aC forum: File Storage in aC 1.0

Post #7 by llbbl

llbbl — Tue, 25 Sep 2007 20:33:24 UTC

please read this article on file uploads in php. it explains all the problems and outlines the only secure way to do it.

http://www.scanit.be/uploads/php-file-upload.pdf

I think this will also help people understand why it isn't as simple as it sounds.

Post #6 by Ilija Studen

Ilija Studen — Fri, 21 Sep 2007 12:51:36 UTC

Thanks. We'll see what we can do about this :)

Post #5 by awolff

awolff — Fri, 21 Sep 2007 12:38:02 UTC

1. If password protecting a folder is too much hassle, then at least give the administrator more options, eg. to select a folder, or even a server path for uploads, then the administrator/webmaster can secure the folder on the server himself.

2. A simple sequential number added to the end of the filename can solve this problem, eg. screenshot_001.jpg; screenshot_002.jpg. If a sequential number is too difficult to do, then a random generated string on the filename will work as well. This means the administrator can go into the server, and immediately locate the file he is looking for, or at least the latest version of the file, based on the name and date.

3. Yes, I am all for that as well... but that partly even possible now, at least in BQ by simply creating a separate project open to all, or shared by companies.

And a one click project backup (with the choice of selecting files, messages, tasks etc.) would of course be the createst improvement. As you say on the front page of your site, "Keep it, save it, backup it."

Thanks!!

Post #4 by Ilija Studen

Ilija Studen — Fri, 21 Sep 2007 10:04:06 UTC

1. To password protect a folder you need allow override permissions in case of Apache. We would also need to test it on IIS to see if it works properly. And who knows what else can go wrong on all the platforms we need to support. Way too much hassle...

2. First time someone uploads a specific name it becomes reserved across all projects so you need to handle a situation when someone uploads a new file with the same name. Just as an example I attached hundreds of screenshot.jpg files in the past few months :)

3. We want to support general upload, not just on project level. For instance, we could add a plugin that enables you to attach files to companies, users or even globally available documents, attached to nothing - just uploaded and available in Documents section on the Dashboard (just an example).

I am not saying that this design decision is the best one or that things could not be solved differently, I'm just explaining why we did it this way and that we wont be able to change it until 1.0 launch. This is how activeCollab 1.0 will most probably ship.

Of course, we are open for suggesting and requests. Just tell us how you would improve this solution or what you would like to achieve (one click project backup for instance) and we'll see what we can do.

Post #3 by awolff

awolff — Fri, 21 Sep 2007 09:43:41 UTC

Thanks Ilija, you are quick!

I am a bit disappointed now.

I was hoping there might be a better solution for file storage, but I understand the security risks. It would of course be possible to password protect the Upload folder and make it only accessible only from within aC, and for a webmaster, using SFTP. Is that a solution?

Why can aC simply not use the upload filename?

Post #2 by Ilija Studen

Ilija Studen — Fri, 21 Sep 2007 09:30:36 UTC

Thanks for bringing this up. We haven't been playing with backup / export with activeCollab 1.0 (if you need to extract data from the system you can use API). For now activeCollab 1.0 handles files pretty much the same way activeCollab 0.7.1 did (except there is no database storage engine - just file system), but we considering various options for future releases.

awolff:
Can files retain their original name and extention?

Having original file names within /upload folder would be a great security risk because many people still have /upload accessible through the web. Somebody could easily upload .php file and that is just not acceptable.

awolff:
Can files possibly go into a folder that can easily be identified with the relevant project?

Creating folders from PHP in specific setups can be a real pain so we haven't used it. There is no subfolders in /upload folder.

Post #1 by awolff

awolff — Fri, 21 Sep 2007 09:18:04 UTC

I noticed that aC allows the user to choose where to store files. In the database, or in the /upload folder.

My question concerns the naming of the files if I choose the /upload folder option. I noticed that in v. 0.7.1 the files are saved in the "upload" folder with encrypted file names, and without extentions. How will files be treated in version 1?

Can files retain their original name and extention?
Can files possibly go into a folder that can easily be identified with the relevant project?

This will make backup of files so much easier.