FIle upload - File types
Posted: Wed Dec 19, 2007 4:59 pm
Hey everyone, long time no see! Hope everyone is doing well. I have a quick question for you all. I have a situation in which i can only accept a certain type of file which is easily attained by $_FILES['type']. This, however, imposes a problem. I am only allowed to accept .tif files. what if someone renames their .exe virus with a .tif extension. I tested it and ['type'] is the type of the file that the extension says it is. Meaning, if they change the exe to tif, it will give .tif properties and not the original .exe. My question is, is there a way to detect the type of the file no matter what extension is on the file? Any help is much appreciated.
Here is the code i am working with:
Here is the code i am working with:
Code: Select all
<?php
if (isset($_POST['submitted']))
{
// Where the file is going to be placed
$target_path = "uploads/";
// Add the original filename to our target path. Result is "uploads/filename.extension"
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
$_FILES['uploadedfile']['tmp_name'];
echo $_FILES['uploadedfile']['type'];
}else{
?>
<HTML>
<body>
<form enctype="multipart/form-data" action="#" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
Choose a file to upload: <input name="uploadedfile" type="file" /><br />
<input type="submit" value="Upload File" />
<input type="hidden" name="submitted" value="TRUE" />
</form>
<?php
}
?>
</body>
</html>