I'm on the lookout for a way for clients to upload drawings to our server but before I go ahead is there any security issues I should be aware of. What if a file containing a virus is uploaded? Any comments please.

I am actually working on one of these now. There are a ton of code snippets out there but to find one that works for you is more than likely going to be a little rare.

Although with a little bit of knowledge you can take a snippet and edit it for your application.

With PHP you should always take precautions when allowing the world to upload to your server. I would restrict your uploads by size and extensions, ie. jpeg, bmp, jpg, png, and so on.

Thanks for that.

If uploading is restricted to image files, as suggested, does this stop viruses?

It may seem a bit extensive, but Menalto's open source Gallery software is fantastic.

ACC

No that won't stop viruses but will limit them somewhat.

As suggested already, restricting the file extensions would be the best step toward stopping any potential viruses.

A way to be even more certain that i particular upload does not contain any such viruses is to use a file scanner, even your everyday anti-virus scans files before downloading. Although the results can never be 100% certain these steps can dramatically reduce your risk.