Reply to Re: Security solution needed for file uploader code

Your name:

Reply:


Posted by Rik on 10/10/91 11:45

Kerry wrote:
> Hi,
>
> I use the simple PHP script below with an html file for my visitors to
> upload files.
>
> I'd like to make it more secure by either allowing or denying certain
> files. I've tried adding more code but I can't get anything to work.
>
> I'm not an expert, but know it's probably only a couple of simple
> lines of code that will do the trick.
>
> TIA to anyone that can offer a solution.

Note: extensions/header/content-types can be faked, but still worth checking
most of the time.

As far as is can see you're uploading images. A pretty reliable method te
check if a file is an image is using getimagesize() on the file, and
checking the values. Offcourse that's not the purpose of the function, but
does the trick, and as a bonus filters out broken/partial images most of the
time.

Grtz,
--
Rik Wasmus

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация