Security risks of uploading images with php

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Security risks of uploading images with php

Postby insomn3ak » 27. October 2004 08:12

Part of my clients backend mainanance for his site involves uploading images to his server. This function works fine on my testing server, but I get this error whenever I try it on the live site:

Target Dir: /home/nspace/public_html/images/
/home/nspace/public_html/images/ is not writable!
Cant copy /tmp/php2Lr2hf to /home/nspace/public_html/images/25_1.jpg

I assume that I need to make the images folder writable on the live server, but my question is...are there any security risks in doing that? If so, how do I make it so that only he can access the images folder from his backend website?

Thanks for any help anyone can give.
insomn3ak
 
Posts: 13
Joined: 15. October 2004 09:05

Postby JonathanS » 01. November 2004 20:42

I'd say a basic bit of PHP to check the file extention,
making sure only certain ones are allowed through.

If you do that, I wouldn't think it'd be a security risk.
I may be wrong of course.
JonathanS
 
Posts: 31
Joined: 31. October 2004 02:36


Return to XAMPP for Windows

Who is online

Users browsing this forum: debchat1955 and 30 guests