File Upload + Confirm it's an image

critical_error

Hello!

I would like to know two things:

1) I am a little newbie to PHP (although I'm not a newbie to programming), and I am aware that File Upload is generally responsible for many security flaws. However, I do not know how can I make a secure file upload.

2) The files I want to be uploaded are images. How do I know that it is indeed an image?

I am thinking of programming a photolog, and therefore I need to give the users the possibility of uploading images and attaching each image to a "blog" post.

How can I code the file upload procedure? Can someone help me on this? I know nothing about this :x

And how can I confirm that the uploaded file is in fact an image, and not an executable of some kind? I do need to make sure that the user isn't attempting to upload malware so that (s)he can link to it later to their own misuse, and I can't just look at the file extension. I will rename the file (specially to avoid filename conflicts) to some pseudorandom stuff, but anyway, better safe than sorry.

Thanks for your time!

critical_error

Weedpacket

[man]getimagesize[/man] will only return sensible results (like image type) if it's given the filename of a genuine image.

critical_error

Understood 🙂 Thanks!

For a simple file upload, what I have is the following:


<form enctype="multipart/form-data" action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="POST">
	<input type="hidden" name="MAX_FILE_SIZE" value=200000">
	File: <input name="thefile" type="file"><br>
	<input type="submit" value="Upload">
</form>

for the HTML part and


if (isset($_FILES["thefile"]["name"])) {
	$uploadTo = "pictures/";
	$uploadFile = $uploadTo . $_FILES["thefile"]["name"];

	if (move_uploaded_file($_FILES["thefile"]["tmp_name"],$uploadFile)) {
		chmod($uploadFile, 0644);	
		echo "Upload successful!";
	} else {
		echo "Upload failed";
	}
}

for the PHP part (no renaming yet). Where is the security risk on this?

What's better? (What would you advise?) Uploading a picture and putting it into a folder? Or putting it in the database and go get it when requested?
I personally believe that it's better to leave it as a file so that Apache could handle it alone - no extra load to PHP or MySQL.

I have little knowledge about good practices on PHP 🙁

Thank you for your time 🙂

critical_error