PHP: How to sanitize uploaded filenames?

Question

I have a PHP application.

I allow users to upload files to my web application.

Question: What\'s the best way for me to sanitize the file n

Answer 1

If you're not against losing the actual filenames, what I usually do is create a hash of the filename and set the filename to that, if whatever you're developing has loads of pictures being uploaded it helps avoid conflicts where two filenames are named alike and overwrites occur.

hash('md5', $_FILES["filename"]["tmp_name"]);