I want check uploading file type, tell please where way is reliable for this,

Question

0

Asked: June 10, 20262026-06-10T18:10:14+00:00 2026-06-10T18:10:14+00:00

I want check uploading file type, tell please where way is reliable for this,

0

I want check uploading file type, tell please where way is reliable for this, in where case obtain I more exactly info about file type? in this:

$_files['uploaded_file']['type']

or in this:

$imgType = getimagesize($_files['uploaded_file']['tmp_name']);
$imgType['mime'];

?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-10T18:10:16+00:00

$_FILES['uploaded_file']['type'] is user input – it is an arbitrary string defined by the client. It is therefore not safe to use for anything at all, ever.

getimagesize() is a much safer way to do it, but it does not protect you completely.

You also need to:

Store the file on your local server with a name completely of your own devising. It is not safe to rely on any user input for generating local file system file names.
Use GD to copy the pixel data from the source file to the destination file. getimagesize() only looks at the meta data associated with the file and does not look at the file data. It is possible to hide malicious code inside something that looks like an image. Once you have resampled the image, ensure the uploaded file is deleted from the server.
Ensure that the file is stored in the local file system with the minimum required permissions and a restrictive owner/group.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I want check uploading file type, tell please where way is reliable for this,

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply