You could rely on the file's extension for some soft protection. Obviously that wouldn't stop people uploading an image (or any other type) file with a .txt extension. However, if you force the server (using .htaccess or some such device) to only output plain text from the folder(s) where the files are being stored then their uploading any other type of file than plain text would be pointless.
|