I'm thinking of letting users upload a picture in gif or jpg format but i'm concerned about security and filesize. I dont want to allow anything but jpg or gif files to be uploaded. Should i try to do this on the processing page (inside a cfif that tests for the last 3 being jpg or gif?) or is there a way to do it sooner? And how can I block files above a certain size, say 20k?
Also, I read in Forta that you should be careful when allowing uploads - that the directory the files are going to should be secure from outside view. How do i do this? It also says the templates used to perform file operations must be protected from unauthorized access. Again, doesnt say how to do this.
Also, I read in Forta that you should be careful when allowing uploads - that the directory the files are going to should be secure from outside view. How do i do this? It also says the templates used to perform file operations must be protected from unauthorized access. Again, doesnt say how to do this.