安全的 PHP 文件上传脚本
我想我已经问过这个问题两次了,但这是我第一次接近这个问题.我计划允许用户上传和下载他们的文件(.pdf、.doc、.exl、.ppt、.png、.jpg、.gif).
I have asked this question twice i think, but this is the first time i have gotten close to this. I am planning on allowing users to upload and download their files (.pdf, .doc, .exl, .ppt, .png, .jpg, .gif).
这些提示是否足够:
http://blogs.sans.org/appsecstreetfighter/2009/12/28/8-basic-rules-to-implement-secure-file-uploads/
另外,有没有我可以使用的脚本,我是 php 新手.
Also, is there a script I can utilize, i am new to php.
推荐答案
反应迟了,但我认为你的脚本应该基于此:http://blog.insicdesigns.com/2009/01/secure-file-upload-in-php-web-applications/
a late response, but i think your script should be based on this: http://blog.insicdesigns.com/2009/01/secure-file-upload-in-php-web-applications/
它涵盖了安全的所有方面并解释了所有有效点.我希望这会有所帮助.
it covers all aspects of security and explains all valid points. I hope this helps.
以上链接已失效,这里是那篇文章的缓存版本.
相关文章