Hi guys. I wanted to find out how to check whether a file is ANY image type, using the $_FILES superglobal?

As opposed to something like this:

$_FILES["photo"]["type"] == "image/jpeg";

... which only check one image type.

If there one quick way of checking ALL image types?

Paul.

    One way is to run it through the [man]getimagesize/man function. If the result is empty, then it's not an image -- or at least not of a type that your PHP installation recognizes.

      It's strange that there is a caution on the [man]getimagesize[/man] page that it could return false positives on certain files, and that the [man]Fileinfo[/man] extension should be used instead. After all, [man]Fileinfo[/man] is just as vulnerable to false positives, possibly even moreso. I can see it making a performance difference for really large files, but I'm not seeing the robustness argument.

        thanks guys.

        Can you give me some example code of how I would use getimagesize() to achieve my original question (above).

        Paul.

          [man]getimagesize[/man], Example #1. Ignore the bit about $fp because you're not looking to read the file back out again.

            Thanks.

            I have tried using it and I keep getting this error message:

            Warning: getimagesize(image/jpeg): failed to open stream: No such file or directory in C:\wamp[url]www..[/url]..

            And below is the code where I have used it:

            if( isset($_FILES["articleimg"]) && $_FILES["articleimg"]["error"] == UPLOAD_ERR_OK ){
if( $_FILES["articleimg"]["size"] > 1000000 ){
echo "Image file is to big. Please reduce file size and re-upload. Image size must be under 1 megabyte in size.";
} elseif( !getimagesize($_FILES["articleimg"]["type"]) ){
echo "The file type must be an image! Please upload an image file.";
} elseif (!move_uploaded_file( $_FILES["articleimg"]["tmp_name"], "images/" . basename( $_FILES["articleimg"]["name"] ) )){
echo "Cannot upload image!";
}

} else{
switch( $_FILES["articleimg"]["error"] ){
case UPLOAD_ERR_NO_FILE:
$message = "Please choose and image file!";
break;
default:
$message = "Cannot upload photo. Please contact your web designer.";
}
echo $message;
}

            .......... to be more specific:

            } elseif( !getimagesize($_FILES["articleimg"]["type"]) ){

            Where am I going wrong?

              Do the check on the 'tmp_name' element of the array, not the 'type' element -- it needs to read the actual file.

                6 days later

                If I remember correctly, $_FILES["photo"]["type"] is reported by the remote user's browser (or via headers) and IS NOT TO BE TRUSTED because it could be spoofed. They could say "yeah buddy this is a jpeg" where in fact it might be a virus or something.

                [man]getimagesize[/man] is a function that parses an image file to tell you stuff about it. If you call this function on a file that is not an image, it should return false:

                $size = getimagesize("/tmp/foo.php"); // this file is a PHP file, not an image
var_dump($size);

                the output:

                bool(false)
                  Write a Reply...