ShibSta Posted November 5, 2007 Share Posted November 5, 2007 I am working on a project where users will be uploading files... I know there is a 2000 file limit (or something like that) in FTP clients so it then cuts off the list even though the files still exist... I was wondering is this something I should worry about, what would be the best method of getting around this? Reason it comes to my concern is because I've seen some sites get hacked and the hacker would throw in a PHP Shell script into the folder with 2000+ files and the owner of the site will never know it's in there... I don't plan on getting hacked but I may distribute my script to a few friends and just want things to be easy to keep track of and maintain... Thanks, - ShibSta Quote Link to comment Share on other sites More sharing options...
Jenk Posted November 6, 2007 Share Posted November 6, 2007 Simple, don't let them access the files. Serve them via PHP so they cannot execute, only download as attachments. Quote Link to comment Share on other sites More sharing options...
ShibSta Posted November 8, 2007 Author Share Posted November 8, 2007 Simple, don't let them access the files. Serve them via PHP so they cannot execute, only download as attachments. I think you missed the point of my original question. No where was I talking about making the file list publicly available... - ShibSta Quote Link to comment Share on other sites More sharing options...
svivian Posted November 8, 2007 Share Posted November 8, 2007 I think Jenk was responding to the "PHP Shell script" part - a user uploading such a file wouldn't be a problem if you served the file as a download rather than letting the hacker point his browser at the url and running it. Regarding the 2000+ files... easiest thing is to split into folders based on the date the file was uploaded, such as year/month. 2007/11 2007/12 2008/01 ...etc Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.