[eluser]Patche[/eluser]
Hi,
Thanks for your reply.
That link shows that it's checking the file type using the $_FILES[]['type'] array- which is set by the browser and can be spoofed by the user right? And didn't you just say not to check the mime type when uploading files?
Sorry for all the questions, just slightly confused