MIME、八位字节流和 Uploadify

发布于 2024-11-26 20:45:05 字数 923 浏览 2 评论 0原文

我正在使用 Uploadify 和 Kohana 和我正在创建文件上传器。用户只能上传几种类型的文件。

Kohana 内置了很棒的 MIME 类型库。我认为检查上传文件的 MIME 类型（来自 Uploadify）是否与设置的文件扩展名匹配会很酷。这就是为什么我创建了一系列允许的 MIME 类型。

$mimes         = (array) Kohana::config('mimes');
$allowed_mimes = array_merge($mimes['bmp'], $mimes['gif'], $mimes['jpg'], $mimes['jpeg'], $mimes['png']);

接下来，我想检查上传的文件 MIME 类型是否在 $allowed_mimes 数组中。我使用了类似 in_array($file['type'], $allowed_mimes) 的内容。令我惊讶的是 - 文件的实际 MIME 是 application/octet-stream。不管怎样，上传的文件是JPEG图像。这怎么可能？

基本想法是我需要检查文件类型。最好的方法是什么？

编辑：

与同事进行一些转换后，我决定检查最后一个点之后的字符。像virus.jpeg一样是可以接受的，因为jpeg就在它的名字里。我仍然愿意寻求更好的解决方案！

$extension = ltrim(strrchr($file['name'], '.'), '.')

原文

I'm using Uploadify and Kohana and I'm creating file uploader. User can upload only few types of files.

Kohana have great library of MIME types built-in. I thought that it would be cool to check that MIME type of uploaded file (it came from Uploadify) match setted file extensions. That's why I made an array of allowed MIME types.

$mimes         = (array) Kohana::config('mimes');
$allowed_mimes = array_merge($mimes['bmp'], $mimes['gif'], $mimes['jpg'], $mimes['jpeg'], $mimes['png']);

Next, I wanted to check that uploaded files MIME type is in $allowed_mimes array. I used something like in_array($file['type'], $allowed_mimes). For surprise to me - actual MIME of file was application/octet-stream. Anyway, uploaded file was JPEG image. How this is possible?

Basic idea is that I need to check file type. What's the best way to do it?

Edit:

After some conversions with my colleagues, I decided to check chars after last dot. Like virus.jpeg is acceptable, because of jpeg is in its name. i'm still open for better solutions!

$extension = ltrim(strrchr($file['name'], '.'), '.')

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

榕城若虚 2024-12-03 20:45:05

PHP 可以使用 fileinfo 和 MIME Magic（已从 PHP 5.3.0 中删除）来确定文件的 MIME 类型（Kohanas 也是如此） ' File::mime() 方法）。

如果这两个都不可用，此方法将尝试使用文件扩展名查找 MIME 类型，这可能非常不可靠。

由于您只是尝试验证某些上传，因此我建议使用 Upload 方法来验证它：

$validation = Validation::factory($_FILES)
    ->rule('Filedata', 'Upload::not_empty')
    ->rule('Filedata', 'Upload::valid')
    ->rule('Filedata', 'Upload::size',  array(':value', '4M'))
    ->rule('Filedata', 'Upload::type',  array(':value', array('bmp','jpg','jpeg','png')))
    ->rule('Filedata', 'Upload::image', array(':value', 1920, 1080));

请注意，Upload::image() 自 3.2.0 起可用（您也可以将其导入旧版本）。这是我个人用于某些 Uploadify 上传的验证，因此它应该可以正常工作。

PHP can use fileinfo and MIME Magic (has been removed from PHP 5.3.0) to determine files' MIME type (and so does Kohanas' File::mime() method).

In case that none of these 2 is available, this method will try to find the MIME type using files' extension, which can be highly unreliable.

Since you are only trying to validate some upload, I'd suggest using Upload methods to validate it:

$validation = Validation::factory($_FILES)
    ->rule('Filedata', 'Upload::not_empty')
    ->rule('Filedata', 'Upload::valid')
    ->rule('Filedata', 'Upload::size',  array(':value', '4M'))
    ->rule('Filedata', 'Upload::type',  array(':value', array('bmp','jpg','jpeg','png')))
    ->rule('Filedata', 'Upload::image', array(':value', 1920, 1080));

Notice that Upload::image() is available since 3.2.0 (you can import it into older versions as well). This is the validation I'm personally using for some Uploadify upload, so it should work just fine.

回复收藏 0 原文

~没有更多了~