Re: Re: security of uploaded gif files

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: php-general@xxxxxxxxxxxxx
Subject: Re: Re: security of uploaded gif files
From: Gerry Danen <gdanen@xxxxxxxxx>
Date: Mon, 23 Jan 2006 12:08:28 -0700
In-reply-to: <13.B7.06819.55705D34@xxxxxxxxxxxx>
List-help: <mailto:php-general-help@lists.php.net>
List-post: <mailto:php-general@lists.php.net>
List-unsubscribe: <mailto:php-general-unsubscribe@lists.php.net>
References: <4B27CEDF-1C48-4528-AC1D-5E42C0131A20@xxxxxxxxxxxx> <C6.45.06819.52505D34@xxxxxxxxxxxx> <13.B7.06819.55705D34@xxxxxxxxxxxx>

There's a couple of things a person can do.

1. check for .gif extention
2. see if exif_imagetype() returns type IMAGETYPE_GIF
3. see if getimagesize() returns reasonable values and not FALSE
4. check the file content for binary vs text content

Gerry

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Follow-Ups:
- Re: Re: security of uploaded gif files
  - From: Gustavo Narea

References:
- security of uploaded gif files
  - From: jonathan
- Re: security of uploaded gif files
  - From: James Benson
- Re: security of uploaded gif files
  - From: Barry

Prev by Date: Re: Cookie reposted
Next by Date: Re: Cookie reposted
Previous by thread: Re: security of uploaded gif files
Next by thread: Re: Re: security of uploaded gif files
Index(es):
- Date
- Thread

[Index of Archives] [PHP Home] [Apache Users] [PHP on Windows] [Kernel Newbies] [PHP Install] [PHP Classes] [Pear] [Postgresql] [Postgresql PHP] [PHP on Windows] [PHP Database Programming] [PHP SOAP]

Powered by Linux