ernie Posted September 24, 2010 Share Posted September 24, 2010 Hello, I am currently writing a modest file upload script to automate the making of picture galleries. I plan on uploading a .zip file and then unpack that it in a folder I specify. My questions: 1. I've done some reading on the net, unpacking the .zip file should go with shell_exec function right? But is this not a security risk, just having shell_exec turned on on your server? 2. I cannot chmod the folder I want to put the files in to 777, which is needed for the script to work. I assume this is because the user php is running under does not have enough permissions. Anybody got an idea how to solve this? Create a new user with more privileges and run php under that one? Another piece of coding instead of the ftp_chmod and chmod functions? 3. Is there anyone here who has a similar script running and willing to explain how he/she made it secure? Any help is greatly appreciated. Quote Link to comment https://forums.phpfreaks.com/topic/214292-security-issues-with-upload-script/ Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.