I am trying to make upload avatar image for wordpress users in front end. I am using this code
it's not allowing to upload php file , but if they change the php file extension as png or jpeg they can upload the php file to my server. I try to use
but I couldn't, I am newbie for php. Or is there any other solution?
thanks for answers
Code:
$files = $_FILES['post_files'];
foreach($files as $file){
if(is_array($file)){
$uploaded_file_type = $file['type'];
$allowed_file_types = array('image/jpg', 'image/jpeg', 'image/png', 'image/gif');
if(!in_array($uploaded_file_type, $allowed_file_types)) {
$errors['image_empty'] = __( 'this image is not valid', 'themename' );
}
}
}it's not allowing to upload php file , but if they change the php file extension as png or jpeg they can upload the php file to my server. I try to use
Code:
getimagesize()thanks for answers