NYCPHP Meetup

NYPHP.org

[nycphp-talk] uploaded files

csnyder chsnyder at gmail.com
Fri Jul 28 12:18:57 EDT 2006


On 7/28/06, Daniela Gutierrez <daniela at ula.ve> wrote:
> Thanks Chris, I've already tried getimagesize() and it works great, but
> I also might allow the users to upload an image as pdf or some others
> formats like tif or may be bmp I don't know yet, but I think that I
> could validate those types of files with a system call to `file -i`,  I
> would give me the type of file also, I'm not sure if it's safe but I'm
> gonna try and see what happens, thanks for your answer, I appreciate it
> so much!
>
> Daniela

Using `file -i` should be perfectly safe, as you won't be including
any user-submitted info in the command. An excellent solution, though
you may find that it's not always accurate against new or unusual
formats.

If you run into problems, you might also try the FileInfo extension
(http://php.net/fileinfo), which seems to use a different database.



More information about the talk mailing list