class.upload.php is a powerful and mature PHP class to manage uploaded files, and manipulate images in many ways. The script is available under a GPL license.
1. You can't rely on file extensions. Instead of blacklisting extensions, you can blacklist MIME types, using allowed and forbidden.
2. It is not possible with the class as it is written now. But this should be doable in the upcoming compete rewrite of the class. That said, you can remove most of the "dangerous checking" if you wish (see no_script for instance)Reply
maybe i missunderstanding. 1. the apache configuration uses extensions to determine which file should be parsed as i.e. php-file. and your upload-class changes the extension of some dangerous text-files. i would like to configure which extension will be transformed. 2. thank you.Reply
OK, I understand what you mean. It is quite complex to add options for that, as it checks on the MIME type, on the extension, etc... I will see if I can add this feature in a next release.Reply
2. It is not possible with the class as it is written now. But this should be doable in the upcoming compete rewrite of the class. That said, you can remove most of the "dangerous checking" if you wish (see no_script for instance)
1. the apache configuration uses extensions to determine which file should be parsed as i.e. php-file. and your upload-class changes the extension of some dangerous text-files. i would like to configure which extension will be transformed.
2. thank you.