Home Backend Development PHP Tutorial The finfo_file function obtains the solution to the file mime value verification error_PHP tutorial

The finfo_file function obtains the solution to the file mime value verification error_PHP tutorial

Jul 13, 2016 am 10:29 AM
web development Enterprise security information Technology security software database mobile development system security Website security cyber security network technology software development

When I was uploading images today and verifying the mime value of the image, I suddenly discovered that in some special cases, the MIME value obtained by finfo_file cannot be used directly.

According to the official writing, it is

$finfo=finfo_open(FILEINFO_MIME);
$mime=finfo_file($finfo,$file_path);
finfo_close($finfo);
alert($mime);

Get the mime type of the file like this

But today I found that this doesn’t work. If there is a charset setting the transfer type to binary stream during file transfer, something similar to the picture below will appear:

You can clearly see that there are more semicolons and the following things charset=binary

If the file mime value is verified here, even if it is a correct and legal file type, it will not pass the verification, because the obtained mime value is followed by a part of the binary file stream string "; charset=binary"

$file_name = $_FILES['imgFile']['name'];

$temp_arr = explode(".", $file_name);
$file_ext = array_pop($temp_arr);
$file_ext = trim($file_ext);
$file_ext = strtolower($file_ext);

$_mime=array('jpg'=>array('image/pjpeg','image/jpeg'),'gif'=>array('image/gif'),'png'=> array('image/x-png','image/png'),'jpeg'=>array('image/jpeg','image/pjpeg'));

if(empty($mime) || !in_array($mime,$_mime[$file_ext])){
alert('Picture mime type error!');
}

Therefore, compatibility processing under special environmental requirements needs to be done

The modified general method of obtaining the compatibility of mime types is as follows (pay attention to the red parts, and obtain the correct mime value through regular expressions that are compatible with multiple requirements environments):

if(empty($mime) && function_exists('finfo_open')){
$finfo=finfo_open(FILEINFO_MIME);
$mime=finfo_file($finfo,$file_path);
finfo_close($finfo);
//Compatible with precise mime verification of file upload in special applications
$new=preg_match('/([^;]+);?.*$/',$mime,$match);
if($new) $mime=trim($match[1]);
alert($mime);
}

In this way, you can correctly obtain the mime type in the compatible environment and perform correct file mime legality verification. The running results are as shown in the figure:

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/777566.htmlTechArticleToday when I was uploading an image to verify the mime value of the image, I suddenly discovered that in some special cases, the MIME value obtained by finfo_file cannot be used directly. , according to the official writing method is $finfo=finfo_open(FILEINF...
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

iOS 18 adds a new 'Recovered' album function to retrieve lost or damaged photos iOS 18 adds a new 'Recovered' album function to retrieve lost or damaged photos Jul 18, 2024 am 05:48 AM

Apple's latest releases of iOS18, iPadOS18 and macOS Sequoia systems have added an important feature to the Photos application, designed to help users easily recover photos and videos lost or damaged due to various reasons. The new feature introduces an album called "Recovered" in the Tools section of the Photos app that will automatically appear when a user has pictures or videos on their device that are not part of their photo library. The emergence of the "Recovered" album provides a solution for photos and videos lost due to database corruption, the camera application not saving to the photo library correctly, or a third-party application managing the photo library. Users only need a few simple steps

Detailed tutorial on establishing a database connection using MySQLi in PHP Detailed tutorial on establishing a database connection using MySQLi in PHP Jun 04, 2024 pm 01:42 PM

How to use MySQLi to establish a database connection in PHP: Include MySQLi extension (require_once) Create connection function (functionconnect_to_db) Call connection function ($conn=connect_to_db()) Execute query ($result=$conn->query()) Close connection ( $conn->close())

How to handle database connection errors in PHP How to handle database connection errors in PHP Jun 05, 2024 pm 02:16 PM

To handle database connection errors in PHP, you can use the following steps: Use mysqli_connect_errno() to obtain the error code. Use mysqli_connect_error() to get the error message. By capturing and logging these error messages, database connection issues can be easily identified and resolved, ensuring the smooth running of your application.

What are the advantages and disadvantages of C++ compared to other web development languages? What are the advantages and disadvantages of C++ compared to other web development languages? Jun 03, 2024 pm 12:11 PM

The advantages of C++ in web development include speed, performance, and low-level access, while limitations include a steep learning curve and memory management requirements. When choosing a web development language, developers should consider the advantages and limitations of C++ based on application needs.

How to use database callback functions in Golang? How to use database callback functions in Golang? Jun 03, 2024 pm 02:20 PM

Using the database callback function in Golang can achieve: executing custom code after the specified database operation is completed. Add custom behavior through separate functions without writing additional code. Callback functions are available for insert, update, delete, and query operations. You must use the sql.Exec, sql.QueryRow, or sql.Query function to use the callback function.

The potential of C++ in mobile app development: Talent and resources The potential of C++ in mobile app development: Talent and resources Jun 03, 2024 pm 03:11 PM

C++ has great potential in mobile development because of: a huge developer community and rich learning resources; efficient memory management and low-level control, bringing excellent performance; WORA model, which can be written once and run across Android, iOS, and Windows; widely Used for game engine development, low latency and resource management functions meet high-performance game requirements.

How to save JSON data to database in Golang? How to save JSON data to database in Golang? Jun 06, 2024 am 11:24 AM

JSON data can be saved into a MySQL database by using the gjson library or the json.Unmarshal function. The gjson library provides convenience methods to parse JSON fields, and the json.Unmarshal function requires a target type pointer to unmarshal JSON data. Both methods require preparing SQL statements and performing insert operations to persist the data into the database.

PHP Database Connection Pitfalls: Avoid Common Mistakes and Misunderstandings PHP Database Connection Pitfalls: Avoid Common Mistakes and Misunderstandings Jun 05, 2024 pm 10:21 PM

To avoid PHP database connection errors, follow best practices: check for connection errors and match variable names with credentials. Use secure storage or environment variables to avoid hardcoding credentials. Close the connection after use to prevent SQL injection and use prepared statements or bound parameters.

See all articles