rxbanditboy1112 Posted May 8, 2007 Share Posted May 8, 2007 So I create a photo uploading system and had to make the destination folder world writtable folder. How do I prevent people from uploading their own files to this folder? Quote Link to comment Share on other sites More sharing options...
ToonMariner Posted May 8, 2007 Share Posted May 8, 2007 don't have it as world wrotable - try using chmod to alter the folder permissions on script start and change back at the end Quote Link to comment Share on other sites More sharing options...
per1os Posted May 8, 2007 Share Posted May 8, 2007 The only real issue would lie within a shared hosting server. A potential security breach could allow someone to upload to that. If you are not on a shared host than you should not be too concerned. If you are, well it is tough to secure it when someone could potentially get into your account. Just hope that your host has taken measures to secure other hosted sites from accessing your folders. One way to do it, is if www.php.net/chmod works on your system you can chmod the folder each time you write to it and than chmod it back when you are finished. Quote Link to comment Share on other sites More sharing options...
rxbanditboy1112 Posted May 8, 2007 Author Share Posted May 8, 2007 Ooo I see. Yea the reason i became concerned was that when i checked the folder, all of a sudden I saw that someone had posted an index.html page there that said "Hack by" some turkish person. Its not really hacking.... Although i guess it falls under security. I just replaced the index.php file; however, the chmod function sounds cool. I didn't know they had that haha. Thanks! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.