1
I would like tips for a safe upload of images with php. Several users will have access, what security tips you would give?
On the internet, I found the following tips:
1º - Validate file size (bytes);
2º - Validate width;
3º - Validate height;
4º - Validate extension;
5th - Validate Mime Type;
6º - Remove points, previous to extension (or encode the name with MD5);
7º - Validate the binary image file... ex: PNG = PNG
Is there anything else I can do to keep the upload safe?
search the site for each item you have described and you will find answers for all.
– Daniel Omine
@Danielomine I do not want the answer to the items I described... I wonder if there is anything else I can do to validate... The only question I have is in relation to checking the file, because I do not know what the default of PNG, Jpeg, jpg and Gif... ATT
– abcd
rephrase the question
– Daniel Omine
Also important, turn off the Apache mime-Magic to avoid the problem related to item 7. Item 6 should not exist, because the ideal is to upload the image with a sequential code only. The name can serve for reference purposes only. By the way, if you will not keep the original name, has no use MD5.
– Bacco