Php File Uploads in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (5th Edition) Posted April 23, 2018 Really enjoying your book. On page 345 you mention that file uploads entail creating a folder that everyone can write (chmod 777). Wouldn't the best practice be to change the owner to www-data and set chmod 755 (on Linux systems)? Would this pose similar or any security risks? Would you still want to configure the .htaccess file (to restrict the folder to only make mp3s publically viewable for instance)?
Php File Uploads
in PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (5th Edition)
Posted
Really enjoying your book.
On page 345 you mention that file uploads entail creating a folder that everyone can write (chmod 777).
Wouldn't the best practice be to change the owner to www-data and set chmod 755 (on Linux systems)? Would this pose similar or any security risks?
Would you still want to configure the .htaccess file (to restrict the folder to only make mp3s publically viewable for instance)?