Add upload security: size limit, per-user and site-wide post caps

Reject base64 payloads over 10 MB, limit users to 50 posts each, and cap total posts at 10,000 (~650 MB on disk). Document upload security model in README.
author: Thomas Vanbesien <tvanbesi@proton.me> 2026-03-22 13:34:47 +0100
committer: Thomas Vanbesien <tvanbesi@proton.me> 2026-03-22 13:34:47 +0100
commit: d6a9fd1c32f07b993cb8ecc3c1b7c22f7a0ce848 (patch)
tree: 18e21d395cc4043b274b275eeb824d562556c808 /src/app/Models
parent: 6a2c38dff48529672411419e1f56df0671f40365 (diff)
download: camagru-d6a9fd1c32f07b993cb8ecc3c1b7c22f7a0ce848.tar.gz
camagru-d6a9fd1c32f07b993cb8ecc3c1b7c22f7a0ce848.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/src/app/Models/Post.php b/src/app/Models/Post.php
index 66c8c18..e82b0d9 100644
--- a/src/app/Models/Post.php
+++ b/src/app/Models/Post.php
@@ -42,6 +42,13 @@ class Post
         return $stmt->fetchAll();
     }
 
+    public function countByUserId(int $userId): int
+    {
+        $stmt = $this->pdo->prepare('SELECT COUNT(*) FROM posts WHERE user_id = :user_id');
+        $stmt->execute(['user_id' => $userId]);
+        return (int) $stmt->fetchColumn();
+    }
+
     public function findAllPaginated(int $limit, int $offset): array
     {
         $stmt = $this->pdo->prepare(
author	Thomas Vanbesien <tvanbesi@proton.me>	2026-03-22 13:34:47 +0100
committer	Thomas Vanbesien <tvanbesi@proton.me>	2026-03-22 13:34:47 +0100
commit	d6a9fd1c32f07b993cb8ecc3c1b7c22f7a0ce848 (patch)
tree	18e21d395cc4043b274b275eeb824d562556c808 /src/app/Models
parent	6a2c38dff48529672411419e1f56df0671f40365 (diff)
download	camagru-d6a9fd1c32f07b993cb8ecc3c1b7c22f7a0ce848.tar.gz camagru-d6a9fd1c32f07b993cb8ecc3c1b7c22f7a0ce848.zip