"Secure" MP3 Upload via PHP
I've done many a search on the topic without any real solution, so I thought I would ask the experts from whom I've learned so much.
I have a script for embedding an MP3 player on a particular website that plays files from a given directory on the site. I'd like to give users the ability to upload their files (this site centers around original music, if anyone is starting to sweat) but worry about giving people such unchecked access... without any good alternative, I have long since figured I would have them upload to a directory no one else can access and I would simply test them file by file to ensure that they are at the very least in fact MP3s... hardly "secure". If anyone has any better ideas, I would love to hear some input.
In a serendipitous encounter with an experienced programmer (at a bar), I learned that the question I ask has no easy solution; what he suggested, in fact, was what I have long resolved to doing, which is
1) ensuring the files are uploaded to a private directory, unable to be accessed by anyone but myself and insulated (to the best extent possible) from the rest of the server in terms of malicious code, and
2) sorting through these files as they come in, 'approving' them on a case by case basis.
That being said, I was wondering if anyone could advise me on the best way to accomplish either part of this; if I remember from my "Beginning pHp" book, the former has to do with .htaccess, a realm with which I have no experience. In terms of the latter, if anyone has a better suggestion than trying to open each file on my personal computer, I would be more than happy to hear it.
|All times are GMT -4. The time now is 04:48 AM.|
Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.