Jump to content

Recommended Posts

Hi there,

 

I know how to secure file upload by checking file extension, but how can I secure from files that looks like images(have .jpg extension), but they are something else, like .exe file with .jpg extension (don't know for mac and ubundu, but you can do that trick on windows)

 

Thanks advanced

Link to post
Share on other sites

If your server supports fileinfo then you can use that to get the mime type:

 

http://www.php.net/manual/en/function.finfo-file.php

 

The MIME type isn't a guarantee though, one option for images specifically is to use one of the imagecreate functions to try and create an image from the file and see if there's an error. Check the comments on the link above.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...