[wp-edu] How to safely handle photo uploads by general public on a multisite
Caroline Meikle
cameikle at wisc.edu
Tue Jul 1 18:55:03 UTC 2014
Hi Dixie,
It looks like Gravity forms has hooks and filters you could use to
create functions to limit the file types and maximum file size:
http://www.gravityhelp.com/documentation/page/Developer_Docs#Hooks_and_Filters
There are plugins that can do so as well:
http://wordpress.org/plugins/gravity-forms-advanced-file-uploader/
Contact Form 7 also allows you to specify file types and sizes:
http://contactform7.com/file-uploading-and-attachment/
Best,
Caroline
On 7/1/2014 1:27 PM, Dixie Lang wrote:
> Greetings fellow WordPress users,
>
> I have three internal clients that could benefit from a smoother process to allow their clients to upload photos for diagnostic and identification purposes, e.g. identify bugs or diagnose turfgrass or plant problems.
>
> All three WordPress sites are on a multisite, and all three currently have Gravity Forms contact forms. The upload limit is the same throughout the multisite - 6MB. This limit works for our current internal users.
>
> The current method to protect the server is to have clients email the photos separately, and then the photos must be manually matched to the form information.
>
> I am concerned about two things regarding allowing file uploads from external users:
> 1) the possibility of malicious files being uploaded
> 2) the possibility of users uploading files at higher than 72dpi, and quickly filling up disk quota - I would prefer not to punish the internal users by lowering the disk quota across the multisite
>
> Has anyone have insights to share on how to balance upload convenience, server safety and disk quota?
>
> Thanks in advance for any guidance you are willing to share.
>
> - Dixie Lang
> ------------------------
> Web Developer
> University of Wisconsin-Madison Russell Labs
> _______________________________________________
> wp-edu mailing list
> wp-edu at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-edu
--
Caroline Meikle
Database Programmer
UW-Madison Institute on Aging
Midlife Development in the United States (MIDUS) Project
http://midus.wisc.edu/
Information Processing Consultant
UW-Madison Soil Science Department
Community and Regional Food Systems Project
http://www.community-food.org/
cameikle at wisc.edu | 608-358-0485
____________________________________________________________
I check my email 8am-5pm CST Monday-Friday,
excluding holidays, sick days, and time off.
If you email me outside of those times,
I will reply within 48 hours of the following business day.
More information about the wp-edu
mailing list