Uploading a file in PHP: confirmation that the gpx file

Question

Uploading a file in PHP: confirmation that the gpx file

I am currently working on a project in which users can upload images and GPX files. There is no problem checking the images, but I just cannot find a safe way to make sure that the gpx files are not some kind of malicious file. Any hints are greatly appreciated! Thanks in advance!

Edit: can anyone please indicate why this code is not working? By not working, I mean that it does not reject PDF files.

$xml = new XMLReader();
if (!$xml->xml($_FILES["gps"]["tmp_name"], NULL, LIBXML_DTDVALID)) {
    echo '<script>alert("Not valid!");</script>';           
    exit();
}

+4

security php file-upload gpx

user1204121 Dec 03 '13 at 19:23

source share

1 answer

Anas · Accepted Answer · 2013-12-05T21:16:33+0000

$xmlcontents = XMLReader::open($_FILES["gps"]["tmp_name"]);

$xmlcontents->setParserProperty(XMLReader::VALIDATE, true);

if($xmlcontents->isValid() and ($xml->xml($_FILES["gps"]["tmp_name"], NULL, LIBXML_DTDVALID))) {
}
else {
    echo 'Not a valid GPS file!")';            
    exit();
}

note that you check the correctness of the file as xml and its extension try this

Uploading a file in PHP: confirmation that the gpx file

More articles: