Handling Uploaded Image

on this thread i want to share information how to handle incorrect uploaded image.


-Upload test for several image file such as png,jpg,gif,txt

-Uploaded images work for known file type which was wrote in model rules

-txt ext (and also all file not match the model rules) will rejected

so if I rename image.txt into image.jpg, it will upload successfully (this is the problem)

the suggest

I just add getimagesize into line number 192 of CFileValidator (you can extend before changing)



if(!in_array(strtolower($file->getExtensionName()),$types) || !getimagesize($file->getTempName()))

If you have better than me, or have an other method you can post here… thx

So you want to validate that the file the user claims to be an image actually is an image?

I think your proposed solution is on track. If you want to avoid firing up the GD library you can also examine the header of the file. Google ‘image file signature’ or something like that. I’d just use what you are doing unless server load becomes a problem.