Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vlad2016-05-08 15:42:39
PHP
Vlad, 2016-05-08 15:42:39

How to disable code execution in .jpg, gif, png files?

Hello.
I have already found 2 similar viruses on the site: the file contains a link to a .gif image uploaded to FTP, and this image itself, if opened in a text editor, then there is a php code with a virus inside.
Tell me, please, is it possible to somehow prohibit the entire site from executing php code in files that have an image format?
Or can it be reasonable to make the code run only in files with a .php extension?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Andrey Pavlenko, 2016-05-08
@Akdmeh

1) use the getimagesize function - this will help a lot from "coolhackers".
2) in general, there is no threat to the site if such files cannot be included somewhere in the code (and this should not be). You can optionally disable the execution of PHP scripts in the specific folder where these images are stored, but usually, if you validate extensions correctly, there is nothing to be afraid of.
That is, by default, the code in images will not work.

Similar questions
E
Evgeny Samsonov2015-04-05 17:45:37
What is the name of the USB device? 3Reply
M
Mikhail Osher2012-02-01 11:44:37
Double write to file!? 6Reply
A
Andrei St2020-05-08 23:11:41
How to correctly load get data into a modal window? 1Reply
M
Maxim Tyulpakov2015-11-09 15:36:47
How to assign the result of echo to a variable? 2Reply
I
Ivanko2018-03-17 16:22:19
Which php framework is better to choose for such parameters? 5Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question