A website I am building allows file uploads by authorised users. For any specific category of uploads, a set of file types is allowed, e.g. .pdf and .docx, so that my client can choose what they want to accept.
When uploading, I check the uploaded file's MIME type (using finfo_open(FILEINFO_MIME_TYPE)
) against a database table of MIME types for that extension.
In testing, I am uploading a docx file from my PC - it has a docx extension and Windows reports the file type as application/vnd.openxmlformats-officedocument.wordprocessingml.document which is what I expect. However, finfo_open
is giving me a MIME type of application/msword.
Does finfo_open's information come from within the file or from something in the browser or the upload process (in which case I guess I'll need to specify additional MIME types allowed) or is it something within the web server (in which case, can it be modified with php.ini)?