javascript - What is standard practice for handling user forms and file uploads? -
what standard practice handling data in text fields , file upload fields?
the question similar 1 i asked previously, 1 more general.
if borrow example of user registering account, includes name
, email
, , several file upload fields, actions taken after form submission amount to:
(1) validate text fields name
, email
(2) if validation success, create , save user instance db.
(3) save images disk
(4) update user instance include filepaths of saved images.
the files uploaded aren't big, 5mb or less, problems associated uploading large 1gb+ files aren't issue question.
from i've read, there 2 ways of handling this.
submit together.
there several unanswered threads this: https://softwareengineering.stackexchange.com/questions/239170/how-to-parse-multipart-field-file-data-separately
node.js busboy parse fields , files seperatly
i know text fields should come before file fields when submitting form mscdex's comment in other question.
but there other problems can see:
(a) if validations fail text fields, means have resent in form submission. potentially lead dos attack/bandwidth issue having malicious user continually submit form bad text fields, lots of files.
submit files when first selected, when form submits, upload file hash.
(a) potential dos attack may happen having malicious user upload ton of images sits on server. independent bash script cleans
/tmp
folder after x minutes, user still clog disk space in x minutes before cleanup continually sending files.(b) having independent script cleanup creates timing issues. if legitimate user keeps sending form fails validations, after x minutes, user sends correct form. time, images have been wiped since x minutes has passed though validations passed.
some other way don't know
i feel first way may easier since potentially rate-limit connections using nginx
. since files never hitting disk until validations complete, won't have cleanup issues files in /tmp
. i've searched net , can't find doing this, leads me believe file uploading not done way.
what's best way handle file uploads form data?
submitting easiest. if validation fails, abort connection and/or send response of kind. prevent rest of form being processed.
Comments
Post a Comment