php method to determine file upload type and filter unsafe data,
The example in this article describes how PHP determines the file upload type and filters out unsafe data. Share it with everyone for your reference. The details are as follows:
It is forbidden to upload files other than image files. Tip, do not get the file extension to determine the type. This is the most unsafe. We use $_FIlES['form']['type'].
This can read the file content to identify the file type, but its recognition is limited, but if you use pictures, you can understand it enough. Function, filter unsafe characters, the example function code is as follows:
Copy code The code is as follows:
function s_addslashes($string, $force = 0) {
if(!get_magic_quotes_gpc()) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = s_addslashes($val, $force);
}
} else {
$string=str_replace("","& # x",$string); //
//Filter some unsafe characters
$string = addslashes($string);
}
}
return $string;
}
//Usage example:
$_COOKIE = c_addslashes($_COOKIE);
$_POST = c_addslashes($_POST);
$_GET = c_addslashes($_GET);
//Add
to the public file
if($_FILES){
foreach( $_FILES as $key => $_value )
{
$_FILES[$key]['type'] =$_value['type'];
}
if(substr($_FILES[$key]['type'],0,6) !='image/')
{
exit;
}
}
I hope this article will be helpful to everyone’s PHP programming design.
http://www.bkjia.com/PHPjc/929089.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/929089.htmlTechArticleHow PHP determines the file upload type and filters unsafe data. This article describes the example of PHP determining the file upload type and filtering. Method of unsafe data. Share it with everyone for your reference. Tool...
Statement:The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn