Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 PST on 31 March 2024, to get $100 off your ticket.
i'd like to filter out the renamed bmp files.
Comment | File | Size | Author |
---|---|---|---|
#7 | filefield_check_type.patch | 1.14 KB | quicksketch |
#6 | filefield_check_type.patch | 1.15 KB | quicksketch |
#2 | patch10.patch | 975 bytes | Scott Reynolds |
Comments
Comment #1
sirkitree CreditAttribution: sirkitree commentedDidn't imagefield used to be dependent upon filefield? If it was it would be able to use the mimedetect.module (which is now a requirement of filefield) to accomplish this.
Comment #2
Scott Reynolds CreditAttribution: Scott Reynolds commentedThis patch seems correct. It prevents me from uploading a tar.gz that i renamed to a png. It only uses mimedetect if the module exists.
Comment #3
dopry CreditAttribution: dopry commentedthis looks good until I can come up with better options for mime filtering.
Comment #4
drewish CreditAttribution: drewish commentedduplicating the whole array of mime types seems kind of redundant...
how about
Comment #5
drewish CreditAttribution: drewish commentedsince there's not really a current patch.
Comment #6
quicksketchThe current filefield_validate_is_image() check is now done using image_get_info() which is a good rudimentary check. Instead of changing the is_image function (which isn't used by ImageField now anyway) we should add mime type checking to the extension check.
I think this should be effective, though I'm not entirely comfortable with MimeDetect and core's own detection quite yet.
Comment #7
quicksketchHeh, well I better actually check the right property ($file->filemime) otherwise we won't be able to upload anything. :)
Comment #8
quicksketchSome mime-type checking is certainly better than no mime-type checking (like the current approach). I committed this since it's not going to do any harm since users can easily get the old behavior by disabling the mimedetect module, which still isn't required for the Drupal 6 version.