Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Uploading images from url rather than local hard drive
Uploading images from url rather than local hard drive
  • El Forum
    Guest
  •  
#7
04-24-2008, 08:52 AM

[eluser]HdotNET[/eluser]
that's easily got around with a disclaimer.

TBH, I don't know, haven't tried this, but off the top of my head...

- Strip out any dodgy strings like '../' from the url, use xss function and your own

- Ensure that you are dealing with the right file format (.jpg or whatever, duh)

- Do a test via the GD image library or Imagemagick to test for an actual image, both of which would throw an error on attempting to process anything that wasn't an image.

- Retrieve the image into some directory that is not web-accessible for the processing above.

- Once all tests are satisfied use the CI ftp class to move the file into your web accessible image serving directory, with correct, secure permissions.

Never ever ever have a world writable web acessible directory.


Messages In This Thread
Uploading images from url rather than local hard drive - by El Forum - 04-23-2008, 08:41 PM
Uploading images from url rather than local hard drive - by El Forum - 04-23-2008, 10:24 PM
Uploading images from url rather than local hard drive - by El Forum - 04-24-2008, 12:49 AM
Uploading images from url rather than local hard drive - by El Forum - 04-24-2008, 03:26 AM
Uploading images from url rather than local hard drive - by El Forum - 04-24-2008, 08:37 AM
Uploading images from url rather than local hard drive - by El Forum - 04-24-2008, 08:46 AM
Uploading images from url rather than local hard drive - by El Forum - 04-24-2008, 08:52 AM
Uploading images from url rather than local hard drive - by El Forum - 04-24-2008, 08:54 AM
Uploading images from url rather than local hard drive - by El Forum - 04-24-2008, 09:09 AM



Theme © iAndrew 2016 - Forum software by © MyBB