Gerard Samuel wrote: > On Saturday 06 December 2003 11:01 pm, Richard Davey wrote: > > Yes, check the $_FILES['userfile']['type'] after upload. > > > That can be spoofed. > There isn't really a way to determine file types...
I was thinking of trying something like ereg("[[:print:]]*", "$contents") on the
file. Not really what I want, but would reject obvious non-text files.
-Bob
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
