My site allows anonymous uploads to a web-accessible location (that will execute a script if it finds one).
Naturally, I need to verify that only harmless content is accepted. I am expecting only images, so I use:
<?php
$im = $imagecreatefromstring($USERFILE);
$valid = ($im != FALSE);
imagedestroy($im);
return $valid;
?>