PHWinfo - Afficher un message

11/06/2007, 17h24

This link says a bit more about this function:

http://www.phpfreaks.com/phpmanual/p...imagesize.html

This seems to be the key (from that page):

"If accessing the filename image is impossible, or if it isn't a valid
picture, getimagesize() will return FALSE and generate an error of
level E_WARNING."

--Kenoli

On Jun 11, 8:46 am, Schraalhans Keukenmeester
<Schraalh...@the.spamtrapexample.nl> wrote:
> At Mon, 11 Jun 2007 11:02:56 +0200, iktorn let h(is|er) monkeys type:
>
> > Schraalhans Keukenmeester wrote:
> >> You'll have to test for extension first, and then assert what's sent
> >> actually is what it claims to be. A safe way would be to apply the
> >> appropriate imagecreatefrom(jpg|gif|bmp|png) etc functions provided by the
> >> gd library.
>
> > Much better way imho is to use getimagesize
> > (http://pl2.php.net/manual/en/function.getimagesize.php)
> > to check if its a valid image file.
>
> > Additionally you can check extension of uploaded file.
>
> I haven't been able to test if the getimagesize() function can be fooled
> easily. If not, it's probably quicker than using imagecreatefromFORMAT()
> and therefor a better choice indeed. Great suggestion, it's the PHP manual
> suggested way of checking for valid images I noticed. It doesn't give much
> explanation though.
>
> --
> Schraalhans Keukenmeester - schraalh...@the.Spamtrapexample.nl
> [Remove the lowercase part of Spamtrap to send me a message]
>
> "strcmp('apples','oranges') < 0"

11/06/2007, 17h24	#5
Kenoli Messages: n/a Hébergeur:	Re: Image upload php script. This link says a bit more about this function: http://www.phpfreaks.com/phpmanual/p...imagesize.html This seems to be the key (from that page): "If accessing the filename image is impossible, or if it isn't a valid picture, getimagesize() will return FALSE and generate an error of level E_WARNING." --Kenoli On Jun 11, 8:46 am, Schraalhans Keukenmeester <Schraalh...@the.spamtrapexample.nl> wrote: > At Mon, 11 Jun 2007 11:02:56 +0200, iktorn let h(is\|er) monkeys type: > > > Schraalhans Keukenmeester wrote: > >> You'll have to test for extension first, and then assert what's sent > >> actually is what it claims to be. A safe way would be to apply the > >> appropriate imagecreatefrom(jpg\|gif\|bmp\|png) etc functions provided by the > >> gd library. > > > Much better way imho is to use getimagesize > > (http://pl2.php.net/manual/en/function.getimagesize.php) > > to check if its a valid image file. > > > Additionally you can check extension of uploaded file. > > I haven't been able to test if the getimagesize() function can be fooled > easily. If not, it's probably quicker than using imagecreatefromFORMAT() > and therefor a better choice indeed. Great suggestion, it's the PHP manual > suggested way of checking for valid images I noticed. It doesn't give much > explanation though. > > -- > Schraalhans Keukenmeester - schraalh...@the.Spamtrapexample.nl > [Remove the lowercase part of Spamtrap to send me a message] > > "strcmp('apples','oranges') < 0"