0

I hope you are well.
I am creating a Learning Platform in pure PHP with MySQL and AdminLTE3.
I got to the time of creating the file manager for each user and got stuck on the following.
I have the following structure in folders:
/var/www/html/uploads/users/<% hash (USER ID)%>, and what I'm looking for is that each folder <% hash (USER ID)%> the maximum size is 2GB for each user.
I am using MacOs BigSur for development, but in production it will be on Ubuntu Server 18!

I am not trying set the max_file_size_upload, I am trying to set the maximum size of each user's folder to 2gb

Chris Haas
  • 53,986
  • 12
  • 141
  • 274
Francisco Nahuel Vignolo
  • 3
  • 1
  • I don't think it's possible in php. Isn't that something that you can set in Ubuntu? I think you should write a script that runs every x minutes and changes the quota of each folder to 2GB. Don't ask me how, just pointing you in the right direction. –  Apr 27 '21 at 13:33
  • Hi! According to what I have found in other places, with php it is not possible, it is something of the OS you are correct, the issue is like, I did not find anything related to the size of the folder! Greetings! – Francisco Nahuel Vignolo Apr 27 '21 at 13:36
  • 1
    If you can’t do it on the OS level - then you can still check how big their folder content already is, and if that plus the size of a newly uploaded file is beyond your limit - then you don’t move the uploaded file from the temp folder to the destination, but give the user an error message instead … – CBroe Apr 27 '21 at 13:37
  • 1
    You'll need to [calculate the folder size](https://stackoverflow.com/q/478121/231316) manually whenever something is modified, such as uploading files. – Chris Haas Apr 27 '21 at 13:41
  • It is an excellent idea, thank you very much for the contribution. I'm going to find out how to get the current size of the folder and think about the rest of the code! Greetings, good contribution! – Francisco Nahuel Vignolo Apr 27 '21 at 13:42

1 Answers1

0

Which type of files will it be? I would be a very wary of allowing users to upload arbitrary files to my web server. If they upload a .php file they would be able to run anything as the user running the webserver.

In fact, I would keep them in a database, and have fields to create the meta data instead. this way, you can compress and save the files, and store the size and filename as meta data. If you are using if for reference, etc, which does not need quick access, I would recommend this.

Alternatively, as this this linux.SE answer states, you could create a mounted folder for each user, and have the filesystem sort out everything regarding the quota. I would probably also look into chrooting the folders in some way. This would (in theory) also allow you to give them sftp/ssh access to the files.

I Would also look into doing everything in an environment similar to your production server. and spring to mind.

Alternatively, if all file uploads are handled by php, you could save the used file space and keep a running total, making sure in your php sript that they are nmot exceeding their quota.

JoSSte
  • 2,953
  • 6
  • 34
  • 54
  • Thanks for the reply. I filtered some extensions so that they are not allowed. For example, .PHP / .JS / .PY / .SH / and some more! – Francisco Nahuel Vignolo Apr 27 '21 at 13:46
  • Make sure `.php3` `.phtml` are also blocked - or make sure that your webserver knows not to allow php files in those folders see also https://stackoverflow.com/questions/21469145/prevent-php-apache-from-access-files-above-site-directory – JoSSte Apr 27 '21 at 13:50