[SOLVED] Protecting a world writtable folder

[rxbanditboy1112]

So I create a photo uploading system and had to make the destination folder world writtable folder. How do I prevent people from uploading their own files to this folder?

[ToonMariner]

don't have it as world wrotable - try using chmod to alter the folder permissions on script start and change back at the end

 

[per1os]

The only real issue would lie within a shared hosting server. A potential security breach could allow someone to upload to that.

 

If you are not on a shared host than you should not be too concerned. If you are, well it is tough to secure it when someone could potentially get into your account. Just hope that your host has taken measures to secure other hosted sites from accessing your folders.

 

One way to do it, is if www.php.net/chmod works on your system you can chmod the folder each time you write to it and than chmod it back when you are finished.

[rxbanditboy1112]

Ooo I see.

Yea the reason i became concerned was that when i checked the folder, all of a sudden I saw that someone had posted an index.html page there that said "Hack by" some turkish person. Its not really hacking.... Although i guess it falls under security. I just replaced the index.php file; however, the chmod function sounds cool. I didn't know they had that haha.

Thanks!