FJbrian
02-05-2007, 06:21 AM
I have a script that basically parses an orderred list of mine and splices+displays it in table format etc.
I would like to allow visitors to upload their own txt or csv file and use their own list.
In the past I used some generic FORM and some SOB uploaded a virus or somesuch. Naturally I took that uploading function out and reverted back to just my orderred list.
My Q is how do you guard against such attacks?
The list would be just football player names separated by commas.
Is there a way to say query the uploaded file for "Peyton Manning" and if he's not there then it doesn't accept the upload?
Just an idea, feel free to suggest other ideas
I would like to allow visitors to upload their own txt or csv file and use their own list.
In the past I used some generic FORM and some SOB uploaded a virus or somesuch. Naturally I took that uploading function out and reverted back to just my orderred list.
My Q is how do you guard against such attacks?
The list would be just football player names separated by commas.
Is there a way to say query the uploaded file for "Peyton Manning" and if he's not there then it doesn't accept the upload?
Just an idea, feel free to suggest other ideas