

Handling image uploads securely in PHP - codepunker
http://www.codepunker.com/blog/handling-image-uploads-securely-in-php

======
NewsReader42
You should also check the size of the image to make sure it's actually an
image. I can quite easily get a php file into your system using your current
way as you ONLY check for extension.

~~~
NewsReader42
By size I mean dimensions.

