php-general Digest 16 Aug 2010 03:57:31 - Issue 6895
Topics (messages 307482 through 307485):
Re: Need to check pdf for xss
307482 by: Ashley Sheridan
login to protected directory by php
307483 by: Ali Asghar Toraby Parizy
307484 by: Ashley Sheridan
307485
On 15 August 2010 06:14, Paul M Foster pa...@quillandmouse.com wrote:
On Sat, Aug 14, 2010 at 10:36:07PM +0200, Sebastian Ewert wrote:
Hi,
before I allow to upload images I read them and check for several html
tags. If they exist I don't allow the upload. Is their any need to check
pdf
On Sun, 2010-08-15 at 08:43 +0200, Peter Lind wrote:
On 15 August 2010 06:14, Paul M Foster pa...@quillandmouse.com wrote:
On Sat, Aug 14, 2010 at 10:36:07PM +0200, Sebastian Ewert wrote:
Hi,
before I allow to upload images I read them and check for several html
tags. If they exist I
OK THX to everyone. I will check the images with imagick and let the
pdfs in adobes responsibility. One worry less.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
On Sun, 2010-08-15 at 11:51 +0200, Sebastian wrote:
OK THX to everyone. I will check the images with imagick and let the
pdfs in adobes responsibility. One worry less.
Also, if you're really worried, try suggesting people use an alternative
pdf reader. There are quite a few to choose from,
all files (web pages, pictures, and exe files) and folders in a directory
should be protected against anonymous users.
I create an application with php and mysql for registered users. when a user
registers it's information will be saved in database and its username and
password will be added to
On Sun, 2010-08-15 at 22:15 +0430, Ali Asghar Toraby Parizy wrote:
all files (web pages, pictures, and exe files) and folders in a directory
should be protected against anonymous users.
I create an application with php and mysql for registered users. when a user
registers it's information
i would configure apache to let php interpreter handle all kinds of
extensions ( http://httpd.apache.org/docs/2.0/mod/mod_mime.html#addhandler
)
even then u'll have go through all the steps pointed out by Ash.
the only advantage of this method is more user friendly URL
--
PHP General Mailing
8 matches
Mail list logo