[wp-edu] How to safely handle photo uploads by general public on a multisite

Dixie Lang dlang at russell.wisc.edu
Fri Jul 11 16:13:16 UTC 2014

Hi Caroline,

Thank you for responding and for the information below.

I saw your email that you are leaving the UW - best of luck in the 
future with your freelance work.

- Dixie
Dixie Lang
Web Developer
Russell Labs Computing
A109 Russell Labs

On 7/1/2014 1:55 PM, Caroline Meikle wrote:
> Hi Dixie,
> It looks like Gravity forms has hooks and filters you could use to 
> create functions to limit the file types and maximum file size: 
> http://www.gravityhelp.com/documentation/page/Developer_Docs#Hooks_and_Filters
> There are plugins that can do so as well: 
> http://wordpress.org/plugins/gravity-forms-advanced-file-uploader/
> Contact Form 7 also allows you to specify file types and sizes: 
> http://contactform7.com/file-uploading-and-attachment/
> Best,
> Caroline
> On 7/1/2014 1:27 PM, Dixie Lang wrote:
>> Greetings fellow WordPress users,
>> I have three internal clients that could benefit from a smoother 
>> process to allow their clients to upload photos for diagnostic and 
>> identification purposes, e.g. identify bugs or diagnose turfgrass or 
>> plant problems.
>> All three WordPress sites are on a multisite, and all three currently 
>> have Gravity Forms contact forms. The upload limit is the same 
>> throughout the multisite - 6MB. This limit works for our current 
>> internal users.
>> The current method to protect the server is to have clients email the 
>> photos separately, and then the photos must be manually matched to 
>> the form information.
>> I am concerned about two things regarding allowing file uploads from 
>> external users:
>> 1) the possibility of malicious files being uploaded
>> 2) the possibility of users uploading files at higher than 72dpi, and 
>> quickly filling up disk quota - I would prefer not to punish the 
>> internal users by lowering the disk quota across the multisite
>> Has anyone have insights to share on how to balance upload 
>> convenience, server safety and disk quota?
>> Thanks in advance for any guidance you are willing to share.
>> - Dixie Lang
>> ------------------------
>> Web Developer
>> University of Wisconsin-Madison Russell Labs
>> _______________________________________________
>> wp-edu mailing list
>> wp-edu at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-edu 

More information about the wp-edu mailing list