Security Considerations

Handling files requires proper security practices.

Important considerations:

Validate file types
Limit upload size
Store files outside the public directory
Rename uploaded files

Example

1
$allowed = ["jpg", "png"];
2

3
$extension = pathinfo($\_FILES["file"]["name"], PATHINFO_EXTENSION);
4

5
if (!in_array($extension, $allowed)) {
6
die("Invalid file type");
7
}