When a jpg is not a jpg

For my user transfer file routine, I only want them to be able to transfer pics or pdf.
I test the extension (jpg, jpeg, gif, png, pdf
Up till now this has worked fine.
BUT someone transfered a aaa.jpg YET it was not a jpg but a php.

Is there some way to test a file for a pic or pdf other than the extension ?


You could try getimagesize() which should fail on anything than an image file.

The problem is you will still need to upload it to use the getimagesize and it would not work with a pdf?

I know jpg files all start with certain characters but I do not know how you could check that: http://en.wikipedia.org/wiki/Magic_number_(programming)

P.S. There is a Unix program to detect file types but I have no idea how you would use it: http://en.wikipedia.org/wiki/File_(command)

Try this:


Thanks to all for pointing me in the right direction.
I’ll get down to work to try these out.