abcphp.com

Discover the best of PHP

Tutorials »

1

Vote

Secure File Upload in PHP Web Applications | INSIC 2.0 Web Development & Design Blog

Various web applications allow users to upload files. Web forums let users upload avatars. Photo galleries let users upload pictures. Social networking web sites may allow uploading pictures, videos, etc.
Providing file upload function without opening security holes proved to be quite a challenge in PHP web applications. The applications we have tested suffered from a variety of security problems, ranging from arbitrary file disclosure to remote arbitrary code execution. In this article I am going to point out various security holes occurring in file upload implementations and suggest a way to implement a secure file upload.

Posted by markp 1498 days ago (http://blog.insicdesigns.com)
Discuss | | Bury | Tweet This | Tagged: upload Add To

Read the full article

Who Voted for this Story

markp

Recently Published

6 votes | Final Part - Customizing AWS Elastic Beanstalk
6 votes | very simple code for hide and show in css3
4 votes | Websockets with php – tutorial on basics
11 votes | Herzult/SimplePHPEasyPlus · GitHub
11 votes | LiveRebel 2.6 Sneak Peek: Automated Deployments Go Polyglot

Most Comments

7 comments | OpenCart CSRF Vulnerability « Ben Maynard's blog
2 comments | XMLHttpRequest and AJAX for PHP programmers
2 comments | Run PHP on the Google App Engine
2 comments | Speeding up your PHP scripts
1 comments | 5 Tools Every PHP Developer Should Master | Postcards From My Life

Most Votes

24 votes | CONFIRMED: Facebook Gets Faster, Debuts Homegrown PHP Compiler
21 votes | How To: Installing LAMP On Ubuntu For Newbies
21 votes | MINIMIZE HTTP REQUESTS – BEST PRACTICE
20 votes | php|tek 2009
20 votes | PHP 5.2.9 Released!