peter-mw
commented
5 years ago Hi, you can change the function testIsImage()
public function testIsImage()
# Author: Jarrod Oberto
# Date: 28 Nov 16
# Purpose: Test if file is an image
# Param in:
# Param out: n/a
# Reference:
# Notes: A simpler, less restrictive method would be to just check for
# the 'image' part of 'image/gif', 'image/jpg', etc.
#
{
$file = $this->fileName;
$isImage = false;
if (function_exists('finfo_open')) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$mimeType = finfo_file($finfo, $file);
finfo_close($finfo);
switch ($mimeType) {
case 'image/jpeg':
case 'image/gif':
case 'image/png':
case 'image/bmp':
case 'image/x-windows-bmp':
$isImage = true;
break;
default:
$isImage = false;
}
} elseif (function_exists('getimagesize')) {
// open with GD
if (@is_array(getimagesize($file))) {
$isImage = true;
}
} elseif (function_exists('exif_imagetype')) {
// open with EXIF
if (false !== exif_imagetype($file)) {
$isImage = true;
}
}
return $isImage;
}
Function testIsImage() uses PHP function finfo_file() to retrieve the mimeType, but on a shared server function finfo_file() may be disabled for security. Perhaps the code could be extended to first check if finfo_file() is enabled and if not then check the file extension as a fallback?
Refs: https://expressionengine.com/forums/topic/247821/workaround-for-disabled-php-fileinfo-extension https://stackoverflow.com/questions/134833/how-do-i-find-the-mime-type-of-a-file-with-php