> > Yeah, definatley reason to explore the possibilities... But this is > > really my own stupid fault it got there in the first place... I had an > > image upload form and I didn't tell it only to accept image/jpeg or > > image/gif >
i see this happen quite a lot, both in these lists, and the security focus ones. is there not something that can be set from a default install on the php.ini ? make it that by default php only accepts images / zip files / documents ? it seems to give PHP a reputation for being very easy to compromise. sorry, this probably should be a new post, but this is kinda following on, so please forgive me :) -skate- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php