Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: Thoughts on file upload...

by mikeirw (Pilgrim)
on Nov 20, 2002 at 15:20 UTC ( #214478=note: print w/ replies, xml ) Need Help??


in reply to Thoughts on file upload...

Not really security related per se, but I think that it's wise to set a maximum file size that you'll accept so that someone doesn't try to fill up your disk.

You can do this easily (if you're using CGI.pm) with something like:

# Limit file sizes to 1 MB use constant MAX_FILE_SIZE => 1_048_576; $CGI::POST_MAX = MAX_FILE_SIZE;

You may also want to set a size limit on the directory that is holding the uploaded files. This could be done with something like:

# 100 MB limit on the size of the upload dir use constant MAX_DIR_SIZE => 100 * 1_048_576; sub dir_size { my $dir = shift; my $dir_size = 0; my $file; # Loop through files and sum the sizes; doesn't descend down subdi +rs. opendir DIR, $dir or die "Unable to open $dir: $!\n"; $dir_size += -s "$dir/$file" while defined( $file = readdir DIR ); closedir DIR; return $dir_size; } die 'Upload directory is full.' if ( dir_size('/path/to/dir') + $ENV{CONTENT_LENGTH} > MAX_DIR_SIZE +);


Comment on Re: Thoughts on file upload...
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://214478]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (16)
As of 2015-07-31 18:16 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (280 votes), past polls