Hope this helps: Make use of the "magic number" of a file to determine its type. Most *nix systems will have a file called /etc/magic (look at the manpage for the file command for your specific system) which contains the "magic numbers" for many many different filetypes. All the mainstream image formats support this. So, by looking at the very first few bits of the file you can tell if it is an image file or not by way of a comparison with entries in /etc/magic. Now, keep in mind that this allows you determine what a file is calling itself. I am sure there are ways a skilled evil do-er might be able to circumvent a simple magic number test.