I am developing a method which will take a posted file, perform a series of checks and then write the file to the server (Linux) if it passes all of the checks.
Currently I perform the following checks:
Check to make sure the filesize is not too big
Check the files extension
Not quite sure what else to put. I have a very fast server so it okay if it performs a lot of checks. better safe than sorry. I was going to check the mime type but my server does not have that extension installed. I was also thinking of using the is_file() function to make sure a proper file is uploaded and the is_executable() function to make sure that no executable files are uploaded (Currently I am only uploading images).
I'd like to make my upload function very robust so I am sure that their are other checks which need to be performed. Also I have heard that apache can also report errors on file uploads. Though I am not sure how to do this.
