Now let’s try something to check if the given image is valid, but before going into the example, let me tell you, even the following functions in PHP will not validate an image correctly.Īll the above functions will return the mime/image type for the given image, but they will fail as well if we upload a file after changing the extension or cheat with the first few bytes of image headers. Check if uploaded image is valid with exif data and fileinfo in PHP $extensions=array( 'image/jpeg', 'image/png', 'image/gif' ) īut here you are checking only the extensions, like I said earlier, anyone can rename a file with a different content into jpg or gif and upload them without any problem. Check if uploaded image is valid by checking the extensions $type=$_FILES it’s true that getimagesize( ) returns an array with some random values for image height & width, when the given file is not a valid image. Check if uploaded image is valid with getimagesize( ) in PHP $imagesizedata = getimagesize($file) īut PHP docs says not to use getimagesize( ) to check that a given file is a valid image.
I bet most of us would have used the following to validate the image uploaded in PHP. Most of us would have come across the common solutions in PHP to check if the uploaded file is an image, you might have tried the usual way of checking the extensions and accepting the file to be a valid image, what if someone sinister uploaded a malicious script just by changing the extension of the file to.