In php, I can check if the downloaded file has the correct type by extension, so the code should look like this:
if ((($_FILES["photo1"]["type"] == "image/gif") || ($_FILES["photo1"]["type"] == "image/jpeg") || ($_FILES["photo1"]["type"] == "image/png")) && ($_FILES["photo1"]["size"] < 500000)) //also limiting size
Then in the next step in my code I will prepare the file for further processing. But what if someone changes text_file.doc or javascript_file.js to samplefile.jpg before downloading?
move_uploaded_file(($_FILES['photo1']['tmp_name']), "photos/1.jpg"); $source1 = imagecreatefromjpeg("../photos/source1.jpg");
Then the user will see errors from the imagecreatefromjpeg
step:
Warning: imagecreatefromjpeg() [function.imagecreatefromjpeg]: gd-jpeg: JPEG library reports unrecoverable error: in...
How to skip part of the processing if the file is not a graphic file and does not display errors?
Lucas source share