class.upload.php is a powerful and mature PHP class to manage uploaded files, and manipulate images in many ways. The script is available under a GPL license.
// ext_check LIKE mime_check
// Set this variable to false if you don't want to check
// the file extension against the allowed list
$handle->ext_check = true;
// file_ext_allowed LIKE allowed
// Allowed file extension
$handle->file_ext_allowed = array(
'gif',
'jpg',
'png',
'bmp',
);
Please possible for next release or bugfix, thank you.Reply
I am not sure this would be an useful feature. The file extension can be changed easily, and thus is not a reliable way of filtering files. The class has strong built-in MIME type detection features, and using MIME types is a much more reliable way of allowing or refusing precise types of files.
Could you enlighten me as to why filtering on file extension would be useful considering that you can already do the same (and better) with MIME types?Reply
Thanks for the quick answer. I realized what you meant. But I just think to add file extension check to better defense. And ensure that guess MIME type from file extension to be work well.Reply
Please possible for next release or bugfix, thank you.
Could you enlighten me as to why filtering on file extension would be useful considering that you can already do the same (and better) with MIME types?
I realized what you meant.
But I just think to add file extension check to better defense.
And ensure that guess MIME type from file extension to be work well.