> I try to learn file uploading in PHP.  I've successfully uploaded a file
> onto my server.  I use move_uploaded_file("tmp_dir/tmp_filename",
> "destination_dir/filename") to move the temp file.   The thing is that I
> have to do a "chmod 777 destination_dir" in order to move the file.  Is
> this bad for security?

Yes, it is.

chown the directory to the user or group that mysql runs under, then it only
needs to be owner or group writable


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to