[eluser]Neewouay[/eluser]
Hi,
I have a problem with File Uploading Class,
My param : $config['allowed_types'] = 'csv';
If I send a php file (.php) this file is accept...because this "mimi type" of file php is "application/octet-stream"...
In system/application/config/mimes.php, in the line 'csv', the mime type is too "application/octet-stream", that is why the php file is accepted, the class upload apparently does not check the extension.
Is a security bug ?
Sorry for my englsih, I try to do my best
Version of CI : 1.7.1