Hi,
I'm creating an upload section that limits users to upload the following file types:

.pdf
.zip
.rar
.doc
.jpeg
.gif

When getting the type for .pdf files, it comes up as:
application/force-download

and for .rar files it comes up as:
application/x-download

If I do a check that says:

if ($type=="application/force-download" || $type=="application/x-download")

then will users only be able to upload .PDF and .RAR files? I'm assuming these two types will allow other formats as well.

If this is the case, how can I check the extension of the file before the user is able to upload it. I was thinking of somehow capturing the last 3 letters of the filename, and then doing the check that way, except I'm not sure how to go about this. Any insight appreciated!

    but note just because it's named *.pdf does not make it a valid pdf file. as with any file name

      dagon;10960229 wrote:

      but note just because it's named *.pdf does not make it a valid pdf file. as with any file name

      The same can be said of checking the mime type 😉

        Maybe not but if the first 4 chars are '%PDF' then it is a PDF.

          mrbaseball34;10960457 wrote:

          Maybe not but if the first 4 chars are '%PDF' then it is a PDF.

          So if I open Notepad, type "%PDF is a fun thing to say!" and save that as a new file, I've just created a new PDF document?

            Technically, no. But if you are opening a file that someone uploaded, it would make sense to check that as well as the MIME type if the MIME type returned something other than application/PDF.

              Write a Reply...