Prevent execution of uploaded php files?

Question

In my project users are allowed to upload files of any type. I need to ensure security against execution of uploaded files that can parsed by php (*.php, *.html, etc.)

Answer 1

Keep them all under the same folder and set this line in the directory's .htaccess file:

php_flag engine off

That will also take care of other exploits such as embedding PHP code in .gif files.