How to check files using MIME?

Question

How to check files using MIME?

I want to check file types on server using php. Now I have confirmed this by checking the type of file extension. This works fines, but the problem is that this is not the best way to check the file as a user, the change allows you to say the text file in jpeg and still be able to upload it.

So I want to add another validation method, I also want to check the MIME file type with php to find out if the file is an image, video or audio.

So my question is how is it encoded so that I can use the MIME type in php to check the file? Also, if I have an extremely large file, does it take a long time to check MIME or check it right away?

Below is the code that I only have for the image where it uses PHP code to check the file type:

<?php
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Error: " . $_FILES["file"]["error"] . "<br />";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    echo "Type: " . $_FILES["file"]["type"] . "<br />";
    }
  }
else
  {
  echo "Invalid file";
  }
?>

+3

javascript jquery ajax php

user1394925 May 18, '12 at 13:02

source share

2 answers

You can use getID3 () . Also getimagesize can reassure you.

javascript . , , , , , $_FILES, /.

0

jmad 18 '12 13:18

Alix axel · Accepted Answer · 2012-05-18T13:14:25+0000

Searching for a MIME type is usually pretty quick, and in PHP you can do it with an extension finfo. Example:

$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mimetype = finfo_file($finfo, '/path/to/file.jpg'); // image/jpeg
finfo_close($finfo);

In addition, you should not rely on the typesuperglobal index $_FILES, since this value can be faked on everything that an attacker might need. The same goes for the file extension.

How to check files using MIME?

More articles: