I'd like to code a PHP script where users can upload a file and receive a link to download it in .zip format. Here's my plan for the script: The user sees a form to browse his computer and upload a file or folder. File is uploaded and zipped. File is given a random name, if unavailable a new random name is tried. File is placed into a directory. The script checks the directory for files, and all files older than one week (or possibly last accessed more than one week ago) are deleted. The user is presented with a download link (or possibly e-mailed the file, if he elected to do so on the original form). I understand PHP can work with zip files fairly easily? I'm not asking for somebody to code this script - I simply want to know what I'm getting into. Thanks a lot, Peter EDIT: Is this a security risk?
Please see my comments, I dont know what your programming skills are like but it should be relatively easy to do what your saying. Thanks D_D
I forgot to ask, is this a security risk? Anyway, thanks for the quick reply. I figured that having the script do the house cleaning would be more efficient than a Cron job? -Peter
its doable using php and shouldnt be very hard i dont see any hard part in it ... except the upload folder , i think user will have 2 pass file by file . or use another technology
Well, technically the php is doing the cleaning up. The Cron Job is set up to run the script at a certain interval. I don't see how else to do it, unless you manually run the script yourself everyday Glad to be of help D_D
My original plan was to run the cleanup at the end of each upload, so the script won't run if the site isn't being used. But I'm still trying to find out the risks associated with the whole operation. Is there a way to make it 100% secure?
Thats a good plan. As for security, TBH it looks like you will just be doing a standard upload. To the best of my knowledge it looks safe but you should ask someone who knows security better. D_D
there is always a security issue when your letting someone upload a file to your server... especially it being a file that is executable... not really sure what specific things you should worry about though
i really dont have a good answer for you for this but i would think it is pretty secure but im not positive