ernie Posted September 24, 2010 Share Posted September 24, 2010 Hello, I am currently writing a modest file upload script to automate the making of picture galleries. I plan on uploading a .zip file and then unpack that it in a folder I specify. My questions: 1. I've done some reading on the net, unpacking the .zip file should go with shell_exec function right? But is this not a security risk, just having shell_exec turned on on your server? 2. I cannot chmod the folder I want to put the files in to 777, which is needed for the script to work. I assume this is because the user php is running under does not have enough permissions. Anybody got an idea how to solve this? Create a new user with more privileges and run php under that one? Another piece of coding instead of the ftp_chmod and chmod functions? 3. Is there anyone here who has a similar script running and willing to explain how he/she made it secure? Any help is greatly appreciated. Link to comment https://forums.phpfreaks.com/topic/214292-security-issues-with-upload-script/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.