Menu
Is there a way to make sure a received file is an image in PHP?
Testing for the extension doesn't sound very secure to me as you could upload a script and change its extension to whatever you want.
I've tried to use getimagesize too, but there might be something more suited for that particular problem.
840
php /* 1 = Check if the file uploaded is actually an image no matter what extension it has 2 = The uploaded files must have a specific image extension */ $validation_type = 1; if($validation_type == 1) { $mime = array('image/gif' => 'gif', 'image/jpeg' => 'jpeg', 'image/png' => 'png', 'application/x-shockwave-flash' => ...
php $finfo = finfo_open(FILEINFO_MIME_TYPE); // return mime type ala mimetype extension foreach (glob("*") as $filename) { echo finfo_file($finfo, $filename) . "\n"; } finfo_close($finfo); ?> Save this answer. Show activity on this post.
php $dir = dirname(__FILE__); echo "<p>Full path to this dir: " . $dir . "</p>"; echo "<p>Full path to a . htpasswd file in this dir: " .
The getimagesize() should be the most definite way of working out whether the file is an image:
if(@is_array(getimagesize($mediapath))){ $image = true; } else { $image = false; } because this is a sample getimagesize() output:
Array ( [0] => 800 [1] => 450 [2] => 2 [3] => width="800" height="450" [bits] => 8 [channels] => 3 [mime] => image/jpeg) If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
