In my upload script I have an if statement that only allows the following...
"image/jpeg"
"image/jpg"
"imagepjpeg"
"image/gif"
"image/png"
but for some reason users are able to upload "image/bmp"...
Am I doing something wrong? I specifically do not want .bmp's on my server, and for some reason they are getting by. I also checked the actual file, and it is a .bmp file not a .bmp.gif or any tricky extension that might confuse the browser.
Any suggestions?