Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    Regular Coder
    Join Date
    Dec 2006
    Posts
    417
    Thanks
    168
    Thanked 1 Time in 1 Post

    checking that a URL points to an image

    how would I protect myself from an attack to ensure that a user submitted URL points to an image (either .jpg, .jpeg, .gif, .png or .ico )?

    the var is of this type:

    $imageURL = 'http://www.foo.com/img/myimages/dog.gif'

    or

    $imageURL = 'http://www.bar.com/images/home/vacation/beach.jpg'


    or

    $imageURL = 'http://www.foobarb.com/img/myimages/banner.png'



    I dont want people submitting .exe files for instance

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    You can use the function getimagesize(), but the note in the manual on using that function on remote files is:

    This parameter specifies the file you wish to retrieve information about. It can reference a local file or (configuration permitting) a remote file using one of the supported streams.
    I haven't messed with streams much, but here's the page in the manual that introduces the concept.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •