Securing image upload box using PHP
How to make Image upload box secure using PHP
Now day , it is common to see image upload boxes in several sites - forums,social networks,blogs... upload boxes are fun and good way to interact with users ,But,at the same time, they could be a way for any attacks made up on a site if they are not cleverly utilized.Bad guys can use security holes on upload boxes for their own advantage.This bad guys ,for instance, upload malicious shell (executable code) which could have a power to unveil all information we kept secret for several years,or which may also used as backdoor, a way get in to the site later after the security hole is patched.
The common and usual way to check if the uploaded file is image using $_FILES['upload']['type']. However this is will be increasingly great risk if ahacker happens to find that you are using this method to secure your upload box.Because,any thing under $_FILES other than 'tmp_name' can be manipulated by just making simple tampering before the data is sent to the server. This is would be a great risk if a bad guy upload rotten script using this for advantage.
in the description to come I will show you some excellent ways to make super secure Image Upload box.
The above function is basically used for creating image handlers from pre-existing images, you can think of image handlers as file handlers. The parameters for this function should only be location of an png image. if any other file location is given as argument ,then,it throws exception.since I used error control operator in front of the function call createimagefrompng() no error message is going to be printed.
The condition in the if statement can only be executed if and only if the function,
createimagefrompng(), runs with out any mess or error. if this happens to be false or the function,createimagefrompng(),fails at some time of execution and throws exception, the code in side in the else statement get executed. The only case the function throws exception is when file other than Image is given as argument.
Thus,checking whether exception is throwed can be a best way to check if it is image. This works for png images only, but if you want to check the file type of jpg images uses imagecreatefromjpeg()
getimagesize() is another PHP function which gives us much more information about images. this function returns associate array.
To make a brief overview of the above function, it calls the getimagesize() function and using the if else statement the code checks if any exception is thrown.then it enlist the mime information using the mime key ,and checks if it is png.
Like that of imagecreatefrompng () or imagecreatefromjpeg(), this function also throws exception if image is not given as parameter.
2. Checking the name of the image
So far, we have seen how to check the file type,But hackers also can mess up a website using the name of images. for example,they may make the name of image '../../../../../../../../../etc/passwd' or something which directs to a certain file.
When Your browser tries to display this image,it ,the browser, will be redirected to the given directory,which may cause local file inclusion,another type of attack.
Furthermore, images with the same name may replace already stored image.
so,The best way to rectify this problem is renaming the image-giving a unique name for each image.
The above code shows a way to rename the uploaded image to unique name. this is done by concatinating the current time stamp and and md5 hashed imagename. click here to find more about generating unique name.
Even if the above methods are good enough way to secure image upload box,still it is not the safest way.Because there are also other methods or way to trick the functions imagecreatefrompng() and getimagesize().
Soon,I will discuss how to tackle this problem,But for now this is more than enought. Dont forget to leave a comment. Your comments encourage to post more intersting articles
Subscribe to:
Post Comments
(
Atom
)
No comments :
Post a Comment