maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

check mime types

Browse Source
This commit is contained in:
Daniel Schmitz
2021-07-09 16:42:21 +08:00
parent c4c4279171
commit 48f6601003
3 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/Froxlor/Settings/Store.php
View File

@@ -388,6 +388,11 @@ class Store
}
}
// Make sure mime-type matches an image
if (!in_array(mime_content_type($_FILES[$fieldname]['tmp_name']), ['image/jpeg','image/jpg','image/png','image/gif'])) {
throw new \Exception("Uploaded file not a valid image");
}
// Determine file extension
$spl = explode('.', $_FILES[$fieldname]['name']);
$file_extension = strtolower(array_pop($spl));