Briefing Zend Knowledge

Which of the following actions must be taken before this code may go into production?

An HTML form contains this form element
<input type=”file” name=”myFile” />
When this form is submitted, the following PHP code gets executed:
‘uploads/’ . $_FILES[‘myFile’][‘name’]);
Which of the following actions must be taken before this code may go into production?
(Choose 2)

Check with is_uploaded_file() whether the uploaded file $_FILES[‘myFile’][‘tmp_name’] is valid

Sanitize the file name in $_FILES[‘myFile’][‘name’] because this value is not consistent among
web browsers

Check the charset encoding of the HTTP request to see whether it matches the encoding of the
uploaded file

Sanitize the file name in $_FILES[‘myFile’][‘name’] because this value could be forged

Use $HTTP_POST_FILES instead of $_FILES to maintain upwards compatibility