Jun 25, 2009 0
I just want to share with other PHP Guys out there concerning the PHP GIF Image security issue.
Let’s say an attacker registers to your site and being asked an avatar photo. The attacker uploads a PHP file named avatar.gif.php.
After the image is uploaded in the directory where it keeps all images, the attacker will attempt to make an HTTP request with the GIF image that contains PHP code like http://site.com/images/avatar.gif.php.
Jun 23, 2009 0
I am keeping myself busy these past few days building this new web application project and it’s really interesting because, it deals with complicated stuffs like Role-Based Access Security, and for certain roles, they can only create, edit , or delete their own records. They cannot touch other’s records. I made my move as an initiative to create this web application.
This Web Application project for the IT Department should function as a ticketing system for use within the company. It should accomodate tickets sent over email, or submitted online thru the web.
Recent Comments