Можно ли обойти такую проверку расширения?

Discussion in 'Песочница' started by aparsera, 17 Apr 2019 at 9:07 PM.

  1. aparsera

    aparsera New Member

    Joined:
    19 Jun 2018
    Messages:
    7
    Likes Received:
    0
    Reputations:
    0
    как залить php?

    // Validate file extension
    $extension_whitelist = "asf,avi,bmp,fla,flv,gif,jpeg,jpg,mov,mpeg,mpg,png,tif,tiff,wmv";
    $path_info = pathinfo($_FILES[$upload_name]['name']);
    $file_extension = $path_info["extension"];

    $is_valid_extension = false;
    $allowedExtensions = explode(',', $extension_whitelist);

    foreach ($allowedExtensions as $extension) {
    if (strcasecmp($file_extension, str_replace(' ', '', $extension)) == 0) {
    $is_valid_extension = true;
    break;
    }
    }
     
Loading...