PHP

text/x-php

Safe

Magic Bytes

Offset: 0
3C 3F 70 68 70

PHP is a general-purpose scripting language primarily maintained by The PHP Group for use in web development. These files are primarily used to create dynamic web pages, interact with databases, and facilitate server-side logic within web application frameworks. While the files are safe for local storage, they pose security risks if executed on a misconfigured server or if processed user input is not properly sanitized.

Extension

.php

MIME Type

text/x-php

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .php files in Python

Python 
def is_php(file_path: str) -> bool:
    """Check if file is a valid PHP by magic bytes."""
    signature = bytes([0x3C, 0x3F, 0x70, 0x68, 0x70])
    with open(file_path, "rb") as f:
        return f.read(5) == signature

How to validate .php files in Node.js

Node.js 
function isPHP(buffer: Buffer): boolean {
  const signature = Buffer.from([0x3C, 0x3F, 0x70, 0x68, 0x70]);
  return buffer.subarray(0, 5).equals(signature);
}
Go 
func IsPHP(data []byte) bool {
    signature := []byte{0x3C, 0x3F, 0x70, 0x68, 0x70}
    if len(data) < 5 {
        return false
    }
    return bytes.Equal(data[:5], signature)
}

API Endpoint

GET /api/v1/php
curl https://filesignature.org/api/v1/php

Related Formats

.php3 .php4 .shp .xml .xsd .xsl .cpl .vlt .ft10