i'd like to filter out the renamed bmp files.

Comments

Didn't imagefield used to be dependent upon filefield? If it was it would be able to use the mimedetect.module (which is now a requirement of filefield) to accomplish this.

Version:5.x-2.1» 6.x-3.0-alpha2
Status:Active» Needs review
StatusFileSize
new975 bytes

This patch seems correct. It prevents me from uploading a tar.gz that i renamed to a png. It only uses mimedetect if the module exists.

Status:Needs review» Reviewed & tested by the community

this looks good until I can come up with better options for mime filtering.

Status:Reviewed & tested by the community» Needs review

duplicating the whole array of mime types seems kind of redundant...

how about

<?php
$filemime
= module_exists('mimedetect') ? mimedetect_mime($file) : $file->filemime;
return
in_array($filemime, array('image/jpg', 'image/pjpeg', 'image/jpeg', 'image/png', 'image/gif'));
?>

Status:Needs review» Needs work

since there's not really a current patch.

Title:please check the file's format instead of extension.Check the File's Format Rather than Just Extension
Project:ImageField» FileField
Status:Needs work» Needs review
StatusFileSize
new1.15 KB

The current filefield_validate_is_image() check is now done using image_get_info() which is a good rudimentary check. Instead of changing the is_image function (which isn't used by ImageField now anyway) we should add mime type checking to the extension check.

I think this should be effective, though I'm not entirely comfortable with MimeDetect and core's own detection quite yet.

StatusFileSize
new1.14 KB

Heh, well I better actually check the right property ($file->filemime) otherwise we won't be able to upload anything. :)

Status:Needs review» Fixed

Some mime-type checking is certainly better than no mime-type checking (like the current approach). I committed this since it's not going to do any harm since users can easily get the old behavior by disabling the mimedetect module, which still isn't required for the Drupal 6 version.

Status:Fixed» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.