What is the correct way to allow users to upload images to a site? I’m using mod_php so everything is done by apache, not the domains user.
Right now I just chmod 777 the images folder and hope for the best
I’ve been looking at adding an .htaccess file to prevent PHP from running in that folder.
“I’m using mod_php so everything is done by apache, not the domains user.”
I’d suggest stopping that right away; it’s not healthy, even in a dedicated hosting environment (but is downright deadly if you’ve got more than one website on the box). suPHP works well enough for the task.
If your heart is set on sticking with mod_php, I would not recommend changing the user of the directory to match that of the webserver; this prevents effective administration of the site by the user who actually owns it. Instead, change the group of the directory to be that of the webserver, and then give that group write permission to the directory.
- PSCP: Upload an entire folder, Windows to Linux
- Webserver and PHP File Security
- How to give PHP permissions to write to files without globally opening up permissions to the directory
- how to use powershell to get childitem of the parent folder and pick up the latest update child folder?
- PHP Session File Stored in Temp Directory – Apache