Search found 9 matches

by volito
Tue Mar 07, 2006 5:04 pm
Forum: PHP - Security
Topic: Upload script question? uploaded PHP script with png ext.
Replies: 14
Views: 5379

yes! I enabled password protection on script as this person already uploaded anther script. Now I am checking what this person actually did. As all my programs are broadcasting to IP 239.255.255.255. on port 1900 using UDP.

running all test as I type this reply :(
by volito
Tue Mar 07, 2006 12:11 am
Forum: PHP - Security
Topic: Upload script question? uploaded PHP script with png ext.
Replies: 14
Views: 5379

Uploaded another one and it was license of one of my scripts. Guess this person is bored ! Found these flaws: url to view a file: /index.php?act=view&file=d2VlLnBocC50eHQ= url to delete the same file: /index.php?act=del&file=d2VlLnBocC50eHQ= http://diswww.mit.edu/menelaus.mit.edu/bt/39137 he...
by volito
Mon Mar 06, 2006 10:31 am
Forum: PHP - Security
Topic: Upload script question? uploaded PHP script with png ext.
Replies: 14
Views: 5379

OK that's the free script I am using? " copyrighted so hope it's OK to post it" And yes it is a upload form that puts pictures in a directory and visitors can view. Are you sure it was uploaded via the website? It wouldn't be much use by itself over HTTP unless your web server is really in...
by volito
Mon Mar 06, 2006 10:20 am
Forum: PHP - Security
Topic: Upload script question? uploaded PHP script with png ext.
Replies: 14
Views: 5379

PHP

?> <? if (@phpversion() < '4.1.0') { $_FILE = $HTTP_POST_FILES; $_GET = $HTTP_GET_VARS; $_POST = $HTTP_POST_VARS; } clearstatcache(); error_reporting(E_ALL & ~E_NOTICE); $fum_vers = "1.3"; # do not edit this line, the script will not work!!! $fum_info_full = "File Upload Manager ...
by volito
Mon Mar 06, 2006 10:06 am
Forum: PHP - Security
Topic: Upload script question? uploaded PHP script with png ext.
Replies: 14
Views: 5379

Thanks for your time. Would that be possible to add to current code or should I just post code I am using so all can see. Maybe there is something missing from my code that was over looked by the original writer. If yes did you post PHP using quote function on boards? Sorry new here edited; I just l...
by volito
Mon Mar 06, 2006 9:32 am
Forum: PHP - Security
Topic: Upload script question? uploaded PHP script with png ext.
Replies: 14
Views: 5379

You might want to add some checks in there to ensure the uploads are really images. Please explain or give example? "You mean add to script to double check if it is a image that is being uploaded. Obviously script is allowing anything as long as the ext. is png" Should I just delete from ...
by volito
Mon Mar 06, 2006 7:13 am
Forum: PHP - Security
Topic: Upload script question? uploaded PHP script with png ext.
Replies: 14
Views: 5379

Upload script question? uploaded PHP script with png ext.

OK here is a strange one ! Someone uploaded a PHP script with a png ext.. "Written and saved as a png file". Here is a link to png file. I left it on server for now till I figure out if it is a functional script or someone trying to tell me something . "I have a PHP script that allows...
by volito
Thu Dec 08, 2005 5:56 am
Forum: PHP - Code
Topic: upload form
Replies: 2
Views: 298

OK sounds logical . What I am trying to do is actually add a comments section to my multi upload form. To be honest I am new to PHP and get my scripts from online sources "free or purchased" I use this form for only select few to upload pics and highlights of a game. Any ideas will be grea...
by volito
Wed Dec 07, 2005 9:52 pm
Forum: PHP - Code
Topic: upload form
Replies: 2
Views: 298

upload form

$upload->set_acceptable_types('image'); // comma separated string, or array



How do I get this to also except plain text file. Using an upload form for images and would like to let users upload small text file.