I have an image upload script, and to make it work i've had to change the permissions on the upload directory to allow write to all..
However, im concerned about the security implications of this, after all, anyone can now write to my directory.
What is the best method to solve this, can I change directory permissions from php in order to save the file, then set permissions back, have I got the wrong set of permissions? what other options are there?
Put the folder and the script in the same group and set the permissions that way, assuming your under unix variant. Also make sure the script only accepts image file extensions...
Bookmarks