Home > Backend Development > PHP Tutorial > PHP determines file upload type and filters unsafe data_PHP tutorial

PHP determines file upload type and filters unsafe data_PHP tutorial

WBOY
Release: 2016-07-20 11:06:54
Original
1708 people have browsed it

php tutorial to determine file upload type and filter unsafe data

This function filters unsafe characters

function s_addslashes($string, $force = 0) {
if(! get_magic_quotes_gpc()) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = s_addslashes($val, $ force);
}
} else {
$string=str_replace("","& # x",$string); //

Filter some unsafe characters
$string = addslashes($string);
}
}
return $string;
}

Example:
$_COOKIE = c_addslashes($_COOKIE) ;
$_POST = c_addslashes($_POST);
$_GET = c_addslashes($_GET);

Add

if($_FILES){
foreach( $_FILES as $key => $_value )
{
$_FILES[$key]['type'] =$_value['type'];
}
if( substr($_FILES[$key]['type'],0,6) !='image/')
{
exit;
}
}

Upload prohibited For files other than image files,
Tip:
Do not get the file extension to determine the type. This is the most unsafe. We use $_FIlES['form']

['type' ]
This can read the file content to identify the file type, but its recognition is limited, but if you use pictures, it is enough

to understand it.

www.111cn.cn This site is original, please note


www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/444984.htmlTechArticlephp tutorial to determine file upload type and filter unsafe data. This function filters unsafe characters function s_addslashes($string, $ force = 0) { if(!get_magic_quotes_gpc()) { if(is_array($s...
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template