13 Nov 2006 at 14:39 #1 Chronicle Chronicle Soldato Joined 4 Jul 2004 Posts 2,647 Location aberdeen Hello, In php, what is the best way to ensure that an uploaded file is an image. Is it ok just to check if it is .gif .jpg (/,jpeg) .png Or is there still any risk? Cheers
Hello, In php, what is the best way to ensure that an uploaded file is an image. Is it ok just to check if it is .gif .jpg (/,jpeg) .png Or is there still any risk? Cheers
13 Nov 2006 at 16:05 #2 Mr_L Mr_L Soldato Joined 28 Jan 2005 Posts 3,732 Location Worcester Rob Miller's PHP Security Guide will be of some help, in particular the File Uploads section.
