ID: 48344
Comment by: carsten_sttgt at gmx dot de
Reported By: danymoussa at gmail dot com
Status: Open
Bug Type: *General Issues
Operating System: Centos 5
PHP Version: 5.2.9
New Comment:
The Content-Type is set by your browser (or what ever UA you are using
for the POST request).
That's the reason for:
Don't trust the "type" in $_FILES. (An UA can set this to every value
it want.)
In addition:
If no Content-Type is set by the UA, the default is
"application/octet-stream".
Regards,
Carsten
Previous Comments:
------------------------------------------------------------------------
[2009-05-20 11:24:49] danymoussa at gmail dot com
Submission error, flip actual result with expected result
------------------------------------------------------------------------
[2009-05-20 11:20:19] danymoussa at gmail dot com
Description:
------------
This is a very serious problem that i never faced in php earlier
version. However i tried to hack into my jpg-upload-image script and was
able to do that by inserting a renamed shell script: pic1.php.jpg
Reproduce code:
---------------
<form action="upload.php" method="post"
enctype="multipart/form-data">
<input type="file" name="file">
<input type="submit" value="Upload">
</form>
print_r($_FILES);
Expected result:
----------------
[file] => Array
(
[name] => pic.php.jpg
[type] => image/jpeg
[tmp_name] => /tmp/php96MEPH
[error] => 0
[size] => 23052
)
Actual result:
--------------
[file] => Array
(
[name] => pic.php.jpg
[type] => application/octet-stream
[tmp_name] => /tmp/php96MEPH
[error] => 0
[size] => 23052
)
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=48344&edit=1
