PHP - Moved: Which Do You Believe Is The Safest Cms

Good day all

Busy working on some code to allow users to upload images.

Now, I know not to trust anything sent from a user (and to specifically check image type, etc.)
And it's never a good idea to allow anyone, or anything to upload something to a directory below your web root.

But, how bad would it be to check for the correct file size, and type, and then use PHP to FTP that file to a directory that happens to be below your web root?

This would be on a shared hosting platform, where temp_upload is not set, and is running Apache and PHP 5.2

Just checking some additional options, and haven't seen that much regarding how secure the FTP method would be.

Thanks in advance

Hi all,

Thanks for reading.

I'm developing my first website with user registration, login, and account settings, and I was wondering what the best way would be to prevent the site from security flaws, SQL injection, etc. I've read up on it, but, as an example, would the following be suitable?

Code: [Select]
$username = trim(stripslashes(mysql_real_escape_string($_POST['username'])));

I guess what I'm asking is, is the above normal? Is there a simpler way to make input from the user secure?

Thank you.

This topic has been moved to HTML Help.

http://www.phpfreaks.com/forums/index.php?topic=313579.0

This topic has been moved to Ajax Help.

http://www.phpfreaks.com/forums/index.php?topic=319767.0

This topic has been moved to mod_rewrite.

http://www.phpfreaks.com/forums/index.php?topic=353027.0