|
|
Posted by FFMG on 07/25/07 07:33
Sanders Kaufman;83072 Wrote:
> FFMG wrote:
> > Hi,
> >
> > My users can upload images in a folder on my system.
> > What minimum attribute should I give the created, (@fopen($new_file,
> > 'wb');), files and folder?
> >
> > I limit the extension of files, (images), but I want to prevent them
> > from executing any code on the server.
> >
> > What attributes would you suggest?
>
>
> Just a note about this.
> I found out a few years ago that you also should strip header
> information out of GIF images. You can put PHP code in there, and it
> executed when the gif is displayed.
>
> Freaky.
More the reason why I should prevent the 'image' from executing.
So what attributes should I set then?
FFMG
--
'webmaster forum' (http://www.httppoint.com) | 'webmaster Directory'
(http://www.webhostshunter.com/) | 'Recreation Vehicle insurance'
(http://www.insurance-owl.com/other/car_rec.php)
'Free URL redirection service' (http://urlkick.com/)
------------------------------------------------------------------------
FFMG's Profile: http://www.httppoint.com/member.php?userid=580
View this thread: http://www.httppoint.com/showthread.php?t=18736
Message Posted via the webmaster forum http://www.httppoint.com, (Ad revenue sharing).
Navigation:
[Reply to this message]
|