I'm looking for an alternative to CF's IsImageFile (which doesn't seem to be in OpenBD I assume?). GetFileInfo might be able to help, but can someone tell me if the "type" returned by this function is just based on the file's extension or if it digs a little deeper to find the type? I allow my users to upload a file (supposedly an image) with a form to a temp, restricted directory on my server so I can check the file before blobbing it and inserting it into my database. I rename the file as I upload it to avoid any issues with wierd names, such as (my "funny" img.jpg) or (../../index.cfm). Since I apparently can't read the filename BEFORE uploading it, I lose the extension when I rename. I figure that would not be an issue since I'll just be reading binary data from the file anyway, except I would like to do SOME kind of check to make sure the file is really an image. Granted, I may just be being paranoid by renaming the file before even storing it in a restricted, temporary directory. But I'm new to "best security practices" and I would really prefer to overcompensate versus not enough.
-- online documentation: http://openbd.org/manual/ http://groups.google.com/group/openbd?hl=en
