Welcome Guest, Not a member yet? Register   Sign In
$_FILES['userfile']['type'] Mime type different than the $this->upload->data() mine type?

Hi guys,

When running an upload of a file, it will fail because the mime type is not correct. For example, if I upload a PDF file (even though the file is listed as accepted type), it will fail because it thinks the mime type is

[file_type] => application/octet-stream

But when I check the $_FILES['userfile']['type'] variable, it outputs the correct mime type:


So I'm not sure what is causing this bug. I've checked the file on mime checker sites and they all output application/pdf. Does anyone know what could be causing the difference?

CodeIgniter uses its own "mime" table, located on 'application/config/mimes.php'


Yep I'm aware of that. In fact, I realised that $_FILES['userfile']['type'] is set by the browser so it's not to be trusted.

However, I'm still unsure as to why the file has the application/octet-stream when it's a PDF file (I can open it in Adobe). I resaved the file as PDF and that did come up as application/pdf. Not sure how to get around this error.

You can try to update your mimes.php file with the one from CI3 on github. https://github.com/EllisLab/CodeIgniter/.../mimes.php

It has a different definition for pdf than 2.2:
'pdf' => array('application/pdf', 'application/force-download', 'application/x-download', 'binary/octet-stream'),

As far as why it gets binary/octet-stream, it could be whatever program/library is creating the pdf. also some browsers have had issues setting the correct mime type.

You could try to upload from a different browser to see if it changes, and also try using PDFs from a variety of different sources.



Thanks for your reply!

Is putting application/octet-stream a security issue though? Wouldn't it allow a user to upload .exe files and the like?

application/octet-stream usually just forces a browser to open the Save File dialog. All it means is it's a binary file, which pdf actually is (try viewing it in a text editor).


Okay, so just to clarify, it won't lead to people being able to bypass the file-type limit if I added this in?

couldn't really tell you, I rarely use the upload class as most of the time I need to allow multiple file uploads which the native ci library doesn't do.

But I got that mime definition straight from the upcoming CI v3 which I linked to.

You should never check the file type on an upload, it will most likely always contain
application/octet-stream and not the true file type which in your case is the pdf.


So how do you check and restrict file types then when using the upload library?

Theme © iAndrew 2016 - Forum software by © MyBB