Jump to content

secure file upload


Recommended Posts

Hi there,


I know how to secure file upload by checking file extension, but how can I secure from files that looks like images(have .jpg extension), but they are something else, like .exe file with .jpg extension (don't know for mac and ubundu, but you can do that trick on windows)


Thanks advanced

Link to comment
Share on other sites

If your server supports fileinfo then you can use that to get the mime type:




The MIME type isn't a guarantee though, one option for images specifically is to use one of the imagecreate functions to try and create an image from the file and see if there's an error. Check the comments on the link above.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...