On 6 September 2010 15:04, ash@xxxxxxxxxxxxxxxxxxxx <ash@xxxxxxxxxxxxxxxxxxxx> wrote: > I think you should not focus so much on the file extension, as that is mostly meaningless if someone wanted to attack your system. > > Instead, you could wrap a call to the command line 'file' command, which gives mostly accurate information about a file. Basically it reads the first few bytes to see it is what it expected. There is a php wrapper for this, but I forget what its called just now. > > If you do need to just grab a file extension though, you can do it with a call to pathinfo() with the 2nd argument of PATHINFO_EXTENSION. > > Thanks, > Ash > http://www.ashleysheridan.co.uk > > ----- Reply message ----- > From: "Jordan Jovanov" <jovanovjoce@xxxxxxxxx> > Date: Mon, Sep 6, 2010 14:46 > Subject: Hi > To: <php-general@xxxxxxxxxxxxx> > Cc: <jovanovjoce@xxxxxxxxx> > > > Hi All > > I need me a little help. > I create scripte for upload file is work very good but the problem is next: > I neet to upload only .zip file i need to disable some user to shoise to > upload another file Extensions. > > Can somebody help me. > > Thanks a lot. > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > How is the ['type'] arrived at within PHP. Is this supplied by the web server? Or does PHP have to work it out before passing it to userland code? Either way, is it not accurate enough? -- Richard Quadling Twitter : EE : Zend @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
