• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
is_image() problem

why fake png file(empty test.txt renamed to test.png) is return true as image?
im using

What is $this? And where is this is_image() method defined? And what does it do?


If you're referring to the method in the upload class, that just checks the mime type of the file, which doesn't say anything about the actual contents.

You can execute a getimagesize() on the file. If it doesn't return FALSE, you're fairly sure it's a valid image.

so, is_image() is useless ?

From a security point of view, yes.

Is_image is the second parameter for the xss clean

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.