Ok, I just have a question for the more advanced hackers around here. I am creating a web instant messaging program and I plan to allow for people to upload any type of file so they can share them. I am aware that people can upload harmful php files that can damage my server, but that is why I plan on using a .htaccess file to force-download any file in the uploads folder. This way, if people upload a harmful php file, then go to it, they can't harm the server because they have to download it and are not able to run it on the server. However, I don't know if this can be fooled. So, can it or can it not?