PHP upload file types
PHP upload file types
Out of context: Reply #4
- Started
- Last post
- 10 Responses
- enobrev0
as one of the comments in the first manual link states, they're easy to fake. also, I've seen that different browsers send different mime types as well (which I always found strange).
The most fully reliable means of knowing a file's type is to read the actual binary file headers. I recall seeing some php project to do just that some time ago, but it was a very heavy task with big fat files. And those were mostly audio and video files. If i find a link, I'll post it.
For the most part you can rely on the mime type you get by the normal php functions, but test with all browsers to see that they are reporting the same mime types, and be prepared for spoofed ones.