Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw

Re: Thoughts on file upload...

by mikeirw (Pilgrim)
on Nov 20, 2002 at 15:20 UTC ( #214478=note: print w/replies, xml ) Need Help??

in reply to Thoughts on file upload...

Not really security related per se, but I think that it's wise to set a maximum file size that you'll accept so that someone doesn't try to fill up your disk.

You can do this easily (if you're using with something like:

# Limit file sizes to 1 MB use constant MAX_FILE_SIZE => 1_048_576; $CGI::POST_MAX = MAX_FILE_SIZE;

You may also want to set a size limit on the directory that is holding the uploaded files. This could be done with something like:

# 100 MB limit on the size of the upload dir use constant MAX_DIR_SIZE => 100 * 1_048_576; sub dir_size { my $dir = shift; my $dir_size = 0; my $file; # Loop through files and sum the sizes; doesn't descend down subdi +rs. opendir DIR, $dir or die "Unable to open $dir: $!\n"; $dir_size += -s "$dir/$file" while defined( $file = readdir DIR ); closedir DIR; return $dir_size; } die 'Upload directory is full.' if ( dir_size('/path/to/dir') + $ENV{CONTENT_LENGTH} > MAX_DIR_SIZE +);

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://214478]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (2)
As of 2023-03-21 04:58 GMT
Find Nodes?
    Voting Booth?
    Which type of climate do you prefer to live in?

    Results (59 votes). Check out past polls.