改进File类和Validate类的图像文件类型验证

This commit is contained in:
thinkphp
2016-07-22 12:21:50 +08:00
parent 5500183a8c
commit a3de59f7d0
2 changed files with 24 additions and 2 deletions

View File

@@ -195,12 +195,23 @@ class File extends SplFileObject
{
$extension = strtolower(pathinfo($this->getInfo('name'), PATHINFO_EXTENSION));
/* 对图像文件进行严格检测 */
if (in_array($extension, ['gif', 'jpg', 'jpeg', 'bmp', 'png', 'swf']) && !in_array(exif_imagetype($this->filename), [1, 2, 3, 4, 6])) {
if (in_array($extension, ['gif', 'jpg', 'jpeg', 'bmp', 'png', 'swf']) && !in_array($this->getImageType($this->filename), [1, 2, 3, 4, 6])) {
return false;
}
return true;
}
// 判断图像类型
protected function getImageType($image)
{
if (function_exists('exif_imagetype')) {
return exif_imagetype($image);
} else {
$info = getimagesize($image);
return $info[2];
}
}
/**
* 检测上传文件大小
* @param integer $size 最大大小

View File

@@ -561,7 +561,7 @@ class Validate
$result = $value instanceof \think\File;
break;
case 'image':
$result = $value instanceof \think\File && in_array(exif_imagetype($value->getRealPath()), [1, 2, 3, 6]);
$result = $value instanceof \think\File && in_array($this->getImageType($value->getRealPath()), [1, 2, 3, 6]);
break;
default:
if (isset(self::$type[$rule])) {
@@ -575,6 +575,17 @@ class Validate
return $result;
}
// 判断图像类型
protected function getImageType($image)
{
if (function_exists('exif_imagetype')) {
return exif_imagetype($image);
} else {
$info = getimagesize($image);
return $info[2];
}
}
/**
* 验证是否为合格的域名或者IP 支持AMXNSSOAPTRCNAMEAAAAA6 SRVNAPTRTXT 或者 ANY类型
* @access protected