home hardware prices news articles forums photos user reviews
Go Back   Tech Support Forums - TechIMO.com > PC Hardware and Tech > Webmastering and Programming
Help securing my site Help securing my site
Ask a Tech Support Question (free)!

Help securing my site

Reply
Get bargains at  »  Dealighted.com
 
Thread Tools Search this Thread
Currently Active Users: 2873
Discussions: 200,967, Posts: 2,379,661, Members: 246,333
Old March 15th, 2007, 09:40 PM   Digg it!   #1 (permalink)
Junior Member
 
Join Date: Mar 2007
Posts: 1
Help securing my site
Ok, so I recently implemented an image upload script for people to have an avatar. It's very simplistic and probably full of holes. Could someone show me how to secure it? A proof of concept exploit of the code would be nice too as I like to know what the security is protecting me against. I don't like coding things that I have no idea how they work.

Code:
if ($Submit) {

$imageinfo = getimagesize($_FILES['imagefile']['tmp_name']);
$imgsz = 250;
if ($_FILES['imagefile']['size']/1024 > $imgsz) {

echo "Error: The maximum filesize is 250kb. Your image was ".round($_FILES['imagefile']['size']/1024,2)."kb.";

}elseif ($imageinfo[2] != 1 && $imageinfo[2] != 2 && $imageinfo[2] != 3) {

echo "Error: The filetype must be JPG, GIF or PNG.";

}else{
...
}
toin7 is offline   Reply With Quote
Old March 15th, 2007, 11:07 PM     #2 (permalink)
Banned
 
Iturea's Avatar
 
Join Date: Jan 2004
Location: Earth
Posts: 420
Exclamation
I don't know php at all but as long as $imageinfo[2] != 1 is checking the extention your fine. If its checking the mime type then its no good.
Iturea is offline   Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Securing computer? Rayz Security and Privacy Issues 1 January 20th, 2007 01:14 PM
Securing my network eminem_rh25 General Tech Discussion 3 December 19th, 2006 07:28 AM
Securing C drive lkatz Applications and Operating Systems 0 November 4th, 2003 06:46 PM
Securing my Computer Terminal23 General Tech Discussion 19 November 22nd, 2002 10:14 AM
Securing Windows fosin Applications and Operating Systems 2 April 18th, 2002 02:40 PM


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Most Active Discussions
Is It Just Me? (3022)
Forty-six years ago today (11)
The disrespect of Obama by Russian .. (46)
Laptop with wireless problem. (12)
Wireless Televisions. (12)
CPU fan stops spinning randomly (11)
Regular Build (11)
Internet Lost (5)
windows 7 problem (7)
windows vista security holes (15)
Point and Shoot Camera Suggestions. (6)
Is the PSU I received dead? (13)
radeon x850xt platinum & shader.. (6)
HIS HD5770 graphic card question (15)
Recent Discussions
Delete an OS (8)
help me pls laptop just stopped worki.. (0)
Open With ..... Win7 (3)
windows vista security holes (15)
Help getting around port 80 for camer.. (4)
Laptop with wireless problem. (12)
Internet Lost (5)
Skillsoft Network+ Study Software Que.. (9)
virus blocking exe. files (1)
Point and Shoot Camera Suggestions. (6)
CPU fan stops spinning randomly (11)
Nvidia GTX 260 problem (1)
Modern Warfare 2: Who Bought It? (65)
Is the PSU I received dead? (13)
Print spooler problem (16)
Kingston Bluetooth Dongle Driver (1)
Multiple Restarts Required at Boot (3)
webcam (0)
upgrade for hp a6101 (0)
tv not turn on-makes clicking sound (2)
EVGA 9800 gtx help with finding a goo.. (11)
Regular Build (11)
Help with onclick and buttons (0)
Virus advise (8)
My monitor won't turn on after instal.. (1)


All times are GMT -4. The time now is 03:56 PM.
TechIMO Copyright 2009 All Enthusiast, Inc.

Contact Us - Tech Support Forums - TechIMO.com - Archive - Privacy Statement - Terms of Use -
Coupons and Deals and Dealighted - Store Ratings, Avoid Scam Businesses - Geek News - Tech News for the Geek In You- Web Business Blog - Top


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28