/** * [isValid check that file is valid and secure * @param File $file * @return boolean true if valid and secure */ protected function isValidAndSecure(UploadedFile $file) { if (!$file->isValid() || $file->isExecutable()) { return false; } $finfo = finfo_open(FILEINFO_MIME); //check to see if the mime-type contains '/x-' means executable file if (strpos(finfo_file($finfo, $file), '/x-')) { return false; } return true; }