sorry guys if i'm wrong, but
<?php
header("Content-type: image/png");
$im = imagecreate(10000, 10000)
or die("Cannot Initialize new GD image stream");
$background_color = imagecolorallocate($im, 252, 255, 255);
$text_color = imagecolorallocate($im, 233, 14, 91);
imagestring($im, 1000, 1000, 1000, "My Text", $text_color);
imagepng($im);
imagedestroy($im);
?>
if you have the required gd library, and a user changes the above to
exec(); a command, you might be in trouble, i might be wrong though... but
if you successfully hide the directory and dont tell the user where he
placed the file i think it would be pretty secure
On 1/22/06, Sameer N Ingole <strike@xxxxxxxxxxxxxxx> wrote:
>
> Rory Browne wrote:
>
> >I'd be a bit skeptical about the possibly of embedding PHP code inside
> >a GIF file. Could you outline how he performed the task?
> >
> >On 1/22/06, jonathan <news_php@xxxxxxxxxxxx> wrote:
> >
> >
> >>what is the best way to prevent malicious code from being uploaded
> >>via a .gif file? A friend showed me how php could be embedded within
> >>the .gif file. Does this problem also exist for .jpeg's?
> >>
> >>thanks,
> >>
> >>jon
> >>
> >>
> If it is really possible, I am very much interested in knowing.
> jon, can you show how to do that?
>
> Regards,
>
> --
> Sameer N. Ingole
> Blog: http://weblogic.noroot.org/
> ---
> Better to light one candle than to curse the darkness.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
Hi Everyone, I am running PHP 5 on Windosws XP SP2 with MySQL5, Bye Now!
