Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to check file types of uploaded files in PHP?

Tags:

mime-types

validation

php

file-upload

On the PHP website, the only real checking they suggest is using is_uploaded_file() or move_uploaded_file(), here. Of course you usually don't want user's uploading any type of file, for a variety of reasons.

Because of this, I have often used some "strict" mime type checking. Of course this is very flawed because often mime types are wrong and users can't upload their file. It is also very easy to fake and/or change. And along with all of that, each browser and OS deals with them differently.

Another method is to check the extension, which of course is even easier to change than mime type.

If you only want images, using something like getimagesize() will work.

What about other types of files? PDFs, Word documents or Excel files? Or even text only files?

Edit: If you don't have mime_content_type or Fileinfo and system("file -bi $uploadedfile") gives you the wrong file type, what other options are there?

like image 731
Darryl Hein Avatar asked Nov 22 '08 01:11

Darryl Hein

People also ask

How do I find my uploaded files in PHP?

The is_uploaded_file() function in PHP is an inbuilt function which is used to check whether the specified file uploaded via HTTP POST or not. The name of the file is sent as a parameter to the is_uploaded_file() function and it returns True if the file is uploaded via HTTP POST.

Which of the following provides contain type of the uploaded file in PHP?

The PHP global $_FILES contains all the information of file. By the help of $_FILES global, we can get file name, file type, file size, temp file name and errors associated with file.

How check file is PDF or not in PHP?

You can check the MIME type of the file using PHP's File Info Functions. If it returns with the type 'application/pdf' then it should be a PDF.

What is PHP file type?

A file with the . php file extension is a plain-text file that contains the source code written in the PHP (it's a recursive acronym meaning PHP: Hypertext Preprocessor) programming language. PHP is often used to develop web applications that are processed by a PHP engine on the web server.

1 Answers

Take a look at mime_content_type or Fileinfo. These are built-in PHP commands for determining the type of a file by looking at the contents of the file. Also check the comments on the above two pages, there are some other good suggestions.

Personally I've had good luck using something that's essentially system("file -bi $uploadedfile"), but I'm not sure if that's the best method.

like image 160
davr Avatar answered Sep 23 '22 02:09

davr
Sign in to Comment

Related questions

How can I access my Laravel app from another PC?
Show AJAX upload status on progress element
Laravel Query Builder where max id
How can I tell which CakePHP version is a project made with?
PHP pass function name as param then call the function?
Doctrine2 migrations migrate down and migrate from browser and not command line
Remove newline character from a string using PHP regex
Column count of mysql.proc is wrong. Expected 20, found 16. The table is probably corrupted
Clear PHP CLI output
Run a mySQL query as a cron job?
Catching Stripe errors with Try/Catch PHP method
url encode equivalent in ruby on rails
Carbon - get first day of month
Doctrine 2.1 - datetime column default value
What is the best IDE for PHP? [closed]
DOM parser that allows HTML5-style </ in <script> tag
PHP: When does the temporary uploaded files get deleted?
Importing classes and namespaces in PHP: What difference does a leading backslash make?
Justify string algorithm [closed]
Laravel Request input() or get()

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!