Sorry, I haven't looked at the source code for this function so I can't tell if it is simply checking the extension of the file object or if it does a more deeper check...
/Mats/ On Thu, Jan 17, 2013 at 3:10 PM, Matt C <[email protected]> wrote: > Does "IsImage"work by just looking at the extension? Because it is > returning false even when it is a jpg or gif that I'm uploading and > renaming. > > > On Thu, Jan 17, 2013 at 8:37 AM, Matt C <[email protected]> wrote: > >> I completely missed that one when looking over the list of image >> functions. *facepalm* Thanks! >> >> >> On Thu, Jan 17, 2013 at 2:35 AM, Mats Stromberg >> <[email protected]>wrote: >> >>> There is a function in OpenBD called isImage( obj ) that you could use. >>> >>> http://openbd.org/manual/?/function/isimage >>> >>> /Mats/ >>> >>> >>> >>> On Wednesday, January 16, 2013 11:23:40 PM UTC+1, Matt C wrote: >>>> >>>> I'm looking for an alternative to CF's IsImageFile (which doesn't seem >>>> to be in OpenBD I assume?). GetFileInfo might be able to help, but can >>>> someone tell me if the "type" returned by this function is just based on >>>> the file's extension or if it digs a little deeper to find the type? >>>> >>>> I allow my users to upload a file (supposedly an image) with a form to >>>> a temp, restricted directory on my server so I can check the file before >>>> blobbing it and inserting it into my database. I rename the file as I >>>> upload it to avoid any issues with wierd names, such as (my "funny" >>>> img.jpg) or (../../index.cfm). Since I apparently can't read the filename >>>> BEFORE uploading it, I lose the extension when I rename. I figure that >>>> would not be an issue since I'll just be reading binary data from the file >>>> anyway, except I would like to do SOME kind of check to make sure the file >>>> is really an image. Granted, I may just be being paranoid by renaming the >>>> file before even storing it in a restricted, temporary directory. But I'm >>>> new to "best security practices" and I would really prefer to >>>> overcompensate versus not enough. >>>> >>> -- >>> online documentation: http://openbd.org/manual/ >>> http://groups.google.com/group/openbd?hl=en >>> >> >> > -- > online documentation: http://openbd.org/manual/ > http://groups.google.com/group/openbd?hl=en > -- *Mats Strömberg* *NETWORK 23* *Oracle Tablespace Report (Open Source)* Project Homepage: www.project-otr.org Source Code: Google Code<http://code.google.com/p/oracle-tablespace-report/source/checkout> Still paying to use CFML? Keep your money and switch to OpenBD<http://www.openbluedragon.org> -- online documentation: http://openbd.org/manual/ http://groups.google.com/group/openbd?hl=en
