I have a site that allows users to upload files so that they can be retrieved when ever needed. Do you think I could face any legal problems because there are no restrictions on what file types can be uploaded?
If you let people upload copyrighted material you could face legal problems (also security problems if you even let them upload php files)
Thanks for letting me know about the copyrighted material...how can they execute the php file if it is just being uploaded and downloaded?
stOx is thinking of PHP files uploaded to a public location. You could then trigger them via: http://yoursite/uploads/file.php A solution would be to store all uploaded files outside the web root. As an idea totally off the top of my head: - Each uploaded file name is stored in a database: FileNum - FileName - UserID - Each file is renamed from file.txt to Filenum.dat or some minor extension - Using PHP upload and download the files. If the files are private, not publicly available that would limit the risk copyrighted material would have... however someone could upload an Office2003.iso file and then post the username/password in a public location. You could always limit downloads etc which would also help but you could never completely get rid of the risk.
my uploads expire after a predetermined amount of time. thanks for the info about executing a php file.