diff options
| author | Thomas Vanbesien <tvanbesi@proton.me> | 2026-03-22 13:34:47 +0100 |
|---|---|---|
| committer | Thomas Vanbesien <tvanbesi@proton.me> | 2026-03-22 13:34:47 +0100 |
| commit | d6a9fd1c32f07b993cb8ecc3c1b7c22f7a0ce848 (patch) | |
| tree | 18e21d395cc4043b274b275eeb824d562556c808 /src/app/Controllers | |
| parent | 6a2c38dff48529672411419e1f56df0671f40365 (diff) | |
| download | camagru-d6a9fd1c32f07b993cb8ecc3c1b7c22f7a0ce848.tar.gz camagru-d6a9fd1c32f07b993cb8ecc3c1b7c22f7a0ce848.zip | |
Add upload security: size limit, per-user and site-wide post caps
Reject base64 payloads over 10 MB, limit users to 50 posts each,
and cap total posts at 10,000 (~650 MB on disk). Document upload
security model in README.
Diffstat (limited to 'src/app/Controllers')
| -rw-r--r-- | src/app/Controllers/EditorController.php | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/src/app/Controllers/EditorController.php b/src/app/Controllers/EditorController.php index c7dd9fc..c8cae0d 100644 --- a/src/app/Controllers/EditorController.php +++ b/src/app/Controllers/EditorController.php @@ -12,6 +12,13 @@ use App\Models\Post; class EditorController { + // Per-user and site-wide caps prevent disk exhaustion — even if someone + // creates multiple accounts, the total limit still applies. + // Each composited image is a 640×640 JPEG at quality 85, averaging ~65 KB. + // 50 posts/user ≈ 3.2 MB per user, 10 000 total ≈ 650 MB on disk. + private const MAX_POSTS_PER_USER = 50; + private const MAX_POSTS_TOTAL = 10000; + private Post $post; public function __construct() @@ -60,7 +67,28 @@ class EditorController return; } + if ($this->post->countByUserId($_SESSION['user_id']) >= self::MAX_POSTS_PER_USER) { + http_response_code(400); + echo json_encode(['error' => 'You have reached the maximum number of posts.']); + return; + } + + if ($this->post->countAll() >= self::MAX_POSTS_TOTAL) { + http_response_code(400); + echo json_encode(['error' => 'The site has reached its storage limit.']); + return; + } + $imageData = $input['image_data'] ?? ''; + + // Reject oversized payloads before doing any processing — base64 adds ~33% + // overhead, so 10 MB base64 ≈ 7.5 MB image, which is more than enough + if (\strlen($imageData) > 10 * 1024 * 1024) { + http_response_code(400); + echo json_encode(['error' => 'Image too large.']); + return; + } + $overlayName = $input['overlay'] ?? ''; $overlayScale = (float) ($input['overlay_scale'] ?? 1.0); |