• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Validation file input and text input

#3
[eluser]boltsabre[/eluser]
Sorry, a little off topic from your actual question, this isn't in regards to your actual code, but just a warning about file uploads in general.

If you didn't already know, they are VERY risky, and if not done correctly can leave some MASSIVE security holes in your application/website.

Make sure you do a google on "php file upload security", there are such things as redrawing images (highly suggested), the set up of you .htaccess file/s and folder structures, creating new random file names, handling code that's been inserted in image meta tags, handling the double extension hack (ie, myimage.php.jpg) and many other things.

It's a lot of extra work, but you'll be sorry you didn't if someone deletes your entire website from the server (very easy and possible to do), steals your usernames and passwords, or something else malicious.


Messages In This Thread
Validation file input and text input - by El Forum - 07-09-2012, 11:17 AM
Validation file input and text input - by El Forum - 07-10-2012, 01:23 AM
Validation file input and text input - by El Forum - 07-10-2012, 02:11 AM
Validation file input and text input - by El Forum - 07-10-2012, 12:03 PM
Validation file input and text input - by El Forum - 07-10-2012, 12:22 PM
Validation file input and text input - by El Forum - 07-11-2012, 01:44 AM
Validation file input and text input - by El Forum - 07-11-2012, 11:05 AM
Validation file input and text input - by El Forum - 07-11-2012, 02:29 PM
Validation file input and text input - by El Forum - 07-11-2012, 02:53 PM
Validation file input and text input - by El Forum - 07-11-2012, 02:58 PM
Validation file input and text input - by El Forum - 07-12-2012, 01:50 AM
Validation file input and text input - by El Forum - 07-12-2012, 02:17 AM
Validation file input and text input - by El Forum - 07-13-2012, 10:48 AM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.