FileUpload only check for extension? |
[eluser]Steven_W[/eluser]
[quote author="simshaun" date="1234242846"]You can't rely on only the MIME, as it is passed by the browser, and therefore easily faked.[/quote] from what I understand checking the file extension is actually safer than the MIME. http://www.scanit.be/uploads/php-file-upload.pdf Does anybody know if the upload class looks at the extension at all? |
Messages In This Thread |
FileUpload only check for extension? - by El Forum - 02-06-2009, 02:30 PM
FileUpload only check for extension? - by El Forum - 02-06-2009, 04:29 PM
FileUpload only check for extension? - by El Forum - 02-06-2009, 04:53 PM
FileUpload only check for extension? - by El Forum - 02-06-2009, 05:17 PM
FileUpload only check for extension? - by El Forum - 02-07-2009, 07:18 AM
FileUpload only check for extension? - by El Forum - 02-07-2009, 09:06 AM
FileUpload only check for extension? - by El Forum - 02-09-2009, 05:14 PM
FileUpload only check for extension? - by El Forum - 02-27-2009, 12:16 PM
|