Feature Request - upload file extension check like mime check

See all posts Reply

Feature Request - upload file extension check like mime check new!
# Reply
by chihwen, 15 years, 1 month ago
I think the code implement like the following...
// ext_check LIKE mime_check
// Set this variable to false if you don't want to check 
// the file extension against the allowed list
$handle->ext_check = true;

// file_ext_allowed LIKE allowed
// Allowed file extension
$handle->file_ext_allowed = array(
    'gif',
    'jpg',
    'png',
    'bmp',
);

Please possible for next release or bugfix, thank you.Reply
Re: Feature Request - upload file extension check like mime check new!
# Reply
by colin, 15 years, 1 month ago
I am not sure this would be an useful feature. The file extension can be changed easily, and thus is not a reliable way of filtering files. The class has strong built-in MIME type detection features, and using MIME types is a much more reliable way of allowing or refusing precise types of files.

Could you enlighten me as to why filtering on file extension would be useful considering that you can already do the same (and better) with MIME types?Reply
Re: Feature Request - upload file extension check like mime check new!
# Reply
by chihwen, 15 years, 1 month ago
Thanks for the quick answer.
I realized what you meant.
But I just think to add file extension check to better defense.
And ensure that guess MIME type from file extension to be work well.Reply