mwoolley

I currently have a domain mikewoolley.com that is pointed to your name servers at GoDaddy and points to my web site hosted by you. I have another domain that I want to also point to that web site. I'm confused about the difference between going to GoDaddy and telling them to Forward my domain to www.mikewoolley.com vs. doing what you said to do here (i.e. point the 2nd domain to your name servers and submitting ticket to have it "parked" by you on my mikewoolley.com domain). Are there advantages to doing it one way vs. the other?

I experimented with different settings on the Execute permission, but it seems to need to be World executable as well. Why is that? I've restricted the types of files that can be uploaded to only image file types, but if I wasn't doing that, it seems someone would be able to upload an executable file and trash my web site with it.

I have a file upload script that is straight from the PHP manual (see below). It works great, but only if I set the permissions on the uploads directory to be 777. This doesn't seem real secure. I've researched this issue in the PHP forums and people talk about setting the security on the upload directory so that user 'nobody' (user Apache runs under) can write it. I'm a Unix newby, but I can't see any option in the cpanel to do that. Any ideas? <?php // In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead // of $_FILES. $uploaddir = 'uploads/'; $uploadfile = $uploaddir . $_FILES['userfile']['name']; print "<pre>"; if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) { print "File is valid, and was successfully uploaded. "; print "Here's some more debugging info:\n"; print_r($_FILES); } else { print "Possible file upload attack! Here's some debugging info:\n"; print_r($_FILES); } print "</pre>"; ?>

I have a file upload script that is straight from the PHP manual (see below). It works great, but I only if I set the permissions on the uploads directory to be 777. This doesn't seem real secure. I've researched this issue in the PHP forums and people talk about setting the security on the upload directory so that user 'nobody' (user Apache runs under) can write it. I'm a Unix newby, but I can't see any option in the cpanel to do that. Any ideas? <?php // In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead // of $_FILES. $uploaddir = 'uploads/'; $uploadfile = $uploaddir . $_FILES['userfile']['name']; print "<pre>"; if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) { print "File is valid, and was successfully uploaded. "; print "Here's some more debugging info:\n"; print_r($_FILES); } else { print "Possible file upload attack! Here's some debugging info:\n"; print_r($_FILES); } print "</pre>"; ?>