Increasing Upload Limits and Security...
Posted: Sat Sep 27, 2008 1:46 pm
I have some scripts on a new website that allow people to upload photos. These days, photos are so large, these upload scripts absolutely LAUGH at php's default 2MB upload_max_filesize limit.
It is not out of the ordinary for people to want to upload 100-200mb of photos with each post in my scripts. I know I can allow this by putting the following in each .htaccess for each script's directory:
php_value max_execution_time 200
php_value upload_max_filesize 175M
php_value post_max_size 200M
php_value memory_limit 100M
So my question is:
Is this acceptable? Is it acceptable on the security front? And is it acceptable on the performance front? What is one to do in a situation like mine where I want my users to be able to upload 5-10 full resolution photos?
NOTE: Due to time constraints... I cannot utilize FTP do upload these photos. I need to stick with php's built-in file uploading $_FILE method. Thanks for your help.
It is not out of the ordinary for people to want to upload 100-200mb of photos with each post in my scripts. I know I can allow this by putting the following in each .htaccess for each script's directory:
php_value max_execution_time 200
php_value upload_max_filesize 175M
php_value post_max_size 200M
php_value memory_limit 100M
So my question is:
Is this acceptable? Is it acceptable on the security front? And is it acceptable on the performance front? What is one to do in a situation like mine where I want my users to be able to upload 5-10 full resolution photos?
NOTE: Due to time constraints... I cannot utilize FTP do upload these photos. I need to stick with php's built-in file uploading $_FILE method. Thanks for your help.