php-general Digest 16 Aug 2010 03:57:31 -0000 Issue 6895

php-general Digest 16 Aug 2010 03:57:31 - Issue 6895 Topics (messages 307482 through 307485): Re: Need to check pdf for xss 307482 by: Ashley Sheridan login to protected directory by php 307483 by: Ali Asghar Toraby Parizy 307484 by: Ashley Sheridan 307485

Re: [PHP] Need to check pdf for xss

On 15 August 2010 06:14, Paul M Foster pa...@quillandmouse.com wrote: On Sat, Aug 14, 2010 at 10:36:07PM +0200, Sebastian Ewert wrote: Hi, before I allow to upload images I read them and check for several html tags. If they exist I don't allow the upload. Is their any need to check pdf

Re: [PHP] Need to check pdf for xss

On Sun, 2010-08-15 at 08:43 +0200, Peter Lind wrote: On 15 August 2010 06:14, Paul M Foster pa...@quillandmouse.com wrote: On Sat, Aug 14, 2010 at 10:36:07PM +0200, Sebastian Ewert wrote: Hi, before I allow to upload images I read them and check for several html tags. If they exist I

Re: [PHP] Need to check pdf for xss

OK THX to everyone. I will check the images with imagick and let the pdfs in adobes responsibility. One worry less. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Need to check pdf for xss

On Sun, 2010-08-15 at 11:51 +0200, Sebastian wrote: OK THX to everyone. I will check the images with imagick and let the pdfs in adobes responsibility. One worry less. Also, if you're really worried, try suggesting people use an alternative pdf reader. There are quite a few to choose from,

[PHP] login to protected directory by php

all files (web pages, pictures, and exe files) and folders in a directory should be protected against anonymous users. I create an application with php and mysql for registered users. when a user registers it's information will be saved in database and its username and password will be added to

Re: [PHP] login to protected directory by php

On Sun, 2010-08-15 at 22:15 +0430, Ali Asghar Toraby Parizy wrote: all files (web pages, pictures, and exe files) and folders in a directory should be protected against anonymous users. I create an application with php and mysql for registered users. when a user registers it's information

Re: [PHP] login to protected directory by php

i would configure apache to let php interpreter handle all kinds of extensions ( http://httpd.apache.org/docs/2.0/mod/mod_mime.html#addhandler ) even then u'll have go through all the steps pointed out by Ash. the only advantage of this method is more user friendly URL -- PHP General Mailing