How To Block Fake image Files

See all posts See thread Reply

Re: How To Block Fake image Files new!
by colin, 15 years ago
Mime doesn't work on your system

- Checking MIME type with Fileinfo PECL extension
Fileinfo PECL extension not available
- Checking MIME type with UNIX file() command
UNIX file() command not availabled
- Checking MIME type with mime.magic file (mime_content_type())
MIME type detected as by mime_content_type()
- Checking MIME type with getimagesize()
getimagesize() failed
- MIME type detected as image/jpeg by browser


So the class has to rely on what the browser sends as MIME type: image/jpeg, which cannot be trusted.

You need to have either Fileinfo, the unix file command, or mime.magic method working on your server to be able to determine the MIME type securely.Reply