php-general Digest 24 Sep 2013 10:38:18 -0000 Issue 8375

2013-09-24 Thread php-general-digest-help
php-general Digest 24 Sep 2013 10:38:18 - Issue 8375 Topics (messages 322160 through 322170): Re: No MIME-Type in imap_fetch_overview() 322160 by: Negin Nickparsa 322161 by: Negin Nickparsa 322166 by: Aziz Saleh 322168 by: Domain nikha.org 322169 by:

php-general Digest 24 Sep 2013 22:58:33 -0000 Issue 8376

2013-09-24 Thread php-general-digest-help
php-general Digest 24 Sep 2013 22:58:33 - Issue 8376 Topics (messages 322171 through 322175): Re: Apache 322171 by: Domain nikha.org 322172 by: Domain nikha.org 322173 by: Ashley Sheridan 322174 by: Domain nikha.org 322175 by: Ashley Sheridan

RE: [PHP] Apache

2013-09-24 Thread Arno Kuhl
On 23 Sep 2013, at 11:37, Domain nikha.org m...@nikha.org wrote: Tamara Temple am Montag, 23. September 2013 - 06:49: GoDaddy's default plesk-generated configuration for FastCGI-served PHP files only looked to see if the file contained .php somewhere on it's path - i.e. it would happily

Re: [PHP] Apache

2013-09-24 Thread Domain nikha . org
Ashley Sheridan am Montag, 23. September 2013 - 21:35: No, no, no! That is not a good stand-in for fundamental security principles! This is a better method for ensuring an image is really an image: ?php if(isset($_FILES['file'])) { list($width, $height) =

Re: [PHP] Apache

2013-09-24 Thread Domain nikha . org
Tamara Temple am Montag, 23. September 2013 - 22:38: On Sep 23, 2013, at 1:36 PM, Domain nikha.org m...@nikha.org wrote: Better solutions? One I have used, and continue to use in Apache environments, is place uploads only in a place where they cannot be executed by turning off such

Re: [PHP] Apache

2013-09-24 Thread Ashley Sheridan
Domain nikha.org m...@nikha.org wrote: Ashley Sheridan am Montag, 23. September 2013 - 21:35: No, no, no! That is not a good stand-in for fundamental security principles! This is a better method for ensuring an image is really an image: ?php if(isset($_FILES['file'])) {

Re: [PHP] Apache

2013-09-24 Thread Domain nikha . org
Ashley Sheridan am Dienstag, 24. September 2013 - 18:22: In an earlier email I detailed some methods for validating other types, such as DomDocument for HTML, XML, svg, etc, or fpdf for PDF. Fine, gratulations! And on behalf images: GD you are using handles only jpeg, gif and png. There

Re: [PHP] Apache

2013-09-24 Thread Ashley Sheridan
Domain nikha.org m...@nikha.org wrote: Ashley Sheridan am Dienstag, 24. September 2013 - 18:22: In an earlier email I detailed some methods for validating other types, such as DomDocument for HTML, XML, svg, etc, or fpdf for PDF. Fine, gratulations! And on behalf images: GD you are using