$_FILES['userfile']['type']So, check $_FILES['userfile']['type'] against a set of allowed file types, and you're set...
The mime type of the file, if the browser provided this information. An example would be "image/gif".
A client-supplied value isn't going to be too useful - it can be spoofed, or may not be present. (I believe a Windows browser would set the mime-type based purely on the file extension, though I haven't tested this myself).
Then my apologies. I thought php determined the file type on upload, and not rely on user input as your're saying.
Makes me rethink some of my own code :)
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php