On Mon, 2006-04-17 at 22:40 -0700, tantravahi srinivas sunilkumar wrote:
> u need to give chmod(file directory,777)
>
> redards,
> sunil.
>
I'm not going to chmod a users html directory to 777! Then anyone could
write to it!
> Michael Sullivan <[EMAIL PROTECTED]> wrote:
> One of my users at espersunited.com cannot upload new content to his
> webspace because the new router his father has installed for their
> home
> network automatically blocks FTP transactions of any kind (for
> security
> purposes). They do not know how to turn off this feature. I am
> seeking
> other ways for this user to upload new content to his webspace. I am
> considering the following PHP script:
>
> form.html:
>
> <!-- The data encoding type, enctype, MUST be specified as below -->
> <form enctype="multipart/form-data" action="upload.php" method="POST">
> <!-- MAX_FILE_SIZE must precede the file input field -->
> <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
> <!-- Name of input element determines name in $_FILES array -->
> Send this file: <input name="userfile" type="file" />
> <input type="submit" value="Send File" />
> </form>
>
> upload.php:
>
> <?php
> // In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be
> used instead
> // of $_FILES.
>
> $uploaddir = '/home/michael/webspace/html'; //For testing. Actual
> value will be determined dynamically
>
> $uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
>
> echo '<pre>';
> if (move_uploaded_file($_FILES['userfile']['tmp_name'],
> $uploadfile))
> {
> echo "File is valid, and was successfully uploaded.\n";
> }
> else
> {
> echo "Possible file upload attack!\n";
> }
> ?>
>
> However, I'm running into a permissions problem. I was considering
> creating a temporary uploads directory, authenticating the user, and
> then copying the file in the temp uploads directory to the users
> directory tree, but I'm afraid that approach would be too vulnerable
> to
> DoS attacks. Does anyone have any advice for me on this? I was going
> to authenticate the user through the my FTP server anyway. Any ideas,
> anyone?
>
>
>
>
>
> Community email addresses:
> Post message: [email protected]
> Subscribe: [EMAIL PROTECTED]
> Unsubscribe: [EMAIL PROTECTED]
> List owner: [EMAIL PROTECTED]
>
> Shortcut URL to this page:
> http://groups.yahoo.com/group/php-list
>
>
>
> ---------------------------------
> YAHOO! GROUPS LINKS
>
>
> Visit your group "php-list" on the web.
>
> To unsubscribe from this group, send an email to:
> [EMAIL PROTECTED]
>
> Your use of Yahoo! Groups is subject to the Yahoo! Terms of
> Service.
>
>
> ---------------------------------
>
>
>
>
>
> ---------------------------------
> Love cheap thrills? Enjoy PC-to-Phone calls to 30+ countries for just
> 2ยข/min with Yahoo! Messenger with Voice.
>
> [Non-text portions of this message have been removed]
>
>
>
> Community email addresses:
> Post message: [email protected]
> Subscribe: [EMAIL PROTECTED]
> Unsubscribe: [EMAIL PROTECTED]
> List owner: [EMAIL PROTECTED]
>
> Shortcut URL to this page:
> http://groups.yahoo.com/group/php-list
>
>
>
> SPONSORED LINKS
> Php mysql
> Job postings
>
>
> ______________________________________________________________________
> YAHOO! GROUPS LINKS
>
> 1. Visit your group "php-list" on the web.
>
> 2. To unsubscribe from this group, send an email to:
> [EMAIL PROTECTED]
>
> 3. Your use of Yahoo! Groups is subject to the Yahoo! Terms of
> Service.
>
>
> ______________________________________________________________________
>
Community email addresses:
Post message: [email protected]
Subscribe: [EMAIL PROTECTED]
Unsubscribe: [EMAIL PROTECTED]
List owner: [EMAIL PROTECTED]
Shortcut URL to this page:
http://groups.yahoo.com/group/php-list
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/php-list/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/