class.upload.php is a powerful and mature PHP class to manage uploaded files, and manipulate images in many ways. The script is available under a GPL license.
I was just wondering if, when you set the "allowed" array, not only will the class check to make sure the MIME type of the submitted file matches one of those mime types... but does it also do any checks to make sure that the file extension of the file is actually a file extension that "goes with" that same MIME type?
From what I've read, for security reasons, one should do both: Check the MIME type, but then check to make sure that the extension on the file actually matches the MIME type.
I was just wondering if, when you set the "allowed" array, not only will the class check to make sure the MIME type of the submitted file matches one of those mime types... but does it also do any checks to make sure that the file extension of the file is actually a file extension that "goes with" that same MIME type?
From what I've read, for security reasons, one should do both: Check the MIME type, but then check to make sure that the extension on the file actually matches the MIME type.
??
Thanks!
-= Dave =-