• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
is_image() problem

#1
[eluser]nuclearmaker[/eluser]
why fake png file(empty test.txt renamed to test.png) is return true as image?
im using
Code:
$this->is_image();

#2
[eluser]WanWizard[/eluser]
What is $this? And where is this is_image() method defined? And what does it do?

edit:

If you're referring to the method in the upload class, that just checks the mime type of the file, which doesn't say anything about the actual contents.

You can execute a getimagesize() on the file. If it doesn't return FALSE, you're fairly sure it's a valid image.

#3
[eluser]nuclearmaker[/eluser]
so, is_image() is useless ?

#4
[eluser]WanWizard[/eluser]
From a security point of view, yes.

#5
[eluser]cideveloper[/eluser]
Is_image is the second parameter for the xss clean


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.