Upload Script - File Type Filter - HELP!!!!!!(2 pages)

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

JustinMs66, I'm not withholding information to <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> you off here. If I knew an answer I'd tell you.
Fact is I don't know a simple solution to what you want to achieve here.

If you wanted to prevent JavaScript from hitting your server you would have to write a something to read text files and test if it was valid JavaScript and it would have to be bloody comprehensive as wel otherwise there would be loop holes.

I'm pretty sure you can't just check the mime type of input files because that is provided by the client (Others: am I right on this?). And anyway even if that is server side I'm sure there are plenty of ways of fooling it.
and yes, i'm sorry for being rude, but my website was hacked a couple days ago...everything deleted.
How did they manage that? Until you know the answer to that question you are really wasting your time here.
User avatar
JustinMs66
Forum Contributor
Posts: 127
Joined: Sun Sep 03, 2006 4:18 pm

Post by JustinMs66 »

OMFG JESUS CHRIST. I KNOW HOW THEY F**KING MANANGED IT. they F*CKING uploaded a F*CKING php script that backdoored them into my password hashes, OK!????? THAT IS WHY I NEED TO BLOCK THIS SH*T!!!!!!!!!!!. NOW CAN U PLEASE TELL ME HOW!?????????????????????????????????????????????
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Congratulations, you've successfully asked us to lock your thread.

Image
Locked