Is there a way to specify a user account for executing the move_uploaded_file function on IIS?
Basically, I have a form where images can be uploaded to update a website. But the only way this works is when the move_uploaded_file function moves the file to a folder with 777 permissions. This leaves a huge security hole, since anyone can potentially add or delete files in this folder, right?
I've tried chmod, but I get access denied, I assume because safe mode is on, or maybe chmod doesn't work on IIS.
So if I can set a specific user with full access to this folder, is there a way I can get PHP to use this account for the move_uploaded_file function (or any other method, as long as the site admin can still use a browser to upload images)?
Currently, I'm using mySql to store the images and imagecreate functions, but the images are sometimes animated GIFs, which no longer animate with imagecreate. If someone knows a way to get animated gifs to work, that would solve my dilemma too.
I'm using PHP 4.3.10, mySql 3.23. Any suggestions would be greatly appreciated.
Thanks,
Brian
