yolinlin/aowow
1
0
Fork 0
mirror of https://github.com/Sarjuuk/aowow.git synced 2025-11-29 15:58:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Screenshots/Upload

Browse Source 
* use fileInfo to determine the filetype (getimagesize fails if the file is not an actual image)
This commit is contained in:
Sarjuuk
2016-04-08 21:14:28 +02:00
parent bb87762467
commit 770f11321f
3 changed files with 10 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
README.md
View File

Binary file not shown.

2
includes/shared.php
View File

@@ -4,7 +4,7 @@ define('AOWOW_REVISION', 19);
define('CLI', PHP_SAPI === 'cli');
$reqExt = ['SimpleXML', 'gd', 'mysqli', 'mbstring'];
$reqExt = ['SimpleXML', 'gd', 'mysqli', 'mbstring', 'fileinfo'];
$error = '';
foreach ($reqExt as $r)
if (!extension_loaded($r))

22
pages/screenshot.php
View File

@@ -299,23 +299,19 @@ class ScreenshotPage extends GenericPage
return Lang::main('intError');
}
// check if file is an image; allow jpeg, png
$finfo = new finfo(FILEINFO_MIME); // fileInfo appends charset information and other nonsense
$mime = $finfo->file($_FILES['screenshotfile']['tmp_name']);
if (preg_match('/^image\/(png|jpe?g)/i', $mime, $m))
$isPNG = $m[0] == 'image/png';
else
return Lang::screenshot('error', 'unkFormat');
// invalid file
$is = getimagesize($_FILES['screenshotfile']['tmp_name']);
if (!$is || empty($is['mime']))
if (!$is)
return Lang::screenshot('error', 'selectSS');
// allow jpeg, png
switch ($is['mime'])
{
case 'image/png':
$isPNG = true;
case 'image/jpg':
case 'image/jpeg':
break;
default:
return Lang::screenshot('error', 'unkFormat');
}
// size-missmatch: 4k UHD upper limit; 150px lower limit
if ($is[0] < $this->minSize || $is[1] < $this->minSize)
return Lang::screenshot('error', 'tooSmall');