
> I've already seen issues with access privileges of the uploaded
> files (on my development machine) and UPLOAD_ERR_NO_TMP_DIR errors
> on my regular web host. I'm also aware that there are security
> concerns when uploading files to a server, and know that servers and
> php can be configured quite differently in different machines and
> environments (it's not yet determined if the site will be hosted
> internally or through an external FM host). FWIW - I'd probably
> leave files in their directory(ies) on the web server and have the
> FMP clients get to them via their network paths, so I'm not very
> concerned about that part of it.
>
> For those that have worked with this, what kinds of problems can
> should I be ready for? Could this be a big headache?
>
> TIA,
> -Joel
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1582 bytes
Desc: not available
Url : http://mail.iviking.org/pipermail/fx.php_list/attachments/20090402/2d0e8a52/smime.bin
More information about the FX.php_List
mailing list