Investigating PHP
I am currently working my way through MySQL for Dynamic Websites by Larry Ullman (edition 4).
I currently (as at December 2012) run php 5.3.10-10 and a mysql 5.1.28 database on apache 2.2.22 server on Ubuntu 12.04 in VirtualBox.
Chapter 13: Review and Pursue
A reworking of upload_rtf.php: Mar 2013
The php code in the pdf below is an investigation of the 4th and 5th Pursue elements of Chapter 13 PHP and MYSQL for Dynamic Web Sites (ed4) by Larry Ullman.
I have added code to display the name, type and size of a file that has been offered for uploading. Also error messages were added in case the file could not be uploaded (although in this case it never actually gets that far).
I got some unexpected results for MIME types for an RTF file type. One line of code defines the file as text/rtf while another line defines the file as application/rtf.
I asked for advice on this on the forum that goes with the book. I quote Larry Ullman's reply:
...finfo_file() is browser independent. It uses the file data itself, and should always be reliable. The MIME types from the browsers can be unreliable, and can be hacked by malicious users.The full text can be read at http://www.larryullman.com/forums/index.php?/topic/2183-modify-upload-rtfphp-chapter-13.