Hi all, are there any security concerns with uploaded images?
My thought is that it wouldnt be too hard to have some kind of script masquerade as a gif file, and perhaps cause damage. I cant find anyway to check a file really is a gif/png/jpg (i assume the mimetype available in $_FILES could be spoofed). I'd welcome any thoughts in general on this, but specifically if anyone has experience/knowledge in this area and can point me in the right direction. Many thanks! -- Nick Wilson Tel: +45 3311 2250 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
