How to ensure secure file uploading?

[MutantJohn]

Hey everyone,

 

I'm trying to create a way for users to upload files to the server but I'm kind of a web development noob so I was wondering, does anyone know how to make sure users don't just destroy everything?

 

I've figured I can check the upload extension and use a whitelist to ensure proper extensions (so no PHP file or binary uploads). But aside from basic stuff like checking the file size and extension, what else should I be wary of?

[scootstah]

You need to check the MIME type, not the file extension. The file extension is just a meaningless part of the file name. You can check the MIME type with PHP's Fileinfo class.

[MutantJohn]

I've been doing a lot more research since making this topic and I gotta say, it's scary what people can do O_o

 

I've heard even the MIME type stuff can be faked.

 

I've seen some tips that a good handle on the permission system is a good idea. For example, removing the executable permission. This is for a Linux server, btw.

 

I've also heard that its best to move uploaded files to something not in the web root and that you should also store the files with a randomly generated name and use a database to map the random name to the "real" name and this way, I can create another script that'll serve the files how I specify.

 

Is there any merit to this?

[scootstah]

Sure, those are all good ideas.

 

MIME type cannot be faked, though it is possible to embed code inside of an otherwise valid file. This can't really do anything by itself, and is only nasty when whatever is using the file executes that code.