Jump to content
SiteSniffer

[UPLOAD] dll

Recommended Posts

Is there a way to check if an attempt to upload a file with a dll extention by using $_FILES["file"]["type"] == ?I'm trying to let my script to allow only dll files.PS: script is working fine with images $_FILES["file"]["type"] == "image/png", only need to check for dll.

Edited by SiteSniffer

Share this post


Link to post
Share on other sites

You can do pathinfo() for the extension out of $_FILES['file']['name']. Of course, doing so doesn't guarantee that the DLL file is going to REALLY be a DLL (it might as well be an HTML page renamed to ".dll"), but at least you'll have that check at hand.

Share this post


Link to post
Share on other sites

i guess one can check that it was in fact a valid DLL by checking with PHP for the various commonalities between DLL files only - and displaying an error if not a valid DLL. Not specifically sure how, but it is with this approach that i would get to work in this situation :)

Share this post


Link to post
Share on other sites
You can do pathinfo() for the extension out of $_FILES['file']['name']. Of course, doing so doesn't guarantee that the DLL file is going to REALLY be a DLL (it might as well be an HTML page renamed to ".dll"), but at least you'll have that check at hand.
I did the pathinfo() on the cached file and gave a tmp as an extention. Can I get the real name of the cached file and store in in a $?

Share this post


Link to post
Share on other sites

I said do it on $_FILES['file']['name']... the filename as submitted by the user... Doing it on the temporary file is obviously always going to say ".tmp".

Share this post


Link to post
Share on other sites

I realised that and went straight back to the script and tested it, works fine. Then I wanted to edit my post with the solution but you beat me to it :)Thank you for your reply and solution anyway, I appriciate it.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...