What to set the folder permission for image upload folder?

Discussion in 'PHP' started by x0x, Jul 15, 2009.

0
  1. #1
    What should I set the folder permission for the image upload folder? Users should be able to upload their images but not execute code. I have always used 777 and once someone uploaded a php script and got into my server... I just put a filter there for the file not to contain ".php", but I think the execution thing would work much better...
     
    x0x, Jul 15, 2009 IP
  2. whjtoby

    whjtoby Greenhorn

    Messages:
    47
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    18
    #2
    777 permission
     
    whjtoby, Jul 15, 2009 IP
  3. x0x

    x0x Well-Known Member

    Messages:
    510
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    110
    #3
    but that will allow php code to be executed in case someone manages to upload a php file
     
    x0x, Jul 15, 2009 IP
  4. goscript

    goscript Prominent Member

    Messages:
    2,753
    Likes Received:
    306
    Best Answers:
    0
    Trophy Points:
    315
    #4
    Make sure you only allow image files and you will have no problems.
     
    goscript, Jul 15, 2009 IP