I have created a login form with captcha image. It works well on my windows operating system. When I uploaded it to the server captcha image is not displayed. CI creates the image but cannot write it into captcha directory (CHMOD = 755) bacuse of permission settings. When I set CHMOD value of the directory to 777 (which I should not) it works well.
Here there is a question similar to mine but proposed and accepted answer is not secure, I guess.
How can I say CI to write the file that it created into the directory using ftp credentials on the fly or is there another way?
I am afraid of encountering further problems like file upload operations (like profile picture change, attachments to the announcements) by the users.
I got around the permission problem by not writing a file at all.
I modified the library in system/plugins/captcha_pi.php to return the image data for inline inclusion. The other return values are the same (timestamp and captcha phrase).
So instead of writing to a file, it returns the inline image content instead.
Related
I want to create file sharing platform but php has some bug about it.I just use fread to get text of any file (exe,pdf,docx,ppt and etc) then I create text file with random name and with .txt extension.So when user want to download this file ,I create random folder and inside of that folder I create file which has same text that user want to download , and then I give extension which is same as user uploaded version of file and force user to download it.
But when user download file,for example zip file and then if user wants to open , it says failed to open because not supported format.This happens when I try to do this with docx,pdfs,zips and that kind of files (not txt,html,css,c files).
Example : I force the user to download with same extension that he uploaded, for example if user uploaded zip file,I read the text with fread then save this text in the db or text file,and then if user wants to download that file, I just create file and give it zip extension, then force the user to download it,but once user upload this file then if user want to open it fails, but it should open zip file because content text of this file is exact same as user uploaded to the server
Answer should contain:
1)Why this happens?How to fix it?
2)What is the ideal solution?
3)is it safe to do this?
This happens, because windows knows the app to open file file just from the extension. If you rename the file to something.txt, then the editor always wants to open it.
There's no such thing as an ideal solution. A soltution would be to store the file with the original name (maybe at some unique part to prevent duplicates) in a non public readable directory without execution bit set. To access the file, you could create a proxy script, which returns the file and appens a should download header (and maybe the original filename).
Its as safe, as you implement it. Your current solution could be safe, the solution I posted could be safe - but without knowing the details, how you implemented it, nobody knows, if it is actually safe.
It happens because you are opening binary files like a zip file and storing it in a text file then streaming it with the zip extension again.
The ideal solution would be to use one of the 1 million open source file managers out there with proven records and big developer communities. But if for some reason you want to build your own, save the files in a safe folder outside your public folder. store the path in a database of choice together with the public path you will show your users. Upon request use the public path to map to the private path and start the download yourself.
Is as safe as you make it, but nothing is 100% safe so if you are storing sensitive data use something that is well build and documented
I'm having a problem when I try to open files that were generated by my CMS on my windows machine. It has an upload function that saves the file on a given location (it is on my user folder, where I'm supposed to have all the write and read permissions).
All I can see in that folder is a generic thumbnail, the ones generated by windows for each image type, PNGs and JPEGs in this case. I tried to change de image permissions and set it to the current computer user but it doesn't work. And I'm unable to move these files to another location (upload them to the server via FTP).
I wonder if there is a way to change this behavior.
One thing I noticed is that if I copy and paste those files, I can see its contents normally. I know I can do that to each of them and rename, but there are dozens of images in that folder... don't wanna do the same thing everytime I upload a new image.
Update
This is happening only to the images that were moved (I'm using php's move_uploaded_file function, btw), not to the ones that where generated (croped, resized and so on).
It`s happening because Windows keep file permissions of TEMP folder (usually c:/windows/temp) when moving a file.
To prevent it you need to change "upload_tmp_dir" in "php.ini" to your server directory or set wide permissions to your windows temp folder.
You probably have an error in some php file which is preventing the image from being displayed correctly.
What i would do in order to detect the problem is to comment out the header() calls in the php file responsible for displaying the image and see if there is any output other than the image data.
Inspect the whole output, it only takes a character to break everything, so check if there are no blank lines at the top or bottom of the output. And in case you have an error log, consult that, it will help you trace the problem quickly.
When i have this problem, it's usually a notice or a warning showing up during the process of the image generation, and if you haven't disabled errors from being output to the screen, the notice text will be considered as part of the image data which makes the browser unable to interpret your image.
If you'd like i can take a look closely for you but i would need to see what you are doing in that php file to be able to tell you for sure.
I have to check the Content of a zip/rar file before uploading to the server.
Let me explain the scenario.
There are 2 types of users in my web project:
1: Normal Registered user
2: Administrator of the Project
Any Registered user can Create Pages on our Project,also they can create Themes For Pages.
Here one of us suggested a feature that to upload the Theme as theme pack [Compressed in Zip/Rar File].
If it is a Administrator then it is ok,there is no more security constraints.
But i am afraid in the case of Normal Registered Users.
My Problems are :
Assume that a Registered User uploading a theme pack that contains some malicious Files [Including PHP file] that may hurt the system.
I know that it is posible to check the Contents after upload,but what will happen if the use executed the File before that?
Ex : a user uploading a theme pack : contains some PHP codes & other large files,First our system will extract the content of the Theme Pack: Assume that the extraction of large files takes some time,and the smaller PHP file already extracted.So that the user can RUN the PHP file First.
The above one is my noob soubt,Actually i dont know other sides.
Please help me to figure out this problem.
Is it possible to upload the ZIP file in a secure manner ?
You won't be able to check this client side unless, of course, you had some kind of plugin (for all browsers) that did the checking/uploading for you. You'll have to handle this on the server side.
Also, Admins can upload viruses just as easily as non-admins. Some user's don't even know their machine has more viruses than a shanty-town brothel.
EDIT: Also, how is the user going to execute their PHP file on your server before you've checked it unless you run that php file? This sounds like a recipe for disaster anyway. All it will take is for something to slip through the cracks and a malicious user will destroy your site. Allowing normal people to upload executable script to your server is asking for serious trouble.
Unpack it in directory, which can't be reached through the web, check, then move back to web-folder, where it should be.
Assuming that you have your website in directory /var/www/website and user content goes to /var/www/website/user and is reachable through www.website.com/user/ :
Create temporary dir in /tmp unpack there, check, move to /var/www/website/user
If you don't have access to /tmp, you can create /var/www/website/tmp and prohibit access to it using your server settings
you can create a folder for putting the zip file and unzip.
and disable the php execute for the folder. that can solve your problem
I've got a rather baffling question/problem, let me lay it out for you.
I have two directories -- gallery and uploader
The uploader directory is htaccess password protected. This is where several PHP pages and the PHP file uploader reside. I enter my credentials when I access the index PHP file when I load a the index within the directory.
The problem is that the uploader is uploading the files and then moving it to the gallery directory (not password protected). It then runs other scripts to copy that image, resize it, then delete the original. This process works beautifully until I put the htaccess password on the uploader directory. So for some reason the PHP uploader in a protected directory can't move/work on the uploaded image and then copy it to the un-protected directory.
Any ideas of what I need to do? I'm not sure if the issue is the PHP uploader calling other scripts in the protected directory or if it's having troubles when moving it to the un-protected directory.
EDIT:
Here is some sample code and as you can see URLs aren't being used (nor are they in the resizeMyImageTN method).
//WHERE THE SAVE HAPPENS!
move_uploaded_file($_FILES['Filedata']['tmp_name'], '../../uploads/'.$folder.'/'.$new_index.'-' . $_FILES['Filedata']['name']);
//Call function to resize images pass in path
resizeMyImageTN($_FILES['Filedata']['name'],$folder, $new_index);
unlink('../../uploads/'.$folder.'/'.$new_index.'-' . $_FILES['Filedata']['name']);
.htaccess protection works at the webserver level. But, UNLESS you're using URLs in your various file-manipulation calls, the PHP script works at the filesystem level and would never see the .htaccess protection.
move_uploaded_file($_FILES['uploaded']['tmp_name'], '/some/dir/that/is/protected/newname.txt');
would not involve the HTTP layer, which means no protection. But if you were try
move_uploaded_file($_FILES['uploaded']['tmp_name'], 'http://myserver.com/newname.txt');
that would involve a new HTTP request, re-upload the file, and be subject to any URl restrictions in place on the server.
Without seeing some code, we most likely can't answer your question.
I forgot to answer this (my bad). In the end I could only get it to work by not having the upload directory .htaccess protected. Which wasn't ideal but I couldn't seem to figure anything else out. Since I asked this I have converted the site to Django and that has fixed all my problems.
I have read the following tutorial "Uploading Files To the Server Using PHP"
and have several questions related to the topics.
Q1> The tutorial mentions that
"Note that PHP must have write access
to $uploadDir or else the upload will
fail"
For me, I only allow the user to upload the file after the user has login to the website.
If we set that $uploadDir permission as 777, then everyone can have written permission to that folder. How to avoid this problems?
Also I am using WAMP as my testing bed, can I simulate the same case as a real web server?
Q2> In order to prevent Preventing direct access, the tutorial mentions:
"A better approach is to move the
upload directory away from your web
root. For example, the web root for
this site is:
/home/arman198/public_html/ to prevent
direct listing i can set the upload
directory to /home/arman198/upload/."
Now my problem is that how can I display the uploaded images on other website pages. Since, the upload is not accessible directly anymore? I need to display the uploaded image save personal headshot dynamically on other website page. Is it possible?
Thank you
It's a common problem.
All modern computers have a temporary files directory. On Linux/Unix it's /tmp, on Windows it's usually c:\temp. The OS install will have set permissions on that directory so that anyone can write files there but only privileged users can delete files that don't belong to them. This is where PHP will want to put an uploaded file; your application then has to move it elsewhere (this is the purpose of the move_uploaded_file() function). PHP under Windows may need upload_tmp_dir actually set in the php.ini file.
Once you have an uploaded file, you can shift it whereever you like, including to where the webserver can read it to serve it. The biggest problem with that it is awfully easy to put this directory inside your codebase. Don't do that. As soon as you do anything beyond editing the files inside the directory they are served from, it will be problematic. Trust me: I've dealt with a few times this in code I've inherited. It's easy to let your webserver load files from a location outside your codebase.
The other alternative is to produce a download script. That way the file need not be servable by the webserver at all. One disadvantage is that you don't get to leverage the web server's MIME translation, but then, that lets you control which types of image files are permitted.
For the second question, you can use a PHP script intead of direct access to the directory. Lets name it image.php. Lets assume that it can take a parameter id, like image.php?id=image_id. In that file you can get the id using superglobal array $_GET. Then you can search for images with that Id and just send it as response.
First one I'm not sure, but maybe play with .htaccess file.
And for the first question, try setting your permissions to 775. That should allow PHP to write the file to the directory without giving the general public write access.