用户评论:
[#1]
tim at savaslabs dot com [2015-07-29 17:44:03]
Just noting (because I ran into it!) that the current implementation of finfo_file has a known bug which causes PHP to allocate huge amounts of memory when certain strings are present in text files that it is examining.
See https://bugs.php.net/bug.php?id=69224 for more info.
[#2]
niko dot jokipalo at gmail dot com [2014-01-12 20:03:03]
I spent days looking and searching for a database with actual plain language descriptions for the media types, for example
finfo(.png) --> "image/png" --> "PNG image".
In Ubuntu based OS's you can find already translated database at /usr/share/mime
http://manpages.ubuntu.com/manpages/hardy/en/man5/gnome-mime.5.html
[#3]
da_kooz at hotmail dot com [2013-08-08 20:13:56]
Here is an wrapper that will properly identify Microsoft Office 2007 documents. It's trivial and straightforward to use, edit, and to add more file extentions/mimetypes.
if(!preg_match('/\.[^\/\\\\]+$/',$filepath)) {
returnfinfo_file(finfo_open(FILEINFO_MIME_TYPE),$filepath);
}
switch(strtolower(preg_replace('/^.*\./','',$filepath))) {// START MS Office 2007 Docscase'docx':
return'application/vnd.openxmlformats-officedocument.wordprocessingml.document';
case'docm':
return'application/vnd.ms-word.document.macroEnabled.12';
case'dotx':
return'application/vnd.openxmlformats-officedocument.wordprocessingml.template';
case'dotm':
return'application/vnd.ms-word.template.macroEnabled.12';
case'xlsx':
return'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet';
case'xlsm':
return'application/vnd.ms-excel.sheet.macroEnabled.12';
case'xltx':
return'application/vnd.openxmlformats-officedocument.spreadsheetml.template';
case'xltm':
return'application/vnd.ms-excel.template.macroEnabled.12';
case'xlsb':
return'application/vnd.ms-excel.sheet.binary.macroEnabled.12';
case'xlam':
return'application/vnd.ms-excel.addin.macroEnabled.12';
case'pptx':
return'application/vnd.openxmlformats-officedocument.presentationml.presentation';
case'pptm':
return'application/vnd.ms-powerpoint.presentation.macroEnabled.12';
case'ppsx':
return'application/vnd.openxmlformats-officedocument.presentationml.slideshow';
case'ppsm':
return'application/vnd.ms-powerpoint.slideshow.macroEnabled.12';
case'potx':
return'application/vnd.openxmlformats-officedocument.presentationml.template';
case'potm':
return'application/vnd.ms-powerpoint.template.macroEnabled.12';
case'ppam':
return'application/vnd.ms-powerpoint.addin.macroEnabled.12';
case'sldx':
return'application/vnd.openxmlformats-officedocument.presentationml.slide';
case'sldm':
return'application/vnd.ms-powerpoint.slide.macroEnabled.12';
case'one':
return'application/msonenote';
case'onetoc2':
return'application/msonenote';
case'onetmp':
return'application/msonenote';
case'onepkg':
return'application/msonenote';
case'thmx':
return'application/vnd.ms-officetheme';//END MS Office 2007 Docs}
returnfinfo_file(finfo_open(FILEINFO_MIME_TYPE),$filepath);
}?>
[#4]
contato at vfreitas dot com [2012-03-01 18:31:50]
Well, i have a great probleam with that, MS Office 2007 extensions (pptx, xlsx, docx) do not have a default Mime type, they have "application/zip" mime type, so, to fix that, i do one little function to verify the extension.
That function allow's you to be safe of fake extensions hack.
$arrayZips= array("application/zip","application/x-zip","application/x-zip-compressed");$arrayExtensions= array(".pptx",".docx",".dotx",".xlsx");$file='path/to/file.xlsx';$original_extension= (false===$pos=strrpos($file,'.')) ?'':substr($file,$pos);$finfo= newfinfo(FILEINFO_MIME);$type=$finfo->file($file);
if (in_array($type,$arrayZips) &&in_array($original_extension,$arrayExtensions))
{
return$original_extension;
}?>
[#5]
Zane MegaLab.it [2011-06-13 08:38:57]
I was getting application/octet-stream or "<= not supported" for all the files.
I found out that in PHP 5.3 the magic file is built-in into PHP and that is what should be used. The magic file found on the system may not always be what libmagic expects, hence the error.
[#6]
info at tech dash bits dot net [2011-02-13 01:34:45]
While figuring out my problem using this new function, i had a brainwave in using the full path of the file instead of the relative path. For example:
$folder="somefolder/";$fileName"aFile.pdf";$finfo=finfo_open(FILEINFO_MIME_TYPE);finfo_file($finfo,$folder.$fileName);?>
This will result in an error where it can't find the file specified.
This however fixxes that problem:
$folder="somefolder/";$fileName"aFile.pdf";$finfo=finfo_open(FILEINFO_MIME_TYPE);$mime=finfo_file($finfo,dirname(__FILE__)."/".$folder.$fileName);?>
[#7]
scott at thebrain dot ca [2009-01-06 21:29:01]
I thought to use fileinfo to check if a file was gzip or bzip2. However, the mime type of a compressed file is "data" because compression is an encoding rather than a type.
gzip files begin with binary 1f8b.
bzip2 files begin with magic bytes 'B' 'Z' 'h'.
e.g.
$s=file_get_contents("somefilepath");
if (bin2hex(substr($s,0,2)) =='1f8b') {/* could be a gzip file */}
if(substr($s,0,3) =='BZh'){/* could be a bzip2 file */}?>
I am not an encoding expert. My only testing was using a few of my own encoded files.
[#8]
darko at uvcms dot com [2008-08-01 08:28:15]
OO (bit improved) version of the same thing
$file='';$ftype='application/octet-stream';$finfo= @newfinfo(FILEINFO_MIME);$fres= @$finfo->file($file);
if (is_string($fres) && !empty($fres)) {$ftype=$fres;
}?>
[#9]
darko at uvcms dot com [2008-04-24 09:53:46]
Another interresting feature of finfo_file on Windows.
This function can return empty string instead of FALSE for some file types (ppt for example). Therefore to be sure do a triple check of output result and provide default type just in case. Here is a sample code:
$ftype = 'application/octet-stream';
$finfo = @finfo_open(FILEINFO_MIME);
if ($finfo !== FALSE) {
$fres = @finfo_file($finfo, $file);
if ( ($fres !== FALSE)
&& is_string($fres)
&& (strlen($fres)>0)) {
$ftype = $fres;
}
@finfo_close($finfo);
}
[#10]
WebShowPro [2007-09-25 14:01:49]
Just an improvement on the sample Ryan Day posted - slightly off topic since this method does not use finfo_file but in some cases this method might be preferable.
The main change is the -format %m parameters given to the identify call. I would suggest using the full system path to identify i.e. /usr/bin/identify to be a little safer (the location may change from server to server though).
if(file_exists($fullpathtoimage)){exec("/usr/bin/identify -format %m$fullpathtoimage",$out);//using system() echos STDOUT automaticallyif(!empty($out)){//identify returns an empty result to php
//if the file is not an imageif($out=='JPEG'){
returntrue;
}
}
}
returnfalse;
}?>
[#11]
Schraalhans Keukenmeester [2007-05-21 15:20:48]
Tempting as it may seem to use finfo_file() to validate uploaded image files (Check whether a supposed imagefile really contains an image), the results cannot be trusted. It's not that hard to wrap harmful executable code in a file identified as a GIF for instance.
A better & safer option is to check the result of:
if (!$img = @imagecreatefromgif($uploadedfilename)) {
trigger_error('Not a GIF image!',E_USER_WARNING);
// do necessary stuff
}