Don't understand the use of is_image when uploading a file

[eluser]Cgull[/eluser]
Hello,

I have just read a lot about security when uploading files on web sites.

A bit confused with the file uploading class, not sure how it helps prevent users from uploading harmful files.

I need to upload an image, as far as I understand, the

Code:

$this->upload->data()

array is populated only after the file has been uploaded, so I can check the is_image value only after the file has been uploaded?

So do I upload the file, check the 'is_image' field and then go and delete the file if it's not an image?
Is there no way to prevent the upload if the file is not an image?

And what if I want the user to upload a pdf file and not an image? Would I check the file type then?

Thank you.

[eluser]ss_juit@yahoo.com[/eluser]
so once you upload the file then only you can check whether the file is an image or not.

I f you want to check the file type before uploading simply check the file extension(.jpg,jpeg,.bmp,.gif etc.) for an image and accordingly upload.

[eluser]Cgull[/eluser]
Thank you, so can you maybe explain to me what is the point of this is_image field?

[eluser]ss_juit@yahoo.com[/eluser]
it checks whether a file is really an image or not.

suppose you rename an image file test.png to text.text and upload it to the directory. but this file is actually an image file. so in this case you can make sure whether this file is really image or not.