I have an uploader in my website and when I use this code to check file type
if($_FILES['fileToUpload']['type']=='image/jpeg' || $_FILES['fileToUpload']['type']=='image/gif' || $_FILES['fileToUpload']['type']=='image/png' )
{
$file_Name = time().".".end(explode(".",$_FILES['fileToUpload']["name"]));
$_FILES["fileToUpload"]["name"] = $file_Name;
move_uploaded_file(@$_FILES["fileToUpload"]["tmp_name"], "upload/" . @$_FILES["fileToUpload"]["name"]);
$msg .='Your file was uploaded successfully';
}
but some hacker they can hacked and upload php file , is there any way more security
Note: when I create php file and I change its extinction to .jpg then I upload the file it will be uploaded