check filetype

jonniejoejonson · January 2, 2008

I want to copy a file from another server which is failry simple... However I want to check that this file is a jpeg/giff and not a virus before I copy it to my server. Is there a way to check filetype? thanks to any responders J.

hitman6003 · January 2, 2008

Use fileinfo.

http://www.php.net/fileinfo

Or the depreciated, mime_content_type.

http://www.php.net/mime_content_type

p2grace · January 2, 2008

You could also explode it into a string

$filename = "whatever.vr1.jpeg"; // I have multiple periods to show you that the code below will still work

$filename_arr = explode(".",$filename);
$filetype = $filename_arr[(count($filename_arr) - 1)];
if($filetype == "jpeg" || $filetype == "gif"){
// is a jpeg or a gif
}else{
// error only jpeg or gif is allowed
}

hitman6003 · January 2, 2008

You could also explode it into a string

...

That doesn't check the file content, which makes it easier to rename a script to "whatever.jpg", and then execute it remotely.

If the content type returns as something you don't want, you simply don't save the file.

jonniejoejonson · January 2, 2008

Thanks guys,

Do you think that the following is enough protection when allowing people to copy ONLY jpeg or giff images from a server to your server?

$contentType=mime_content_type($urlImage);

if($contentType=='image/gif'||$contentType=='image/jpeg'){

copy($urlImage,"../images/".$saveImg)or die ('Could not copy'); }

else

{exit();}

thanks J.

Sign In

check filetype

Recommended Posts

jonniejoejonson

Link to comment

Share on other sites

hitman6003

Link to comment

Share on other sites

p2grace

Link to comment

Share on other sites

hitman6003

Link to comment

Share on other sites

jonniejoejonson

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information