Excalibur82
05-12-2009, 07:42 PM
When using code like below:
$fp = @fopen($copyto , 'rb');
$content = @fread($fp, filesize($copyto));
$content = addslashes($content);
fclose($fp);
@unlink($copyto);
Is there anything I need to do to make sure things are safe when uploading? Like any precautions I need to take to prevent any type of shell injection or anything like that?
I have looked through vB code but they have no precautions from what I can tell so I'm assuming things are ok when uploading but when displaying images I should use GD/ImageMagick to display them.
Anyone know for sure whether I need to cover my arse in this aspect?
Thanks
$fp = @fopen($copyto , 'rb');
$content = @fread($fp, filesize($copyto));
$content = addslashes($content);
fclose($fp);
@unlink($copyto);
Is there anything I need to do to make sure things are safe when uploading? Like any precautions I need to take to prevent any type of shell injection or anything like that?
I have looked through vB code but they have no precautions from what I can tell so I'm assuming things are ok when uploading but when displaying images I should use GD/ImageMagick to display them.
Anyone know for sure whether I need to cover my arse in this aspect?
Thanks