我提出了一个我认为最好的解决方案。我必须承认,使用getimagesize()函数的主要原因是获取文件的MIME类型(以确保它是一个图像)。获得大小是一个额外的好处,但我可以很容易地围绕exif_imagetype()函数框架问题。问题本来是一样的,因为这两个函数只接受文件名;不是文件内容。
所以我所做的基本上是查看PHP源代码,看看exif_imagetype()如何读取MIME信息。事实证明它只读取文件的前12个字节。我复制它的功能如下:
function GetConstMimeArray()
{
// MIME type markers (taken from PHP sourcecode consts in \ext\standard\image.c starting at line 39).
return array
(
'gif' => array(ord('G'), ord('I'), ord('F')),
'psd' => array(ord('8'), ord('B'), ord('P'), ord('S')),
'bmp' => array(ord('B'), ord('M')),
'swf' => array(ord('F'), ord('W'), ord('S')),
'swc' => array(ord('C'), ord('W'), ord('S')),
'jpg' => array(0xff, 0xd8, 0xff),
'png' => array(0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a),
'tif_ii' => array(ord('I'), ord('I'), 0x2a, 0x00),
'tif_mm' => array(ord('M'), ord('M'), 0x00, 0x2a),
'jpc' => array(0xff, 0x4f, 0xff),
'jp2' => array(0x00, 0x00, 0x00, 0x0c, 0x6a, 0x50, 0x20, 0x20, 0x0d, 0x0a, 0x87, 0x0a),
'iff' => array(ord('F'), ord('O'), ord('R'), ord('M')),
'ico' => array(0x00, 0x00, 0x01, 0x00)
);
}和
// Get an array of known MIME headers.
$MimeTypeConsts = GetConstMimeArray();
// Get first 12 bytes of file from stream to do a MIME check.
$File = file_get_contents('php://input', null, null, 0, 12);
if(strlen($File) < 12)
return;
// Scan first 12 bytes of file for known MIME headers.
$MatchedMime = '';
foreach($MimeTypeConsts as $Type => $Bytes)
{
$NumMatching = 0;
$NumBytes = count($Bytes);
for($i = 0; $i < $NumBytes; $i++)
{
if(ord($File[$i]) == $Bytes[$i])
$NumMatching++;
else
break;
}
if($NumMatching == $NumBytes)
{
$MatchedMime = $Type;
break;
}
}
// Check if the file does NOT have one of the known MIME types.
if(strlen($MatchedMime) <= 0)
return;
// If we fix up TIF_TT and TIF_MM, you can use $MatchedMime in lieu
// of the extension on the file name.
if($MatchedMime == 'tif_ii' || $MatchedMime == 'tif_mm')
$MatchedMime = 'tif';
// What's the max size allowed to upload?
$MaxSize = min(ReturnBytes(ini_get('post_max_size')), MAX_UPLOAD_SIZE);
// Get full file.
$File = file_get_contents('php://input', null, null, 0, $MaxSize + 8);
// Get file size.
$Size = strlen($File);
if($Size > $MaxSize)
return;
// Get hash of the file contents.
$Hash = hash('SHA1', $File, true);
file_put_contents(UPLOADS_DIR.'/'.bin2hex($Hash).'.'.$MatchedMime, $File);该文件现在将使用散列名称和MIME类型作为其扩展名保存在UPLOADS_DIR中。 (无论文件名最初是什么扩展名都会被忽略而不会被使用。)