ahevans@gmail.com (ahevans) wrote in news:d589c3f.0502120410.15a672d7
@posting.google.com:
[color=blue]
> Hi,
>
> I've read a few bits on the web about vulnerabilities in providing
> file uploads where the upload could contain ../../ and so allow 'back
> browsing' to other files on the server and copying them to a public
> directory. If I was to check for this scenerio, would I have to do
> something like (in simple terms):
>
> if $_FILES['userfile']['tmp_name'] or $_FILES['userfile']['name'] =
> ../../
> echo u are norty
> else
> continue with code[/color]
See:
<
http://groups-
beta.google.com/group/comp.lang.php/browse_frm/thread/eff851f20fb4a8d/af5ad
51cf5946e1c>
(URL should all be on one line. Hey Google, new groups.google blows.)
[color=blue]
> Also, is it possible to verfiy that the referring html form to my
> upload script originates from my server only? I could stop anyone from
> creating their own forms then.[/color]
It's possible to detect the referring URL, but anyone can send whatever
Referer header they choose. There is no real security in checking the
Referer header.
hth
--
Bulworth : PHP/MySQL/Unix | Email : str_rot13('f@fung.arg');
--------------------------|---------------------------------
<http://www.phplabs.com/> | PHP scripts, webmaster resources
protecting file upload 
