/Image Upload Validation
Created Jan 11, 2011
Simple validation function to confirm that an image is actually an image, not a malicious .gif or .php file.
| function validate($upload){ // Must be a $_FILES array | |
| if($upload['size'] == 0) return "Image not uploaded correctly."; | |
| if($upload['size'] > 2097152){ // Measured in bytes, this is equal to 2MB | |
| $filesize = $upload['size']/1048576; // Converts from bytes to Megabytes | |
| return "The image you uploaded has a filesize that is too large. Please reduce your image to < 2MB. It is currently ".$filesize."MB."; | |
| } | |
| if(($upload['type'] != "image/gif" || "image/jpeg" || "image/png") || ($this->imageinfo['mime'] != "image/gif" || "image/jpeg" || "image/png")) | |
| return "Uploads of that file type are not allowed. You need a jpg, png, or gif image."; | |
| $blacklist = array(".php", ".phtml", ".php3", ".php4", ".ph3", ".ph4"); | |
| foreach ($blacklist as $item) { | |
| if(preg_match("/$item\$/i", $upload['name'])) | |
| return "Uploads with that file extension are not allowed. You need an image ending in .jpg, .png, or .gif"; | |
| } | |
| return true; // Validates | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment