Security of contributor uploads
-
Hello all,
I am allowing subscribers to post articles via a members only page using TDO mini forms. I am allowing them to upload an image to the content body and an image for their author resource box. I have limited the size to 50KB and extensions to .jpg .gif .png. I also have to approve images before they go live.
Now I know file extensions can be used to mask code etc. and was wondering how secure this will be or is it it putting the website at risk? Is there a way of filtering so that only true image files will get through?
Many thanks
- The topic ‘Security of contributor uploads’ is closed to new replies.