PEAK XOOPS - News 
There are too many applications like XOOPS using redirection when error occurred.
They should be relaced into die() without conditions after normal post transactions.
If you write die() intead of redirection in error handling:
- Users can read the error message thoroughly.
- Users can return the previous page immediately.
- You don't have to write codes for redirect.
Though I've released "zip file upload" modules, the library PEAR::Archive_Zip which is used by the modules has two security holes.
(1) Directory Traversal with extracting a zip into the file system
(2) It is easy to create a zip exhausting server's memery with extracting.
Against (1), don't extract a zip into the file system directly.
$reader = new Archive_Zip( (upload_tmp_file) ) ;
$files = $reader->extract( array( 'extract_as_string' => true ) ) ;
You can get extracted bodies as an array of $files. Then, save them into files manually and carefully.
But, there are no clue to solve the problem of (2), in fact.
Thus, you cannot allow anonymous users to upload zip.
When I implement a feature of zip archive into myAlbum-P, it must be a function in admin side.
Since there are no CSRF threat with HTTP-upload, we should care "direct attacks" only.
This is a some kind of rebuttal against a blog named "Vulnerabilities in PHP books"
Sorry, no english contents.
This is a some kind of rebuttal against a blog named "Vulnerabilities in PHP books"
Sorry, no english contents.
This is a some kind of rebuttal against a blog named "Vulnerabilities in PHP books"
Sorry, no english contents.