[wp-edu] How to safely handle photo uploads by general public on a multisite

Caroline Meikle caroline.ann.meikle at gmail.com
Tue Jul 15 22:30:14 UTC 2014


Hi Dixie,

Thanks! I am going to New Zealand.

If you need any help with implementing file upload limits or anything else, I can give helping a shot. I'm getting more into doing WordPress development, so every experience helps.

Best,

Caroline

Sent from my iPhone. Please excuse any resulting spelling and grammar errors.

> On Jul 11, 2014, at 11:13 AM, Dixie Lang <dlang at russell.wisc.edu> wrote:
> 
> Hi Caroline,
> 
> Thank you for responding and for the information below.
> 
> I saw your email that you are leaving the UW - best of luck in the future with your freelance work.
> 
> -- 
> - Dixie
> ---------------------------------------
> Dixie Lang
> Web Developer
> Russell Labs Computing
> A109 Russell Labs
> 
>> On 7/1/2014 1:55 PM, Caroline Meikle wrote:
>> Hi Dixie,
>> 
>> It looks like Gravity forms has hooks and filters you could use to create functions to limit the file types and maximum file size: http://www.gravityhelp.com/documentation/page/Developer_Docs#Hooks_and_Filters
>> 
>> There are plugins that can do so as well: http://wordpress.org/plugins/gravity-forms-advanced-file-uploader/
>> 
>> Contact Form 7 also allows you to specify file types and sizes: http://contactform7.com/file-uploading-and-attachment/
>> 
>> Best,
>> 
>> Caroline
>> 
>> 
>>> On 7/1/2014 1:27 PM, Dixie Lang wrote:
>>> Greetings fellow WordPress users,
>>> 
>>> I have three internal clients that could benefit from a smoother process to allow their clients to upload photos for diagnostic and identification purposes, e.g. identify bugs or diagnose turfgrass or plant problems.
>>> 
>>> All three WordPress sites are on a multisite, and all three currently have Gravity Forms contact forms. The upload limit is the same throughout the multisite - 6MB. This limit works for our current internal users.
>>> 
>>> The current method to protect the server is to have clients email the photos separately, and then the photos must be manually matched to the form information.
>>> 
>>> I am concerned about two things regarding allowing file uploads from external users:
>>> 1) the possibility of malicious files being uploaded
>>> 2) the possibility of users uploading files at higher than 72dpi, and quickly filling up disk quota - I would prefer not to punish the internal users by lowering the disk quota across the multisite
>>> 
>>> Has anyone have insights to share on how to balance upload convenience, server safety and disk quota?
>>> 
>>> Thanks in advance for any guidance you are willing to share.
>>> 
>>> - Dixie Lang
>>> ------------------------
>>> Web Developer
>>> University of Wisconsin-Madison Russell Labs
>>> _______________________________________________
>>> wp-edu mailing list
>>> wp-edu at lists.automattic.com
>>> http://lists.automattic.com/mailman/listinfo/wp-edu
> _______________________________________________
> wp-edu mailing list
> wp-edu at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-edu


More information about the wp-edu mailing list