Thread
:
PHP extracting rar files.
View Single Post
#
4
(
permalink
)
03-02-08, 09:37 AM
Nico
Community Leader
Join Date: Sep 2005
Location: Spain
Posts: 8,074
Thanks: 11
Thanked 88 Times in 83 Posts
Another thought is, are you sure they extracted the file? Or could they have fooled your uploader by giving the uploaded php file a fake MIME type?
In your script, are you relying on the type value in
$_FILES['file']['type']
to verify the files?
__________________
Zend Certified Engineer
|
My Twitter
|
HotScripts' Blog
|
HotScripts' Twitter
|
How to ask questions the smart way
Nico
View Public Profile
Visit Nico's homepage!
Find all posts by Nico