Buy Now
Sign in

Secure File Upload

indieben , November 05 2018
I
indieben 83
November 05 2018 #381274
Does anybody have any tips on securing the upload functionality for files please? I'm hoping to allow for images to be uploaded in any format but to avoid extensions being manipulated to allow for website hacks/viruses being submitted etc?
Thanks
healyhatman 4.4
November 06 2018 #381300
You could use a custom PHP block to run whatever checks you like on $_FILES["files"]["filefield"]
The upload action is also able to check extensions.
Web developer at SkySpider.com.au
I don't work for ChronoEngine but I do accept donations paypal.me/healyhatman

You can now copy+paste code from forums
GreyHead 63.2
November 06 2018 #381310
1
Hi indieben,
I think that you can also upload them to a folder above the site root so that they can't be easily accessed.
Bob
ChronoForms technical support
If you'd like to buy me a coffee or two, thank you very much