This is a common problem. it is not related with cakephp alone.. when we upload an image, usually we are checking whether its extension is related to the corresponding picture formats.
But these may be result to great security problem. as in linux we can create text editor files in any extensions. try it.. open text editor and write anything and save as txt.jpg. it will save as that pic file. so the problem is that if anyone created this type of file with a virus code in it... it will upload success as it is of corresponding formats. but when we view it it will execute in our browser and do harm.... so please anybody point out checking the picture file other than extensions??? pls anyone help...... -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
