I am creating a php upload script that uses the "copy" function, ie. coping the file from the temporary folder to a permanent folder. However before I do this I naturally wish to validate its type. In the past I have used "_type" that is set a system variable when you upload, however the location of this script requires a more secure code. As you know "_type" only uses mime types but they just look at the extensions of the file not the file itself.
So the question basically is how can I use php or apache or unix code to look at the file header (or deeper into the file) to work out the file type?? My preference is php but I am open to suggestions as this is such a security hazard.
Many thanks for the help.