Upload permit of the extention "mov"

if ($_FILES['file']['type'] == 'image/jpeg') or ($_FILES['file']['type'] == 'image/gif') or 
($_FILES["file"]["type"] == "image/png") 

The code above permits jpeg, gif, and png.
I like to add “mov” to the code above.

But the code below doesn’t work I expected.

if ($_FILES['file']['type'] == 'image/jpeg') or ($_FILES['file']['type'] == 'image/gif') or 
($_FILES["file"]["type"] == "image/png") OR  ($_FILES['file']['type'] == 'image/mov') 

The code below also doesn’t work.

if ($_FILES['file']['type'] == 'image/jpeg') or ($_FILES['file']['type'] == 'image/gif') or 
($_FILES["file"]["type"] == "image/png") OR  ($_FILES['file']['type'] == 'movie/mov') 

There’s a complete list of MIME types here. That should help.

Note that $_FILES['file']['type'] is provided by the user/browser and can NOT be relied upon, as stated in the manual: https://www.php.net/manual/en/features.file-upload.post-method.php

What you should do instead is take the mime type that comes in, find what extension belong to that mime type and then rename the file to ensure it really has that mime type.

That way people can never pass off .exe files as an image (and yes, that is possible), because you’ll rename if from .exe to .jpg for example.

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.