Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
I am using imagecreate, imagejpeg to load and display images. The images are uploaded by users and stored in a directory not visible form outside. I turned off scripts in this folder using htaccess. If the images were to have code embedded in them could it be executed? Are there any other checks you can do on an image to make sure it dosent have code in it or at least cannot be executed?
This is a scary concept!
Thanks