[thelist] best file upload practices
Burhan Khalid
thelist at meidomus.com
Thu Feb 17 00:34:13 CST 2005
Theodore Serbinski wrote:
> Hey guys, have a general question on what are the best practices for
> file uploading?
>
> Do you guys check file names for no spaces and punctation? Allow it
> anyways? Generate unique file names? What about retrevial?
Unless you are letting users rename files for you, you don't have to
worry about this too much. The operating system from which the file is
being uploaded won't let the user create a file that has invalid characters.
In PHP, which is what I'm familiar with -- the server uploads the file
to a temporary location and gives it a temporary name, I then have the
option of saving the file with a new name, or the original name of the file.
I think you'll have to worry more about other things, such as file size,
file type (some hosting providers do not allow .exe files to be
uploaded) the kinds of files ("warez", illegal mp3s, etc.) things like
that will get your account suspended -- sometimes, without notice.
> I'm not looking to store any of these files in a database. Just throw
> the files in a folder that will allow the files to be downloaded from
> a HTML page. Thanks!
Unless there is a burning reason to have a HTML interface to this
location, why not use other more friendly options -- such as FTP or
WebDAV? This way, you don't have to worry about all the annoyances of HTTP.
More information about the thelist
mailing list