ok ive created a basic file upload script that checks the mime type that the brower has sent but this is not secure as a user can upload an image that is a .vbs rename to .jpg (the allowed type) and then run this script somehow on the server.
Is there is away I can use php to verify the file is infact an image?
Obviously I don't want to upload files into a public directory and want each image called first via the secure script how would you recommend doing this?
![[php] image uploads - how to secure?](https://www.webhostingtalk.com/images/wht_smilies/wink.gif)
