How Drupal controls what type and the size of the files that can be uploaded is a matter for the content type specific configuration page shown in the preceding screenshot. It is not really sensible to allow any type of file to be uploaded to the site. The first thing that will happen if you do this, is that someone will upload a malicious executable file that does something nasty when it runs on the users" machines, in turn, causing them to say or do something nasty to you.

For example, you might know that for a particular content type, the only type of file that should be uploaded is a small text or .txt file. In this case, you would have something like the following settings:.

In this case, we have specified that only "txt files" of less than 50 KB can be uploaded to the blogtext sub-directory. The decisions you ultimately make should be dictated by the needs of the individual site. When in doubt, follow the tenet:.

Provide only what is absolutely necessary, and no more!

The actual settings themselves are easy enough to implement, but I suggest you do not add any file extensions that you know the site will not need. Remember that it is possible to cloak nasty software within other file types, so the more variety you allow, the less secure things become.

[ 101 ]

Configuration and Reports We can test all of this out by posting a new blog and trying to upload files. Try a range of files, not just "txt" files to see the results. For example, attempting to upload an image file gives the following result:

However, uploading a new file that does meet the criteria set, meets with success and we can check to ensure that the file is present in the proper sub-directory of the file system, as shown next:

[ 102 ]

As you can see, the site has correctly uploaded the blogtextfile.txt file in the blogtext subdirectory, as specified earlier. The field-based system for file handling in Drupal 7 represents a huge improvement over previous Drupal milestones and as soon as we have covered fields and content types in 6, Advanced Content, you will be able to manage files, file uploads, and access for any content type with ease.

. Performance Every once in a Quick Response Code for Java while, someone makes a site that becomes wildly popular. Having many people visiting all at once can put some serious strain on the server"s resources and cause all sorts of problems as the congestion builds. If you are unsure about what resources are available on your site, check with the hosting service and find out what they provide in the way of disk space, monthly transfer, and transfer speed.

Ensuring that there are facilities in place to handle a large amount of traffic will go some way in ensuring that your site scales well.

[ 103 ]

Configuration and Reports It"s a time-honored tradition in the corporate world to throw extra resources at computing problems buying the latest, fastest servers to help speed up slow applications, upgrading network hardware to allow data to travel more freely, and so on. Invariably though, poorly designed software, or software that is poorly tuned for performance always finds a way to utilize all the resources one can throw at it and still want more. More often than not, it is better to look at why software is chewing up resources and see what can be done to either stop it or at least alleviate the problem, so that the software utilizes its resources wisely.

Drupal already has several strategies in place to help you, the site administrator, decide how and when to use resource-intensive modules and how to maximize the site"s efficiency.

Drupal already has several strategies in place to help you, the site administrator, decide how and when to use resource-intensive modules and how to maximize the site"s efficiency..
