I have a script that allows users to upload many different kinds of files to a web site. For security, upon upload I am checking the $_FILES['userfile']['type'] against an array I have of $allowedfiletypes(). Then I remove the file extension and all 'dots' (.) from the file name, and attempt to append the real file extension. (I'm also adding an id tag to the beginning of the filename, but that's irrelevant)
For most files this is fairly easy: "image/gif" gets .gif -- But I want to allow mpeg audio uploads. However, all mpeg encoded audio returns "audio/mpeg" as the mime_type even if the file extension is .mp3 or .m4a or other mpeg types. So, how do I account for this?
How can I determine the actual extension an mpeg audio file needs? Is there some other meta data I can pull? Or do I leave mpeg audio file extensions alone?
What's your advice?
