PEAK XOOPS - Re: Protector protects from a legitimate upload. 
TOP
>
Forum
>
XOOPS Modules
>
Protector
>
Protector protects from a legitimate upload.
>
Re: Protector protects from a legitimate upload.
Re: Protector protects from a legitimate upload.
Re: Protector protects from a legitimate upload.
msg# 1.5
- depth:
- 1
Dave_L
From: Virginia, USA
Posts: 35
From: Virginia, USA
Posts: 35
Here's how I use the XOOPS upload object:
Only allow known safe file extensions. The mimetype is not really checked; XOOPS uses the mimetype only as a way of keeping track of extensions, and for use by the downloader to provide a content-type header.
Store uploaded files in a subdirectory (or subdirectories) that is not accessible by a web browser, either outside the web root or protected by an .htaccess file.
Store the uploaded file using a generated numeric filename (1.doc, 2.pdf, etc.). The original filename is stored in the database for use by the downloader.
Only allow known safe file extensions. The mimetype is not really checked; XOOPS uses the mimetype only as a way of keeping track of extensions, and for use by the downloader to provide a content-type header.
Store uploaded files in a subdirectory (or subdirectories) that is not accessible by a web browser, either outside the web root or protected by an .htaccess file.
Store the uploaded file using a generated numeric filename (1.doc, 2.pdf, etc.). The original filename is stored in the database for use by the downloader.
Votes:1
Average:10.00
Posts tree
-
Protector protects from a legitimate upload.
(vaughan, 2007/8/27 0:46)
-
Re: Protector protects from a legitimate upload.
(GIJOE, 2007/8/28 12:35)
-
Re: Protector protects from a legitimate upload.
(vaughan, 2007/8/29 3:48)
-
Re: Protector protects from a legitimate upload.
(GIJOE, 2007/8/29 5:51)
-
-
Re: Protector protects from a legitimate upload.
(Dave_L, 2007/8/29 4:30)
-
Re: Protector protects from a legitimate upload.
(GIJOE, 2007/8/29 5:32)
-
Re: Protector protects from a legitimate upload.
(vaughan, 2007/8/29 8:44)
-
Re: Protector protects from a legitimate upload.
(GIJOE, 2007/8/31 4:30)
-
-
-
Re: Protector protects from a legitimate upload.
(suico, 2007/9/1 4:15)
-
Re: Protector protects from a legitimate upload.
(Dave_L, 2007/9/4 17:59)
-
Re: Protector protects from a legitimate upload.
(GIJOE, 2007/9/5 12:34)
-
-
Re: Protector protects from a legitimate upload.
(suico, 2007/9/4 20:11)
-
Re: Protector protects from a legitimate upload.
(suico, 2007/9/6 2:44)
-
Re: Protector protects from a legitimate upload.
(GIJOE, 2007/9/6 4:03)
-
-
Re: Protector protects from a legitimate upload.
(vaughan, 2007/9/21 3:41)
-
Re: Protector protects from a legitimate upload.
(GIJOE, 2007/9/22 17:34)
-
-
Re: Protector protects from a legitimate upload.
(vaughan, 2007/9/28 1:38)
-
Re: Protector protects from a legitimate upload.
(GIJOE, 2007/9/28 3:09)
-
-
Login