Home/ Questions/Q 8721667
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-13T07:15:29+00:00

I am currently building a PHP application that lets users upload files. I am

  • 0

I am currently building a PHP application that lets users upload files. I am currently at the upload page, but my verification system does not work. I am using this system to validate files as audio files.

// Set our file name and extension
$fname     = $_FILES['file']['name'];
$extension = strtolower(substr($fname, strpos($fname, '.') + 1));

// Check file
if ($extension == 'mp3' && $_FILES['file']['type'] == 'audio/mpeg') {
    //File is valid mp3
} else {
    //File is invalid
}

Now this doesn’t work, but the weird thing is when I echo out $_FILES['file']['type'] it does not echo out a mime type for audio files. When I do this for any other file type, it echoes it out successfully.

It doesn’t give a mime type only for audio files. I have tried it with WAV and M4A files, and it doesn’t return one with any of these either. Is it something with the file type, or do I have to edit the .htaccess file or the MIME.types file in my xampp server. Also could there be a better way to validate uploaded files?

Also note that it does this on my xampp server, and the free server that I am using for test purposes.

Thanks for the help.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    $_FILES['file']['type'] comes from the browser that uploads the file so you can’t rely on this value at all.

    Check out finfo_file for identifying file types based on file content. The extension of the file is also unreliable as the user could upload malicious code with an mp3 extension.

    • 0