Posted by Schraalhans Keukenmeester on 06/11/07 19:08

At Mon, 11 Jun 2007 09:24:44 -0700, Kenoli let h(is|er) monkeys type:

> This link says a bit more about this function:
>
> http://www.phpfreaks.com/phpmanual/page/function.getimagesize.html
>
> This seems to be the key (from that page):
>
> "If accessing the filename image is impossible, or if it isn't a valid
> picture, getimagesize() will return FALSE and generate an error of
> level E_WARNING."
>
> --Kenoli

Thanks for the update. I did see that indeed, but I'd hoped there would be
some expansion on what -according to the authors/developers- constitutes
'a valid picture'. I know I can bake a GIF file with no image but having a
valid header according to some scripts at least. Don't know enough about
other popular formats though.

Whether or not a theoretically harmful binary string disguised as an image
could wreak havoc on the server, or -more likely- on other people's pc
after downloading such an 'image' is another matter of course.

• Next in forum: Re: cookie oddity
• Prev in forum: Re: convert char to BYTE value ?
• Thread view: Re: Image upload php script.

[Reply to this message]