Hi all,
I need to figure out how to validate the contents of a file. I know how to do it via mime and extension, but i could still upload, for example, a php file that would satisfy those checks.
Any ideas?
regards
paul
Hi all,
I need to figure out how to validate the contents of a file. I know how to do it via mime and extension, but i could still upload, for example, a php file that would satisfy those checks.
Any ideas?
regards
paul
Jump to PostI don't understand what you're getting at. You want your users to upload php files?
Are these for you to peruse/check or are they supposed to be run in situ?
Seems a bit dodgy to me.
I don't understand what you're getting at. You want your users to upload php files?
Are these for you to peruse/check or are they supposed to be run in situ?
Seems a bit dodgy to me.
What i want is the actual file contents to be validated. I.e if the file is a pdf, i want to check that it really is a pdf. And not another file type in disguise.
for example, the following works with images and pdf's but not for word files
<?php
$file = 'example.pdf'; // pdf gives pdf, images give correct image, but doc and docx gives zip
$file_info = new finfo(FILEINFO_MIME);
echo $mime_type = $file_info->buffer(file_get_contents($file));
Ah, I see. Sorry I thought you were trying to get users to upload a php file. My apologies.
Your server settings should prevent php files from being 'run' unless they have a .php extension. *I think*
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.