NEVERFEAR (Post Comments)

NEVERFEAR (Post Comments) http://neverfear.org NEVERFEAR (Post Comments) http://neverfear.org http://neverfear.org/favicon.ico en-uk Tue, 14 Apr 2026 18:39:48 +0000 Comment on Super simple (common) php hax for dummies. http://neverfear.org/blog/view/13/Super_simple__common__php_hax_for_dummies_/comments#comment_28 Mon, 07 Apr 2008 22:58:44 +0000 Your solution wouldn't work due to the undefined getext() function. Aside from checking the suffix, you could just check that a valid image type was supplied.

<?php
// i assume here that the form field name value is "imagefile"
$imagename = basename($_FILES['imagefile']['name']);
$ext = substr($imagename, strrpos($imagename, '.') + 1);
// i hate suppression but you don't seem to mind it
if(@exif_imagetype($_FILES['imagefile']['tmp_name']) !== false)
{
    // process it here, its a valid image type, also do other checks
}
else
{
    @unlink($_FILES['imagefile']['tmp_name']); // its bad, get rid
}
?>

]]> mulraney@gmail.com http://neverfear.org/blog/view/13/Super_simple__common__php_hax_for_dummies_/comments#comment_28