NYCPHP Meetup

NYPHP.org

[nycphp-talk] protecting download directory in PHP app on Unix box?

Kenneth Downs ken at secdat.com
Fri May 30 08:33:50 EDT 2008 

John Campbell wrote:
> On Thu, May 29, 2008 at 12:42 PM, Ajai Khattri <ajai at bitblit.net> wrote:
>   
>> On Wed, 28 May 2008, Kristina Anderson wrote:
>>
>>     
>>> In the case of this project, there will potentially be several hundred
>>> PDFs but no more than that, at least for the foreseeable future...there
>>> are about 30 articles or less published per year by this magazine.
>>>
>>> So I think one static directory can work for us.
>>>       
>> Always plan to make it future-proof as much as you can. If that becomes
>> 100 per year, then what?
>>
>>     
> Then in the year 2108, she will have to make changes to the code.
>
> In my experience, this type of future proofing buys you nothing.   I
> have found that tons of other problems arise before overflow issues
> start to be a problem. 

I will go further and say it is worse than nothing.  You end up with 
code you need to test against a case that receives no real-world 
pressure.  Then when you have to make real changes in response to actual 
(as opposed to hypothetical) needs you have tip-toe around this code and 
avoid breaking it -- even though it is not necessary!

I eventually wrote in my little book: Do not abstract against 
non-existent cases.


>  I did a similar thing and I just put the files
> in a folder with the id.  Bandwidth and diskspace became a problem
> long before a too many folder problem.  The solution was to move
> everything to Amazon S3.  S3 doesn't have folders and supports and
> unlimited number of objects. It turned out to be a blessing that I
> didn't do something fancy with the folder naming.
>
> Regards,
> John Campbell
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>   


-- 
Kenneth Downs
Secure Data Software, Inc.
www.secdat.com    www.andromeda-project.org
631-689-7200   Fax: 631-689-0527
cell: 631-379-0010

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20080530/af7eec33/attachment.html>

More information about the talk mailing list