上传文件中的Finfo_file确定mime-type

Question

Im trying to determine the mime-type of an uploaded file, i want to use fileinfo(), this is what ive been trying, it isnt working:

$uploadedfile = $_FILES['soup']['tmp_name'];
if(isset($uploadedfile))
{
    $uploadedname = $_FILES['soup']['name'];
    $file=$uploadedsong;
    $file.=$uploadedname;
    $finfo = finfo_open(FILEINFO_MIME_TYPE); 
    $mime = finfo_file($finfo, $file);

Unfortunately the finfo_file doesnt seem to be running, Im assuming i have the following $file set incorrectly for this, is there a way i can do this properly with a newly uploaded file using $_FILE like this? or am i going at this problem the completely improper way. Using a file i have pre-set in another directly, and setting $file="folder/file.doc" works properly.

Answer 1

You should be passing the path to the finfo_file function not the filename.

<?php 
if (isset($_FILES['soup']['tmp_name'])) {
    $finfo = finfo_open(FILEINFO_MIME_TYPE);
    $mime = finfo_file($finfo, $_FILES['soup']['tmp_name']);
    if ($mime == 'application/msword') {
        //Its a doc format do something
    }
    finfo_close($finfo);
}
?>

Answer 2

I use the finfo() buffer() function as well as file_get_contents() from the php platform as below

$finfo = new finfo(FILEINFO_MIME);
$mimetype = $finfo->buffer(file_get_contents($filename)); #gives you mime type

you need to be on php 5.3 or higher and make sure you have the finfo() extension installed. for linux extension=fileinfo . and in windows: php_fileinfo.dll

you can have an array of accepted mime types and then check if it exists in that array

$acceptedMime = [];
if(in_array($mimetype, $acceptedMime, true) === true){
  #mime type is valid. Proceed!
}

Another alternative to avoid having to check mime types would be to store file uploads completely out of the document root folder.

Answer 3

我知道这$_FILES ，但是因为你使用$_FILES超级全局，你可以使用文件数组的类型键（即$_FILES['soup']['type'] ）而不是服务器文件上传后检查？