Hi all,
Does the file uploader class perform all the necessary security checks to verify that a file is an image such as checking the actual first 20 or so bytes of the file, etc?
Note: I already know about changing the file name, adding htaccess to the upload folder to prevent php scripts from running, etc. This is about verifying the actual image itself as being an image.
Thanks,
Alan
Does the file uploader class perform all the necessary security checks to verify that a file is an image such as checking the actual first 20 or so bytes of the file, etc?
Note: I already know about changing the file name, adding htaccess to the upload folder to prevent php scripts from running, etc. This is about verifying the actual image itself as being an image.
Thanks,
Alan