What are risks when uploading files other than limiting some extensions (like exe's)?[/QUOTE]

That also depends on how you're checking your extension. E.g. say you're getting the extension from the filename via $_FILES['myfile']['name'] using PHP's string functions, the value of $_FILES['myfile']['name'] can be faked. For images you can use [URL="

Stefano Mtangoo commented: thanks for that +6