This is not a big deal if you use some validation on images (in PHP at least). Try the function getImageSize(); it will return an array containing the size of the image, as well as the format. If the file specified is not a GIF, JPEG, PNG, or SWF, getImageSize() returns null. This is also beneficial if you don't want users posting huge images to your forum. In this code, the image must be 800x600 or less. <?php //quick sample code follows //$imagePath is the URL provided; doesn't matter if its via GET or POST $imageInfo = getImageSize($imagePath); if(!$imageInfo) { print("Sorry, image cannot be opened or is not a valid image type."); } elseif($imageInfo[0] >= 800 || $imageInfo[1] >= 600) { print("Sorry, image too big"); } //and so on ?> More info here: http://www.php.net/manual/en/function.getimagesize.php Ben Gollmer Jatosoft, LLC
- The Dangers of Allowing Users to Post Images John Percival
- Re: The Dangers of Allowing Users to Post Images Sverre H. Huseby
- Re: The Dangers of Allowing Users to Post Ima... Tim Nowaczyk
- Re: The Dangers of Allowing Users to Post... Henrik Nordstrom
- Re: The Dangers of Allowing Users to ... Sverre H. Huseby
- Re: The Dangers of Allowing User... Henrik Nordstrom
- Re: The Dangers of Allowing Users to Post... Brett Lymn
- RE: The Dangers of Allowing Users to Post Images Richard M. Smith
- Re: The Dangers of Allowing Users to Post Ima... Marc Slemko
- Re[2]: The Dangers of Allowing Users to Post ... Alexander K. Yezhov
- Cross-Site Request Forgeries (Re: The Dangers of ... Ben Gollmer
- Cross-Site Request Forgeries (Re: The Dangers of ... Peter W
- Re: Cross-Site Request Forgeries (Re: The Dan... Chris Lambert
- Re: The Dangers of Allowing Users to Post Images Chris Lambert
- Re: The Dangers of Allowing Users to Post Ima... Ryan Kennedy
- Re: The Dangers of Allowing Users to Post Images Chris Lambert
- Re: The Dangers of Allowing Users to Post Images David Dreezer
- Re: The Dangers of Allowing Users to Post Images Chris Lambert
- Re: The Dangers of Allowing Users to Post Images Chris Lambert