Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

Re: Thoughts on file upload...

by mikeirw (Pilgrim)
on Nov 20, 2002 at 15:20 UTC ( #214478=note: print w/replies, xml ) Need Help??

in reply to Thoughts on file upload...

Not really security related per se, but I think that it's wise to set a maximum file size that you'll accept so that someone doesn't try to fill up your disk.

You can do this easily (if you're using with something like:

# Limit file sizes to 1 MB use constant MAX_FILE_SIZE => 1_048_576; $CGI::POST_MAX = MAX_FILE_SIZE;

You may also want to set a size limit on the directory that is holding the uploaded files. This could be done with something like:

# 100 MB limit on the size of the upload dir use constant MAX_DIR_SIZE => 100 * 1_048_576; sub dir_size { my $dir = shift; my $dir_size = 0; my $file; # Loop through files and sum the sizes; doesn't descend down subdi +rs. opendir DIR, $dir or die "Unable to open $dir: $!\n"; $dir_size += -s "$dir/$file" while defined( $file = readdir DIR ); closedir DIR; return $dir_size; } die 'Upload directory is full.' if ( dir_size('/path/to/dir') + $ENV{CONTENT_LENGTH} > MAX_DIR_SIZE +);

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://214478]
[marioroy]: I wanted to come back and report on that.
[marioroy]: cheers

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (6)
As of 2017-04-23 22:43 GMT
Find Nodes?
    Voting Booth?
    I'm a fool:

    Results (433 votes). Check out past polls.