[thelist] move_uploaded_file() / security issue

Bill Haenel bill at ncpr.org
Thu Sep 20 14:48:04 CDT 2001

I'm using the PHP function move_uploaded_file() to handle an image file that
will be submitted through a form (on Apache server / PHP Version 4.0.3pl1).

Everything works fine as long as I do not try to save the uploaded file out
of the directory where the script is that contains the move_uploaded_file()

Any ideas on why this might be? I assume it's security related, but I'm not
sure what portion of security to be looking at, and my host has a been a bit
too busy this week to respond to the same question.



More information about the thelist mailing list