CODEWITHSUNDEEP
phpfile-uploadupload
Henrique Gonçalves
Henrique Gonçalves

Reputation: 1582

file upload and quota

I'm working on a web project, separated in different apps (using SSO for the users to be logged in in all apps at same time) where the users can upload files in all of them.

The problem is, each app uploads the file in its own way, to its own place cluttering the servers and losing track of which file belongs to.

I want to develop a component for this in order to all apps upload through it and track each user quota, files, etc.

As I can figure out how to do this myself, I'm wondering if there are good practices in doing this. Is there any article I can read? Is there any system available for this? Also, I'm doing it in PHP in case you're wondering.

Upvotes: 0

Views: 298

Answers (1)

Vlad Preda
Vlad Preda

Reputation: 9910

First thing you need is to start :) Because this is what programming is after all, trial and error. You may find yourself half way through the task having to start over, but this is in the job description.

But I agree that having a plan before you start is extremely useful. I don't know any tutorials that cover good practices and standards for doing things right, but I will try to give you some hints.

  • Always check the mime type, the extension and the file size. You can also block some types of files from .htaccess just in case you forget or are not careful enough
<FilesMatch ".(htaccess|htpasswd|php|js|exe|bat)$"> // extentions to block
Order Allow,Deny
Deny from all
</FilesMatch>

You can also consider having a white list instead of a black list.

  • Have some well defined locations, and this depends largely on the amount of files you need, and why you need them.

If you have a LOT of files, you can create a folder structure in the form of a hash table. For example, you could strip the non-alphanumeric chars, and create 2 levels of folders based on the first letters of the file.

Example:

test_image.png => uploads/app_x/t/e/test_image.png

another_img.png => uploads/app_x/a/n/test_image.png

You can also use the date for this (like wordpress does):

test_image.png => uploads/app_x/2013/02/27/test_image.png

another_img.png => uploads/app_x/2013/02/26/test_image.png

If you have user uploaded files, you may want to create a folder for each user (uploads/app_y/user_x/his_file.pdf).

This will make finding the files on the server a lot faster. It's good to have a folder structure in mind before starting, and it's good to take all the possible types of files into consideration.

  • Consider changing the names of the files if necessary. This depends if you want, for example, to make the files publicly visible or not.

Will continue this list when I get home, but this should be some food for thought.

Upvotes: 1

Related Questions