https://legacy.forums.gravityhelp.com/topic/image-upload-validation Gravity Support Forums Topic: Image Upload Validation en-US Sun, 19 Apr 2026 23:14:10 +0000 http://bbpress.org/?v=1.0.1 q https://legacy.forums.gravityhelp.com/search.php https://legacy.forums.gravityhelp.com/topic/image-upload-validation#post-72558 Sat, 25 Aug 2012 08:37:32 +0000 Chris Hajer 72558@https://legacy.forums.gravityhelp.com/ <p>You're not missing any configuration options. Most users don't misname their files intentionally. A malicious user could try to get around upload restrictions by giving a PHP file an image extension, and uploading that, but then what happens?</p> <p>We have discussed this in the past:<br /> <a href="http://www.gravityhelp.com/forums/topic/file-upload-security-1" rel="nofollow">http://www.gravityhelp.com/forums/topic/file-upload-security-1</a> </p> https://legacy.forums.gravityhelp.com/topic/image-upload-validation#post-71054 Tue, 14 Aug 2012 15:54:24 +0000 ezoehunt 71054@https://legacy.forums.gravityhelp.com/ <p>It is possible to upload a file to the Image field that does not match filetype gif, jpg, or png. For instance, I just uploaded a php file with .gif extension through the Image field. Isn't this problematic? Can you add a filetype check to the image upload field?</p> <p>Also able to upload a php file with .pdf extension to the File field. </p> <p>These don't seem to be checking mime type. Do you expect users to manage that on their own? Or is there something I'm missing in my Gravity Forms configuration? </p>