I know I could parse the files name for the extension, but that can be faked. I know I can get the mime type, but they can also be faked. I know I could use Magic Numbers, but on some files, they are not at the top of the file.
Is there any guarenteed way of getting the REAL file type so my server wouldn't get infected?
IF NOT, then that is plain stupid, why isn't there?
IF there IS, please tell me.
Thanks, Caelan.