validate and before moving file to directory and get it's name to database(base64 image upload)

[mahenda]

I have a form on which the filepond plugin send the file manually
 and it generate the base64 formated data of that file, unfortunately
Icant get it's previous name so i randomize the name, and put the file directry in the final folder, is there any problem on security?, can i validate if its an image with all property such as size,dimension e.t.c Before adding it the directory? and how to get the it's
new name to database.

 

Look here

if(empty($_POST['image'])) {
    echo 'add file!';
}
$myimage = $_POST['image'];
$myimage = str_replace('data:image/png;base64,', '', $myimage);
$myimage = str_replace(' ', '+', $myimage);
$decode = base64_decode($myimage);
$myfile = $_SERVER['DOCUMENT_ROOT'].'/mages/' . uniqid() . '.png';
//now put the file
file_put_contents($myfile, $decode);

 

[requinix]

If you've found explanations about how to use functions like getimagesize() and imagecreatefrom*() to validate images, then you can do the same thing with your uploads with only a couple adjustments: substitute getimagesizefromstring and imagecreatefromstring to work on your $decode data.