Another note, If all checks

greg — Fri, 13 Jun 2008 23:08:12 +0000

Another note,
If all checks are ok, I use PHP to move the file from tmp to /real_folder and to the name I define, which is always jpg. Then take the new moved file and use Imagick to resize and overwrite the file with the same name.

If it wasn't changed by Imagick then I assume foul play and delete the image. I know that may be considered a bit hit and miss, but I know of people where file upload failed with this technique in place, and after investigating the files most contained JS, the others some other code like Java/ASP.

I guess no way is 100% fool proof, but with all the checks and stopping code execution in the folder they reside I think it's pretty safe.

Hidden PHP code in the

teammatt3 — Fri, 13 Jun 2008 16:30:09 +0000

Hidden PHP code in the comments of the gif could be executed if the file extension is PHP. I guess if you recreate the image, those comments might be left out. But I only recreate the image if the image size is too high or wide. And I guess what greg said would prevent that too.

Checking the filename isn't

pr0gr4mm3r — Fri, 13 Jun 2008 13:57:14 +0000

Checking the filename isn't really necessary if you check content & mime types. I usually recreate the file extension based on the type anyway, for the people that use .jpeg instead of .jpg and .tiff instead .tif.

Thats all I check for. I

greg — Fri, 13 Jun 2008 04:27:14 +0000

Thats all I check for.

I first use the PHP $_FILES [error] to quickly check for errors for a quick exit if any found, then run some more solid checks as you listed.

I also use a htaccess in the images folder that prevents any scripts running.