Page 2 of 2
Re: Unwanted java script file in php codes.
Posted: Wed Sep 15, 2010 3:35 am
by matkt
Hey,
Happy news,
I deleted all the "malicious code" Or I think I deleted all of them (now the site runs clean). Now I need some help in safeguarding the codes. and with your expert advice, I have planned to
1. Checksum method
2. make the user input files a bit more stronger
for which Ill need your help.
Is this enough to make my site secure? What are your suggestions?
and BTW, thanx very much for all your previous help every one.

Re: Unwanted java script file in php codes.
Posted: Thu Sep 16, 2010 12:22 pm
by McInfo
matkt wrote:Now I need some help in safeguarding the codes.
If you want specific help, you will have to post your code here so we can see it.
In general, to secure upload scripts, the two main objectives are to confirm that the uploaded file meets certain requirements and to store the file where it cannot be accessed directly by a browser. The requirements are dependent on the type of file being uploaded. You make the files inaccessible by placing them either outside the document root or in a folder protected by a .htaccess file (or other configuration mechanism).
For the checksum idea, your first task is to collect checksums for all the files on your site and store them in a database of some kind. Then write a script to check files on your site against the stored checksums. The first file the script should check is itself.
matkt wrote:Is this enough to make my site secure?
Time will tell.
Re: Unwanted java script file in php codes.
Posted: Mon Oct 04, 2010 11:44 am
by matkt
Hey guys,
im back after a few days of holidays.
Thank you very much for your support in the previous days.
I am trying to code a php file so that it uses the
sha_file hash creation.
I have started by first creating a php file called
hash_check.php along with a text file calle
hash_check_list.txt.
here is the initial codin I started.
Code: Select all
<?php
//Create new file called hash_code_list.txt in folder
$file_name = "hash_code_list.txt";
//set the file handle and set the file to write mode.
//output error message if file not found.
$file_handle = fopen($file_name, 'w') or die("can't open file");
//close the open file
fclose($file_handle);
?>
.
can you guys please help me to complete this code?
Many thanks,
M