$_FILES['']['type'] is giving application/octet-stream as output

Question

Description :

I am uploading a video and as usual checking the type of the file before uploading it .... the file was not being uploaded so I thought of outputting the value of $_FILES['upload']['type'] and it gives me the following

echo $_FILES['upload']['type'];

out put

application/octet-stream

so due to that it fails all the checks in the code like following

if(($_FILES['group_video']["type"] == "video/FLV") 
|| ($_FILES['group_video']["type"] == "video/MP4")

or

in_array($extension, $allowedExts)

How should I solve this problem ?? Why is it not showing the type of the video ?? Am I missing Something ??

Answer 1

Mario is correct with his comment above; your client has decided that the FLV is of type application/octet-stream. This is kind of a valid mime type for an FLV file, so you need to account for it in your code. I'd suggest having a list of file extensions that you accept, and attaching a list of permissable mime types to each one. For example:

array (
    'mp4' => array ('audio/mp4', 'video/mp4'),
    'flv' => array ('video/flv', 'video/x-flv', 'application/octet-stream')
);

Now when you get an upload, you get the extension first and check that the mime type matches one of the types you accept for the extension.

This will give you some reassurance against people mistakenly uploading incorrectly named or formatted media, but will not prevent users deliberately uploading files with malicious content; all content uploaded by your users should be checked for viruses before being trusted.