MP3 Upload, Security and Validation.

[jscix]

Okay, This is the first time I've attempted creating anything beyond a simple image upload.

I would appreciate any helpful tips for ways to maximize validation for mp3 files.

 

Beyond using,

 

$_FILES["uploadedfile"]["type"]

 

What ways can I make sure, the file is an valid mp3 file?

 

Much appreciation in advance..

[per1os]

<?php
$name = pathinfo($_FILES['uploadedfile']['name']);

if (strtolower($name['extension']) != "mp3") {
    die("Not a valid type");
}
?>

 

I am not sure if the tmpname is correct or not, but yea that is the idea.

 

EDIT: Changed to name due to glyde's comment.

[Glyde]

It should be name, not tmpname.  First of all tmpname isn't a valid attribute of the uploaded file, tmp_name is, but that's the path to the temp file, not the original file's filename.

[jscix]

yeah, i've created a function to validate the extention,

 

Function ValidateFileXT($string) {

$trimstr = substr($string, -4); 
$xt = strstr($trimstr, '.');

if (!$xt){
return False;
}
else {
return $xt;
}
}

 

eg:

$file = strtolower(basename($_FILES['uploadedfile']['name']));

if (ValidateFileXT($file) == ".mp3") {

//yay

}

 

but I was thinking more in terms of actual validation, I think I remember reading that the GD lib. Has a function: exif_imagetype()

 

"exif_imagetype() reads the first bytes of an image and checks its signature."

 

How difficult would this be to do with an mp3?