file upload security

[Guest]

Looking at the file upload, it looks as though it would be very vulnerable to
bots uploading. Kinda looks wide open. Is there anything protecting this
function at all? Or what are the best solutions to safeguard. am using fp
extensions. Thanks.

 

[Bob Lehmann]

Writing your own upload handler gives you more control. Plus you know what's
going on under the covers.

Bob Lehmann

 

[David Berry]

You would need to write your own upload script or use a third party one to
be able to validate what's getting uploaded. Ask your web host what they
might have available.