NYCPHP Meetup

[csnyder]

On 7/26/06, Daniela Gutierrez <daniela at ula.ve> wrote:
> Hi everybody!
>
> I would like to know how to verify that the files they had been uploaded
> by some user are j peg, because I only want them to upload images and I
> also want to be sure that they are not uploading some kind of malicious
> files. Is there any function or something like it that I could use??
> Thanks, and sorry for my English ;)

To reiterate Tedd Sperling's advice, the best way to check whether an
uploaded file is a jpeg is to use getimagesize() and check that index
2 of the returned array is equal to 2. (http://php.net/getimagesize
for details)

Checking the file extension will miss jpegs uploaded from a Macintosh
(which might not have an extension).

-- 
Chris Snyder
http://chxo.com/