I want to give my users the ability to submit a URL to a database, then when they pull up their page, their photo is included .. what I'm worried about is them pointing the link to some malicious code or something..
Obviously I can validate the file extension (.gif or .jpg) .. and I'm going to force the files to be stored offsite - they dont get to upload anything to the server. I'm just a bit paranoid about this, so I'm hoping someone more security-minded can tell me what to watch out for, what to check, if I'm missing anything.. Thanks, Chad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php