picokojama Posted August 30, 2013 Share Posted August 30, 2013 Hi there, I know how to secure file upload by checking file extension, but how can I secure from files that looks like images(have .jpg extension), but they are something else, like .exe file with .jpg extension (don't know for mac and ubundu, but you can do that trick on windows) Thanks advanced Link to comment Share on other sites More sharing options...
justsomeguy Posted August 30, 2013 Share Posted August 30, 2013 If your server supports fileinfo then you can use that to get the mime type: http://www.php.net/manual/en/function.finfo-file.php The MIME type isn't a guarantee though, one option for images specifically is to use one of the imagecreate functions to try and create an image from the file and see if there's an error. Check the comments on the link above. Link to comment Share on other sites More sharing options...
picokojama Posted August 30, 2013 Author Share Posted August 30, 2013 Well, method is good enaught... I just found extra level of security, disablad php from running in directory with .htaccess Thanks Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now