File Upload veilig?
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Gesponsorde koppelingen:
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
<?php
/** Determine the MIME-type of an file
*
* Gets the MIME-type of a file, with a lot of fallbacks to other functions.
* This is an modified version of the function getFileMimeType made by deceze on Stackoverflow
* {@link http://stackoverflow.com/questions/1232769/how-to-get-the-content-type-of-a-file-in-php?answertab=votes#tab-top}
* Please note that this function can use the file-extension to determine the MIME-type, if not enough functions are available.
*
* @access public
* @param string $file Path to the file.
* @param string $extension True fileextension, if null $file's extension is taken
* @return string MIME-type
*/
public function getMimeType($file, $extension = null)
{
if (function_exists('finfo_file')) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$type = finfo_file($finfo, $file);
finfo_close($finfo);
} else {
if (file_Exists('upgradephp/ext/mime.php')) {
require_once 'upgradephp/ext/mime.php';
}
if (function_exists('mime_content_type'))
$type = mime_content_type($file);
}
if (!$type || $type == 'application/octet-stream') {
@$secondOpinion = exec('file -b --mime-type ' . escapeshellarg($file), $foo, $returnCode);
if ($returnCode == '0' && $secondOpinion) {
$type = $secondOpinion;
}
}
if (!$type || $type == 'application/octet-stream') {
if (function_exists('xif_imagetype'))
$exifImageType = exif_imagetype($file);
if ($exifImageType !== false) {
$type = image_type_to_mime_type($exifImageType);
}
}
if (!$type || $type == 'application/octet-stream') {
if (function_exists('getimagesize')) {
$size = getimagesize($file);
if ($size) {
if ($size['mime'] != 'application/octet-stream' && $size['mime'] != '') {
$type = $size['mime'];
} else if (function_exists('image_type_to_mime_type')) {
$type = image_type_to_mime_type($size[2]);
}
}
}
}
if (!$type)
$type = 'application/octet-stream';
// extension fallback
if ($type == 'application/octet-stream' && (strrpos($file, '.') >= 0 || $extension !== null)) {
$ext = ($extension === null) ? strtolower(substr($file, strrpos($file, '.') + 1)) : strtolower($extension);
switch ($ext) {
case 'doc':
return 'application/msword';
case 'docx':
return 'application/vnd.openxmlformats-officedocument.wordprocessingml.document';
case 'pdf':
return 'application/pdf';
case 'png':
case 'bmp':
case 'jpeg':
case 'jpg':
case 'gif':
return 'image/'.$ext;
}
}
return $type;
}
?>
/** Determine the MIME-type of an file
*
* Gets the MIME-type of a file, with a lot of fallbacks to other functions.
* This is an modified version of the function getFileMimeType made by deceze on Stackoverflow
* {@link http://stackoverflow.com/questions/1232769/how-to-get-the-content-type-of-a-file-in-php?answertab=votes#tab-top}
* Please note that this function can use the file-extension to determine the MIME-type, if not enough functions are available.
*
* @access public
* @param string $file Path to the file.
* @param string $extension True fileextension, if null $file's extension is taken
* @return string MIME-type
*/
public function getMimeType($file, $extension = null)
{
if (function_exists('finfo_file')) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$type = finfo_file($finfo, $file);
finfo_close($finfo);
} else {
if (file_Exists('upgradephp/ext/mime.php')) {
require_once 'upgradephp/ext/mime.php';
}
if (function_exists('mime_content_type'))
$type = mime_content_type($file);
}
if (!$type || $type == 'application/octet-stream') {
@$secondOpinion = exec('file -b --mime-type ' . escapeshellarg($file), $foo, $returnCode);
if ($returnCode == '0' && $secondOpinion) {
$type = $secondOpinion;
}
}
if (!$type || $type == 'application/octet-stream') {
if (function_exists('xif_imagetype'))
$exifImageType = exif_imagetype($file);
if ($exifImageType !== false) {
$type = image_type_to_mime_type($exifImageType);
}
}
if (!$type || $type == 'application/octet-stream') {
if (function_exists('getimagesize')) {
$size = getimagesize($file);
if ($size) {
if ($size['mime'] != 'application/octet-stream' && $size['mime'] != '') {
$type = $size['mime'];
} else if (function_exists('image_type_to_mime_type')) {
$type = image_type_to_mime_type($size[2]);
}
}
}
}
if (!$type)
$type = 'application/octet-stream';
// extension fallback
if ($type == 'application/octet-stream' && (strrpos($file, '.') >= 0 || $extension !== null)) {
$ext = ($extension === null) ? strtolower(substr($file, strrpos($file, '.') + 1)) : strtolower($extension);
switch ($ext) {
case 'doc':
return 'application/msword';
case 'docx':
return 'application/vnd.openxmlformats-officedocument.wordprocessingml.document';
case 'pdf':
return 'application/pdf';
case 'png':
case 'bmp':
case 'jpeg':
case 'jpg':
case 'gif':
return 'image/'.$ext;
}
}
return $type;
}
?>
