Hi all,
I need to figure out how to validate the contents of a file. I know how to do it via mime and extension, but i could still upload, for example, a php file that would satisfy those checks.
Any ideas?
regards
paul
whiteyoh
0
Posting Pro in Training
Recommended Answers
Jump to PostI don't understand what you're getting at. You want your users to upload php files?
Are these for you to peruse/check or are they supposed to be run in situ?
Seems a bit dodgy to me.
All 3 Replies
diafol
I don't understand what you're getting at. You want your users to upload php files?
Are these for you to peruse/check or are they supposed to be run in situ?
Seems a bit dodgy to me.
whiteyoh
0
Posting Pro in Training
What i want is the actual file contents to be validated. I.e if the file is a pdf, i want to check that it really is a pdf. And not another file type in disguise.
for example, the following works with images and pdf's but not for word files
<?php
$file = 'example.pdf'; // pdf gives pdf, images give correct image, but doc and docx gives zip
$file_info = new finfo(FILEINFO_MIME);
echo $mime_type = $file_info->buffer(file_get_contents($file));
diafol
Ah, I see. Sorry I thought you were trying to get users to upload a php file. My apologies.
Your server settings should prevent php files from being 'run' unless they have a .php extension. *I think*
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.