Im designing a secure section of my site :-
(passworded...) (not https - but just passworded)

Im planning on adding a file-upload script, & have found this on the net...

http://www.phpfreaks.com/tutorials/36/0.php


My main query - Is to how do I test to see if the file is actually a
JPG / GIF / BMP
(not just by the file-extension...) - by actually 'analysing' the file
& see if its a picture...

if ($_FILES['imagefile']['type'] == "image/gif")

Do I just add bmp / jpg to the above lines - EG :-

$test=0;
if ($_FILES['imagefile']['type'] == "image/gif"){$test=1;}
if ($_FILES['imagefile']['type'] == "image/jpg"){$test=1;}
if ($_FILES['imagefile']['type'] == "image/bmp"){$test=1;}

if ($test==1){

do stuff .....

}

is that correct ??? - I want allow Only those types of pics... - Does
the above actually test to see if its an image - or can someone
by-pass it by renaming an executable to programme.jpg


--
G
Yahoo Archives by email = Yes
http://groups.kwister.com/owners.php#add
NZ community groups - [EMAIL PROTECTED]


Community email addresses:
  Post message: [email protected]
  Subscribe:    [EMAIL PROTECTED]
  Unsubscribe:  [EMAIL PROTECTED]
  List owner:   [EMAIL PROTECTED]

Shortcut URL to this page:
  http://groups.yahoo.com/group/php-list




SPONSORED LINKS
Php mysql Job postings


YAHOO! GROUPS LINKS




Reply via email to