#3 directorys and security

[Anonymous]

when i build i creat a dir structure that only uploads to dir below http server root, i have had files deleted off of a few servers by hackers that are anoying.
use php header with a few checks to insure their are no directory changes intered into the file name for download/veiwing.

and i keep all the DB settings below server http root also.

[Nobody/Anonymous]

Logged In: NO

also on file uploads, was wanting to be able to upload secure information, not posable ATM it apears.

uploads to below http server root, and or binary DB storage.

[Nobody/Anonymous]

Logged In: NO

basic file douwloader i use
with a link saying to save as.

if($_GET['d']){
$_GET['d'] = str_replace(array("../","/","\\"), NULL, $_GET['d']);

$this_file = BASE_DIR . "/csv/" . $_GET['d'];

if(is_file($this_file)){
header('Content-type: application/force-download');
header("Content-Disposition: attachment; filename={$_GET['d']}");
readfile($this_file);
exit;
} else echo "File not found: $this_file";

}

[Zeb Cameron]

I am not really sure what this is about but also use an .htaccess file for security