Uploading Script

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

Post Reply
loophole
Forum Newbie
Posts: 1
Joined: Sat Sep 10, 2011 6:29 am

Uploading Script

Post by loophole »

I have a charity website where people can upload files

I need to disable people from uploading 'php' files because a simple hacker did this to my site and it was shut down

I am not a good php developer and I used this open source code

Please could anyone help update this function with a barr on php files?

Much appreciated

Alex Newbound (a.k.a. Loop Hole)

if($allowuploads && $_FILES['file']) {
$upload = true;
if(!$overwrite) {
if(file_exists($leadon.$_FILES['file']['name'])) {
$upload = false;
}
}

if($upload) {
move_uploaded_file($_FILES['file']['tmp_name'], $leadon . $_FILES['file']['name']);
}
}
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: Uploading Script

Post by social_experiment »

File uploads
Have a look at these url's for more insight into file uploading security
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
Post Reply