i've created an application where users can upload images through the form
upload, and to ensure that they are sending me an image, i take a look at
the type of the file (ie. $uploadedfile_type), which usually returns
something like
image/x-png
however.. not always.. so secondly, i check for a file extension using
$uploadedfile_name, but if they've loaded it from a mac.. i can't be sure
there will be a filename.. so, those things both failing in some cases.. is
there any other way of checking the filetype of a file?
i'm concerned that some could upload malicious content and run it (although
the execute flag is turned off, AND the filename is difficult to get.. ) and
would like to reduce the possiblity..
any suggestions?
--
matthew knight - online developer
[EMAIL PROTECTED]
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
