yes, 4images not only checks the extensions, but also the format of the common image files.
also, even if one somehow uploaded a renamed php file, there is no harm could do such file, because the server will not recognize it as php and will not execute it, unless the hacker got access to the server somehow...