Tamara Temple am Montag, 23. September 2013 - 22:38: > > On Sep 23, 2013, at 1:36 PM, Domain nikha.org <mail@xxxxxxxxx> wrote: > > > Better solutions? > > One I have used, and continue to use in Apache environments, is place uploads only in a place where they cannot be executed by turning off such options and handlers in that directory. This is *in addition* to untainting files and names of uploaded files. Good idea. I will do this right now Niklaus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
