How to validate if uploaded file is an image? [file sent via HTML5's File API, received via php://input]
I'm working with the HTML5's File API (tutorial here) and I need to validate whether a file is an image or not. The main issue is that with a normal upload, I could call getimagesize()
and as the parameter, the path to the temporary file -- and then decide to store it on the server or not.
However, with the File Upload API, the files are received with php://input
, which returns the actual bits of the transfer.
What's the best way to validate in this situation? Do I have to store the bits to a physical location a开发者_如何学编程nd then validate it and delete it afterwards or is it a better way?
Thanks.
If it's an image will you store it on disk? If yes, then I'd say the best way would be to create a temporary file, write the data and then check if it's an image with the regular functions, if it is move the temporary file to the final destination, otherwise just delete it.
If for some reason you don't want to do this you can check for magic numbers in the incoming data (here is a more complete list). However bare in mind that this is more likely to fail than the usual solutions.
精彩评论