I'm creating a game website and players are all allowed a crew icon, a crew display, and a player display icon. Right now, I allow them to type in the URL of their images and I use that inside the img element's src attribute. However, I want to allow them the option to upload an image file instead, but heard about sites and/or other players potentially getting hacked from doing so and heard of other ways around this issue like having a second domain name. I happen to have an extra domain name and was wondering if there are any particular precautions I should take before uploading their image onto the second domain's filesystem. Right now I am allowed 3 domains on my hosting service and I have the main game domain and one of its sub-domain's on it. I also have the other site I want to upload the images onto which just so happens to actually be the main public_html primary domain of my hosting service. If I just accept all users images no matter what and save them into that domains directory will I be safe in doing so and if process is too long to explain are their any guides or tips around in accepting and saving users images anywhere? I searched and can't seem to find really anything on how exactly to do so.
Aucun commentaire:
Enregistrer un commentaire