Re: Mail Attachment Security — PHP Programming Language

You are here: Re: Mail Attachment Security « PHP Programming Language « IT news, forums, messages

Posted by Gordon Burditt on 01/31/07 00:31

>I have created a script which attaches form uploaded files to an
>email. What security is suggested to prevent attachments which may
>contain viruses, etc. from being uploaded?

If the uploaded file is coming from an untrusted source, don't trust
it. It's probably SPAM. The worst stuff is just straight text
files that contain stuff that infects human minds (like MAKE MONEY
FAST chain letters).

>I am running finfo_file()
>to determine the mime-types of the files being uploaded, so it should
>easy to exclude certain types of files based on this, or the file's
>extension.

Not nearly enough. MIME types and file names can be arbitrarly set to
misrepresent the contents.

Navigation:

Next in forum: Re: Dumping an array to a web page
Prev in forum: Re: PHP 4.4.4 vs Perl 5.8.7 for Object Oriented server code
Thread view: Re: Mail Attachment Security

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация