[UPLOAD] dll

[SiteSniffer]

Is there a way to check if an attempt to upload a file with a dll extention by using $_FILES["file"]["type"] == ?I'm trying to let my script to allow only dll files.PS: script is working fine with images $_FILES["file"]["type"] == "image/png", only need to check for dll.

[boen_robot]

You can do pathinfo() for the extension out of $_FILES['file']['name']. Of course, doing so doesn't guarantee that the DLL file is going to REALLY be a DLL (it might as well be an HTML page renamed to ".dll"), but at least you'll have that check at hand.

[Greywacke]

i guess one can check that it was in fact a valid DLL by checking with PHP for the various commonalities between DLL files only - and displaying an error if not a valid DLL. Not specifically sure how, but it is with this approach that i would get to work in this situation

[SiteSniffer]

You can do pathinfo() for the extension out of $_FILES['file']['name']. Of course, doing so doesn't guarantee that the DLL file is going to REALLY be a DLL (it might as well be an HTML page renamed to ".dll"), but at least you'll have that check at hand.

I did the pathinfo() on the cached file and gave a tmp as an extention. Can I get the real name of the cached file and store in in a $?

[boen_robot]

I said do it on $_FILES['file']['name']... the filename as submitted by the user... Doing it on the temporary file is obviously always going to say ".tmp".

[SiteSniffer]

I realised that and went straight back to the script and tested it, works fine. Then I wanted to edit my post with the solution but you beat me to it :)Thank you for your reply and solution anyway, I appriciate it.