Are there any security reservations involving PHP function getimagesize()?
Question
我将在OSCommerce电子购物车的修改中使用它 - 不允许用户上传,但SQL用于文件名。
2 answers
solution1
3 2011-05-12 17:10:36
It is possible to hit your memory limits quite quickly with huge or malformed images of certain types. Whether this is a problem for you depends on how you are using it. Also, keep in mind that if you use getimagesize() on a URL, you are doing an HTTP request.
solution2
1 2011-05-12 17:11:21
AFAIK使用它没有安全风险......你没有得到用户的输入,它只返回你传递的图像的大小。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Any danger of using PHP getimagesize function?
Path For PHP getimagesize() Function
PHP - getimagesize Function
php getimagesize function is freezing server
PHP - GetImageSize()
how to globalize php getimagesize function variables
php, getimagesize
php getimagesize() function returning the 1, 1 (Width, Height)
Is there any workaround for getimagesize?
PHP - Prevent overlapping reservations
Related Tags