On 14 August 2010 22:36, Sebastian Ewert <seb2015@xxxxxxxx> wrote: > Hi, > > before I allow to upload images I read them and check for several html > tags. If they exist I don't allow the upload. Is their any need to check > pdf files, too? At the time I'm doing this, but the result is that many > files are denied because of unallowed html tags. > Reading and checking for html tags seems rather excessive - I would rather use image extensions/pdf extensions and tools to verify that the uploaded data was in fact one or the other. If someone uploads an image and you cannot get the image dimensions from the file, for instance, then it's likely not an image. Regards Peter -- <hype> WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 </hype> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
