http://www.hardened-php.net/advisory_202005.79.html check this out On 4/6/06, Wolf <LoneWolf@xxxxxxxxx> wrote: > I woke up on thanksgiving morning to find my server hacked through a > hole left by a file upload area of my site. I restored the backup and > placed a few blocks in place on the server, so they can get in, but they > can't get out.... ;) > > What I am interested in finding out is what the best way is to make sure > that I can rework the upload area to allow upload and download from it > while keeping script kiddies from exploiting it again. > > I can post the scripts (if you are interested in pulling them apart or > such) as I have accumulated 3 different versions now, but I am wondering > what you guys use currently as "standard" PHP security and still do file > parsing and such. > > Thanks, > Wolf > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php