<div>
<div class="content wysiwyg-content">
I am creating a php upload script that uses the &quot;copy&quot; function, ie. coping the file from the temporary folder to a permanent folder. However before I do this I naturally wish to validate its type. In the past I have used &quot;_type&quot; that is set a system variable when you upload, however the location of this script requires a more secure code. As you know &quot;_type&quot; only uses mime types but they just look at the extensions of the file not the file itself.<br />
&nbsp;<br />
So the question basically is how can I use php or apache or unix code to look at the file header (or deeper into the file) to work out the file type?? My preference is php but I am open to suggestions as this is such a security hazard.<br />
<br />
Many thanks for the help.<br />
<br />
Richard
</div>
</div>


I am creating a php upload script that uses the "copy" function, ie. coping the file from the temporary folder to a permanent folder. However before I do this I naturally wish to validate its type. In the past I have used "_type" that is set a system variable when you upload, however the location of this script requires a more secure code. As you know "_type" only uses mime types but they just look at the extensions of the file not the file itself.
 
So the question basically is how can I use php or apache or unix code to look at the file header (or deeper into the file) to work out the file type?? My preference is php but I am open to suggestions as this is such a security hazard.

Many thanks for the help.

Richard

Checking the type of an uploaded file

PHP is a widely-used server-side scripting language especially suited for web development, powering tens of millions of sites from Facebook to personal WordPress blogs. PHP is often paired with the MySQL relational database, but includes support for most other mainstream databases. By utilizing different Server APIs, PHP can work on many different web servers as a server-side scripting language.