Is it possible to find out the type of an image encoded as a base64 String in PHP?
I have no method of accessing the original image file, just the encoded string. From what I've seen, imagecreatefromstring() can create an image resource from a string representation (after it's been decoded from base64), but it automatically detects the image type and the image resource itself is a special PHP representation. In case I want to save the image as a file again, I would have no idea if the type I am saving it as corresponds to the original type from which the String representation was created.
FileInfo can do that for you:
$encoded_string = "....";
$imgdata = base64_decode($encoded_string);
$f = finfo_open();
$mime_type = finfo_buffer($f, $imgdata, FILEINFO_MIME_TYPE);
If you dont want to use these functions because of their dependencies you can use the first bytes of the data:
function getBytesFromHexString($hexdata)
{
for($count = 0; $count < strlen($hexdata); $count+=2)
$bytes[] = chr(hexdec(substr($hexdata, $count, 2)));
return implode($bytes);
}
function getImageMimeType($imagedata)
{
$imagemimetypes = array(
"jpeg" => "FFD8",
"png" => "89504E470D0A1A0A",
"gif" => "474946",
"bmp" => "424D",
"tiff" => "4949",
"tiff" => "4D4D"
);
foreach ($imagemimetypes as $mime => $hexbytes)
{
$bytes = getBytesFromHexString($hexbytes);
if (substr($imagedata, 0, strlen($bytes)) == $bytes)
return $mime;
}
return NULL;
}
$encoded_string = "....";
$imgdata = base64_decode($encoded_string);
$mimetype = getImageMimeType($imgdata);
references :- check here the list of file signatures
The solution given by #Marc B is the best one for me (if our php version is > 5.3.0 otherwise we can use the solution given by #Aaron Murgatroyd).
I would like to give a little addition to this solution.
To get the image type you can do it like this :
$split = explode( '/', $mime_type );
$type = $split[1];
In fact, (if you don't know it) the mime type for images is : image/type and type can be png or gif or jpeg or ...
Hope that can help someone and thanks to #Marc B for his solution.
For an exhaustive list of mime type you can look here :
http://www.sitepoint.com/web-foundations/mime-types-complete-list/
The way shown by #Marc B is the nicest.
Should FInfo not be available, the only other way I know is to store the data into a file, and run a getimagesize() on it.
Code below will get the image type from its mime type.
<?php
$base64 = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAKIAAAAxCAYAAABZAHL2AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAgfSURBVHhe7ZwxTBVLFIaH916wACstoDChEENhIxWYoJUmSqeJWkmiNkQS6TBBzSskUStNoNOCYCOJUKmJoVETY6WVjdJrow1UUvDyjfe/OYy7e+/ivbLknS/Z7N3ZndkzZ/45c3ZZ7RgeHt4MjrPD/FXbO86O4kJ0KoEL0akELkSnErgQnUrgQnQqQVuFODo6Go4dO1Y7cpx82ibEycnJMD09HW7cuBF6e3trpY6TTduEuLa2Fvfd3d3hzp078bfj5PH3gQMH/q39bikfPnwIg4ODMRru27cv7N27N7x796521nG20tKImOaDU1NTYX19Pf4+d+6c54tOLi2LiOSC4+PjoaenJ7x58yaW/fjxI3z8+DGcPn06Hg8NDYWVlZW6OB1HtCQisgQr2vGkPDs7G3NDeP/+fXj06FH87fmik0dLIuKXL19i/nfixInQ2dkZ80KiH9Hw+/fvni86DWlZjvj58+dw5syZuIf+/v4wNzcXBQieLzpFtPSpmZyQHJCohxCJjuSHX79+jdExzReXl5djnSpB1MZ2bHb+HNuOiOR7T58+DZcvX97ywpqod/v27XpeCLzYZtsN+SIThUi+m2G1IU9/+fJlePv2bSyjT/zWcdXYthB5KEGACBFBIjQrSAQ3MzNTX471EPPkyZOYMxJxHjx4EM+VhXZoz/kVRMgEJyXSA+NuYNtCRGB2+UIYEqTywmfPnoWrV6/WxUg5MxORXrx4sZ5PloV2eE3k/Mr58+drv0K4fv16mJiYqB1Vm20LEZHxcELUSwVJxGJDMOlDDFHz06dPdXE67eP169cxHdoNtOwfT7EkMBuPHDlSK/kJAmQ5xilXrlyJAm4UCRHwqVOn6ks91/OSXE4lz6Gd58+fx2POI2zyO+5PPcp4rcQ1qehpn+vYuObFixf1tkk12I4ePRqPBU/6HR0dsS8Wlj/1+9ChQ3GS0dfFxcV4/u7du6Grqyveh0krsJHVA1ZXV8P9+/e3tAWpbcDHJAcPHox1KKfP1KOP9NXWVz7OnpVI5WnfGvWBP1awAslOQZ2RkZHcciD9ajTe0PJ/xccgM5DqtMCpY2NjDSMhEZUBQng4BGiTJ1nq045NuHE+D0cMEGLhmGt4V6kndCKy7nvt2rXoKJxDJMfBtI3TcWaWELHn+PHjMc2wTmUA5+fnt+TGApGwLDKIsuPs2bPRNsAGbAEE+urVqygWbEmRbSBB0R/ub9GETH1PX/KESBt5983qw8mTJ+u+JBVT3205PqE9jilvhtJLM4ZjAAmxBGcdgvEMGE5XxAKiiQwt4tKlS1GEvHdkJrPRHmLSIALlOBQRAhESp+mJnYGjDhCJQVGbWYqouQd7hED9LPJECIhfA4HN3JcHMWDyMKmsD+y7U84LRIiNEgP20Rf9qZQJZq8HfM5E0j2xDRstnGMrAn/ovnl9IDoK2UEdOwHxEVCm9tROM5QWIqGbm+FUhMhs4jVBKk5EgygkSBu6i6BtKzjRSMQMhF3CgDqUyzE4Heeky2teulAkQpCwOKeJw14QRbBJObSiCiLS0oVvsBOxAW1gH/VoS4Opuhbs4nr2bKmPOMdWhNrFxrw+IES1LSEiUIt8YSeMFXAjSgtRg5qSipPlkxBNhFPO0QwMDJ1nYBB03v3yoI7dbLTmOBVrHogQZ9v6KTpnRcqApZFAwlcUUfQA/GL7SKqAD7Vtbv7MnKiXYidsKsJmUbtpW2kfdIwPQRNJ5RzjD50HIn2zFApRL0BtTobjWDZYPpg9GJIVLQAHM5gsYSKrTQuRk3tcuHAhChoxcy3CKBIF9yEyU8duZYUsaE9vBMiRisiK4KB720nIZFX0oG3Okc8K7muFqAhjB7gdFI0hqA8cY5MEzHgp4jPBZCe6KDM5/qntmwansymy2NCPcWwYg3MxmuMy7/wwXnmfYOAQ882bN7csG4J7IFSlANYBPLUWCTgP5Y30lVdRLOvpki40KCkSKHvyL6IG0T5LoII+qN6fJM9HsoXoho9BD1kIEAHTD1YwNvkiq29FbPs9YhYYjUARJ4Igb+GBIX1dUBY6hSi0HKRoYJVvWayDmaV5oknRwwv9oV2iU1pX97LRyi5P1hYbUYSErbcDQB38l7W1g2b7wF4PT+lEkq9s39ouRLu0ltmaheiXNTtxjJYAnGKXMznLOgI4tmXKP7U0CpbDtK5FD1qKBELORqB6ULN/P7eDwWDJTmBSKNpQrlwL+zThaJcopEj0O9h70w9shTJ9SPNrnSMqamyA47JRvaUR8XdBgCzBS0tLdaew8UROXqKogKBYBnAo5TiIgeSYZZSBY09+aUEM1KVt63SuR4x5MIjkxDa/AwSq3Ipy2lNOR7kihbCDih0WpRT4gHSCyUu/sYtN7W4Xm1aQZmArlOmDtR9brTDtOfu7WQo/A5OxIBHYsjJk1U+XGz4Jo+PMrj179oTDhw/HckRGzqaO81EtjuBVEh/e4jA6z+/9+/fHz9B423/v3r3A+0vK9SEu13E9EYD6Gxsb4fHjx2FhYSGe53pmsyKUoA735LwGzn72Rnt89obt3OPWrVvxegvt9vX1xWsePny45RM42Ui/1RZgB5NA9mMz9WgjFTPknbd9wi6dL9MHfnMNe+pYH3379q3eN0RPf8pQ+JcVu6T+bp4n2tGms/up1NLs/H9pOiK2A4+IjvCI6FQCF6JTCfw/c3cqgUdEpxK4EJ1K4EJ0KoEL0akELkSnErgQnUrgQnQqgQvRqQQuRKcSdPT39/tfVpwdp2NgYMCF6OwwIfwHN+rCnrjztp8AAAAASUVORK5CYII=";
$image_info = getimagesize($base64);
$extension = (isset($image_info["mime"]) ? explode('/', $image_info["mime"] )[1]: "");
echo $extension;
?>
If you know a minimal amount about the file format structure, you could theoretically look at the top bytes of the file until you could work out what type of file it is.
For example, a GIF image always starts with the following bytes GIF89a. If you can find that string at the begining of the file, you can be reasonably sure that it is a GIF image and absolutely certain it isn't any other image format. (it could still be a text file though, that just happens to start with 'GIF89a'; you'd have to parse more of the file to be absolutely certain)
Likewise, PNG files have the string PNG fairly near the start (it's not quite at the very begining; again, you'd need to research the file format specifics to help you determine how much you'd need to know to be certain).
JPEGs also contain recognisable strings in their headers, although these are more varied and complex. You might want to look out for the string Exif.
Getting the file format definitions would definitely give you more accuracy, but depending on how accurate you need to be, you might learn enough about the files formats just by opening some image files in a binary editor to see how they're structured.
These resources may help you:
http://www.w3.org/Graphics/JPEG/
http://www.w3.org/Graphics/PNG/
Follow PHP.NET Fileinfo :-
$finfo = finfo_open(FILEINFO_MIME_TYPE); // return mime type ala mimetype extension
foreach (glob("*") as $filename) {
echo finfo_file($finfo, $filename) . "\n";
}
finfo_close($finfo);
You can use magic numbers to detect a MIME type (check here the list of file signatures). However, file signatures are not 100% reliable and you can easily encounter false positives. Of course, there are tasks when a such solution is more than enough.
So if you have a Base64 string and want to identify its MIME type using file signatures you don't need to decode the Base64. A much faster way is to store the file signatures as Base64 and just check if input starts with one of them. A simple example:
<?php
function detectMimeType(string $base64)
{
$signaturesForBase64 = [
'JVBERi0' => "application/pdf",
'R0lGODdh' => "image/gif",
'R0lGODlh' => "image/gif",
'iVBORw0KGgo' => "image/png",
'/9j/' => "image/jpeg"
];
foreach($signaturesForBase64 as $sign => $mimeType)
{
if(strpos($base64, $sign) === 0) {
return $mimeType;
}
}
return false;
}
var_dump(detectMimeType('R0lGODdhAQABAPAAAP8AAAAAACwAAAAAAQABAAACAkQBADs=')); // image/gif
var_dump(detectMimeType('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAIAAACQd1PeAAAADElEQVR42mP4z8AAAAMBAQD3A0FDAAAAAElFTkSuQmCC')); // image/png
var_dump(detectMimeType('JVBERi0xLjUKJYCBgoMKMSAwIG9iago8PC9GaWx0ZXIvRmxhdGVEZWNvZGUvRmlyc3QgMTQxL04gMjAvTGVuZ3')); // application/pdf
var_dump(detectMimeType('/9j/4AAQSkZJRgABAQAAZABkAAD/2wCEABQQEBkSGScXFycyJh8mMi4mJiYmLj41NTU1NT5EQUFBQUFBRERERERERERE')); // image/jpeg
I got this solution from this Js Que-Answer
Additinally : this one is also works properly
Related
I have file contents which I am receiving from my form in string form (base64), and now before using file_put_contents() function to save the file, I wanna know the information related to it, like it's size and mimetypes and so on.
So the question is how to retrieve a file's information just by it's data(base 64 string)
For ex, let's say I have this string:-
Object {files: "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAvwA…Fb+kScAm4BFwC6yGB/w9uNEwUj3EmdQAAAABJRU5ErkJggg==", text: "hi"}files: "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAvwAAACQCAYAAAB08b+HAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAP+lSURBVHhe7H0HeF7FsbZTbirNYNy7LTfZsiVZbrJkWc2ybLlLslzk3nvv4ALGYNN7h9ANofcOSSCETgiBJJCem0rKTSO5987/vjM755zvswy2gf/eG/Q9zz7nfHt29+zO2Z19Z3Z2tsmkqbOkbsZ8mTl/qUydtUAm18/D/3kydeYCqZ+3RKbg2YJla2TuopUyZ+EKmbt4FdLNl/q5i2X6nEWadlz1VBmLMGnKDKmdPkfG10yTuvq5eDZX/4/jf9zXI33N9NkyZeY84XvHT56OZ1NlzMQ6GTtpiqabXG/5mW7k2EkaRk+oleqpM2R87XR9x5iJUzTNyLHVMmpcTfSc6TwPy+JzvndiXb3Gl1SOlZKRCLgy34iq8RpYR4bR42ulYsxEGTFmgqbjs7JR46R89HgpGjFaiitCfpaBwLTDK6qksAzP9P8kKSwfJUOLKyR/+AgZUlQuA4YOl0EFZTK0pFIGDyuTQYWlkoe4vPwiGVhQjOfF+F8sQ5G+uGIMyhqlaYpGVGk5wxHHK8saXIhyikdoGpbPwHr1HzJMQ78B+VpuaeU4fS/v9f2FJZqfaVh29qBCyUHIHlQQBf7PHVyIMoZKNgLvB6B+XrbnH1hQEupYou1gPqazvPn6n6Ff3hDpnTtIsnDNzBkk/cPz3rmDpd/AodKzX570YsgZKJlI1wfxvbIHWH3wnHl65wy2gGd9+g/R8lmf7IGF0gfl9htQoO/Vtufx3aRDkdbLniEtyrO8Q/U5y+A90/H/4GHloNNwTet0Ynv8O/VH/AC02enoNORz0mQgaMt8g/TbVOiV+e37V1hfQOB3Goa+UVBaqX1nWPloKSixfsLAflOKvsZQMnKM9l2GYtwXoY+xnw1Dn2AfKRuFfos+Wo7+qf21aoKmHTOhTkZpH56kcRXo85XjWM4kjasYO1HzMi37CMuuQDkjEa9pQhg9YTLy1Wi/Z/+3+Ik6xnktRl2Y3+vLvCzX41g3rT/ezfReJ2vTRIzXyVKFwHyVqK/9r9O4ynH2fwwCx/Do8ZaWPIJjfnxtPXjFVJRZI6Mw3lmnqolWX7aVdeV7xyAN43l1GvC/8xPPY3yCfGaiprNQo/wo/l8d3oHy0TZ9N0I52kwake942czD7+JlGu0nyFjU3+vBfHwfv1EZaRzozP+kFemqfAf/GRelx7f2eno8y+Y981g/mGR1QjlxHSZqGSyT+dlmo1dNxFPZHm1H+C7eHqavYB1QJt9lPBLtAX3sW9ZqeeTX5M+cC/if99VTZ+I6TabNWYD5gPOKzQnjavhsFvLM0XxjAu9n+snT5+p3nhLScj4Yh7KmYJ6ZMdfmj6mYP6qnJeYP5GefYLqU+SN8T7alehrr4vPHVH0H2z9K+5vNL6O1H1kfcBqxHhPrZtiY4fgM/d7pQFrE84f1rxH4TiUj7Xv4/MHxW1yBsY38Hjgmi0diXIMXkCcwb0PzxxDwFPINzh+DwXfIiwaAtw8Cn9E5BKEAPIZ8w+cPvo+8h2M8ff4gH4rnj1ENzB9jj2j+II/n3JFD/op71i0PvJkhH7ySV/JKq2M8fzDdweePwdH8wXkhK28w3pGPuaO/ZGL+yMT8wXnG548cpGG63rkDJav/YA19+BzXeP4o0HjOA/H8MUTnLfJ3mz/smc0fllfnNVz5fqbLxX9+E86zTHvg/FGkdOD3sfnD5lObLw42f+D7RvNHecAS5VKEbzasvBL9YKR+52GgYUEJ545yDYV4VjpqrIYS9KlK9FcG8uqiitGYP0brlXnLlVcY9hmJvlqBK9OOBQ8eDT7gccZrwBvJdzSgP6P/VqKflqK/smzmZXycZiJ4SK3iK76nDPXR8pCGWE959OgJyuergONGTwCWAz6rIk8H7+H/ceAZEzEeJwLrjcV9127dpGWLE6Vzh7bSvXN76ZXRSfr06CJ9e3aVfpkZktO7uxQMzJZBuVkyuH9fDUMH9JMh4cr7vH49pfEn0oTErp42W8G9g/jaaXMU6BPQTwewn790NQSCZXo/b8kqmYm0dTPnShU+4OSFG2T2+tNk+spTpH7VKTJ58SaZsmyrzFizW2auPQ1hD+7xfPWpsmDz2TJn3ekyA/f1q3bK1KXbpGbeWlmwaa/ULdwoc9bulrrFm2XO+j24bpJZa0+R2Wt3ydz1u2U+0kxfcbLM3bBHr3PwztnrTpX5m/fqdfqKnTJlyTaELbg/Ce84RWatOVX/z1i5Q6Yt24b370P+0zX/jNW7pGbBepmydCvqeCrS7pL6ldv1fz3ST1m6BWEb6rFNpi7D/+UnSR3+T0e9Z6LcaUg7FXGTF22SGtBg8iKWhTxLtqJ8vG/pSbJoy9najgVb9iHtNqXT5MWoz+rdoAfyo54sQ6/IO3P1TpSzEbTcIbUodxbqVYuya+avk2lIMxP0YPo61HEa3w2a1aE8tnvWOpS5Cu9deTLov00mL9mk7ZoLurF+U5du1zQ1C9ehDhs0LdvKMB15SN96xM1A+6YvPxnv2Iw67sL1pECvHZpmJug6e91pUo+6Tl+N963aLrWo+wx869rFW9GWk6UetJyG7zEN7WD95m/EN8I31Hei3rPWnYH8p6FsvAd1n4b3sS2T8T3mbjwD32UDrntRt5PwrlP0+0/Fd7S+cbrS2ALavmw7+sgemTh/FZ5tl/GzlyL/Wm0zv131vNXaj2auYf9EnfFtZq89XWoXbMazdfp9+N2sr52i5TKuZsE6mTR/tSzdcZH2ndr566V6/ga87yS0DWWsYz/cod+qbgm+BdpOmkxbiX69fLteZ60/A+lP1u+rtFxyMmiLPHjO71wP2s1EvPZZ0hzvnYw2TluxXcutx7PZa/YgzW70SdBUvwv79060FTQFzfkttL8pDS3/dKSdjLZPRx9lP5qKZ+y3U1H3BZvP0bZw3DKO75qxapd+1+m4Z1tmo971GKNsJ/tlNcYo+9s05OfYmQp6kJ6zEJSeoMUMjP15m/ahvqgT6jWN7VyxS/nAnA178T0x9jadiTF+OvrDmVZ3POMYm4rvPAv3vNajL05Fn+T9VPQPtnv+5rP0P981E+WzvKmgK8d4feA7fMZ2LNpylswC3UhXtodjmf2aY2nepjOsHqzPhjNkHvpYPfrwPPRrljUH7bZ8SI/6sLxZoP9s9Ffe14OO5BG16Ke16K8cO6QLv2k9nk8F3+P402+EvjAT4408ccYq8Du0YxbqTpoyLelVzzGi347fG/0AfZnvm4k+Pl3bhufLt2i5/HZTQA/lPagH6adjQfkJ8pJvob0sax7oPBPfj+1k32F/I6+dhTLZPvJFljETbZy2HLwaNCAdSCOm4zjTb7HiFKnDu3U8o52NfL6Rzzfy+UY+/2H4fB3muvIxk1UBQWVPJRQ6FMRH4TqaSp+JQWEwGaAfgjYVA527dpXmJx4vGQD7WT0zpA9C7+6dUwD/wJw+KYB/UHZvYSDoZ2gE/CbuNKGGbPzketXUE/TzWgttDDUt06FRmTrTgP+02QuhPZkrs+YtVe3KCGonqqZAUztIWrXrLCe2ai/NWrWTZi3bSrMWbeWEFq1xbaPX45tbaNayTXiOK+L5rOmJraR5a+RF2hOZn/mQjs888Fl6XMrzVnynlenvbNYK/xmfDCi3Bd51fPNWWh+++7gTWkjTZi2snqE+WpfW7aQp6631sHrzamlaRvk1DQKfNW2GcqP0LAPtQr7mrTto+WzfiaQP6sH7qNzwX58jjwbcN2/TQfMrXXC19/j72NbwH+2w9nuIn7H9Vie+3+79P+vhZbK9pJnTlWmMlh5nNNHvGtrg9/ZtjT723ZPvQP2VDuEZ+0BET6Nbsl0t0OZkedp+1i3qE0bnpifiOwS6N2uJb4VvwvZpOu1ndmVgfq27lmHf0mlqbcF/lMH87BP+PY0GRjunVfQ/We/QXu/j3pe8zkrz8O3i9npdrK4etH4R3eM0Wgdtn7Ux6ueJb5R8D9uR/L7eN/xb6DcKfZe0jL5P4nv7eziutW9qQN8ErYxmRjfSn9fmbToekMZprfTV4PyBbQjt0fFmPCCihfelaKxYf0z2HaNHah6Ob+MlCZ4Q0mg/Ct/feVHEY7RecT7jRf6+hvmPfgP2/eib8RvFddQxmxwL4Vsd2M7wnZVvGl29X57AcaX1Z/+1fhvRUseVfRdeLTCN0dj4cDz+nT+Sbt7P/Bt7n4/Gf9RfA99GnhbgY/oup3s03v8v8Xnj4cdjfFifBb9hO5Tm1r+N1uRLrSL+pGm077RDXvCEluQLgXdEfB5zS+AV6XwjyROU5j4vBf7kPCadHzo/1fz/J/h86Fvsh+zLSk+jrdHP6NiyXSe9Or155bewvux0Tufz5M/k86G/+fwXxpjN+eH7hv57MCwR83mbq/5v8nm0lf04gSWcN0S8OJqX2Z8Dxor4tvf5wFPQj4nFLOBbfCg+b2XGc2s7fPPO0it3iBRWVmOVByvVleMB8OtkAjX80PYrFoVGfwyu1O5PBC6tnjJLumRkqIbfAX9On57SD1r9nKye0r9fpmr4c/v0OADwE+g78B+c07dRwU/AX1s/G2B+vkyBmQ619wuXrZWFS9fKLJj4zFq4zALu5yxaJtNg8jN9zkI1DygaPVm6Zw2IQO0J6EzsfMe3QOCVgIyAGgP0uBNbaJyDMt4zrinCsSc010nzOIBuy9dAIEAP+a2slga6Q1rep/83YSL5bsvHeL6LwfPF/+N3K+PVd4a4ICBo3Zkf9fB8ybpH6ZUWmBSQrzmYGa8ENXzuE3oETMn4EoPDmb4yQE4wAezppAy6ksbeXm0jhBanD9vo93xGcOH0Z35+D6fLsWgH6a/11/aFdum3iWnn+VlWCk1QFysPE2OgD8uz7xLXQ//jG1qZFhh3LOrNdz…uBvGvg7j5HNenu62ICRmGCWAZNzFubhWWXH9Sn3gWiitDcZG8zE03aua3KvcWUbZj1ywD+vwBd1PSY0TCx2a2taKccFMC2qXdPuAyBFUAow0EXA1rT7YULABDEO4MOyCbCKSXOeiW8IcrVtgIzHjQtOyrCOYCHigYmpjfV1yJZLAs0mCjDHCGQ5aSMuWsPbyGto48RaoiaNfwtEMK7GvUezgs/xvgMkY7y1WaAhN+uJaKLE9SHzErnV78uUgH20p8862f8AMTQyLZKiMO+zUTlb1K61kA3nHvR56bpCC3/TDDvjsvkRD8ya+wic2wLTemrVpt6Jet9SSZqWVY2GGHghKVs8Z1OFjuOiJINbkzHI9i1z7w0auwpphw74m3TwUMpi8GMhpHbHRRgDDy9038B6lhygVdMNh7YVDsZZ1U78HS+yzXnLdHrkujedIFo3ZMkXAmCh/zHBjQs6tmCt1GLJR+LE0nbB6Es0Td3DbIcF/JOysXCRLLXc9fWMXdRLYDLtWcZZHvFu4V222acYSG4VSSx+XXrKaLEdQiYljv3SgHXORbNAWBf92mUd7H/OE33P2122HXVh3eM479MTCe+fnV/xvUlfM8MO5Ix3q9SgMA7w0xAzTcnBuzTvfjd1wA+GwTx/s7yyWMvqtEp6GZrem3Svrj2GlP0y10S7k3VBPIgD/nkG7RCuHWfVxsuNybpgAHT+CJiU+KJiImzDAy5pFJQeTOqW1oLvONdk8i2516qWYSAwJiQLzvC91BrFZ6cCNzSLX5sAMDyT3dKeMTL1fl5leoZ9FgafzqI7EFA0XVD7eD/Yr30Ct9J2W49DiVIzVOV41vNawA/gvIqGEoB+gvFSID1NLsyohj6FTKyHHYaVkg3uxtXPgFIqV5hfZxnqxgF+1E0Fc1L8Aj2V83jL6oB/Xmv5LI8xFTerdLZNHEGjUNtUoJPGR5PNHme9e/P8Tm9JwVzpgH8eQQ/tWoBrvPQMxMMnJqpZE0kXz4GXiptdYBIDaOj6vqgP4KXu2cCEh8lwFReoLmS/iDoo86EpU3TXNrWy2N0ip3mhlr1j47i+baKsWWviLOV7EqBYxPiy94ChokvQ1kX76e0p8YxRWVk1C7mNW1mGsaiLfkIdtOgCnLdZg/CeYC2bFNCOubALZQIyxrzFsY65Zhoon/R+WiWn/o6zT+elnVjA30VcB59l3DtCqkzdQDFPkDKVoi76jeOUMin1/HU1vuv12P6fsT474O+rE5ZZLyYSmxWHE0lfgBgvIq0ImAxKrGBN5IMXyyoyAGgAbPPwhJvc38tml/CQZGHdmU3HNgH/rO3tqVB0uVA0lSEmcQABLFoEIaWeFlqhSvjCQwD86Ecql0MCzBZEzopNWLWc8HY8QqGZ9XxNx+8yyhPgYT0qoXbSmFSPkWM8CoPW+1CEcG/OM1zbxr3f095PevHq3Hquy/NmkLGAfx5PAcfCtMBlGg7rXgRmpSlNv2zHHefBEoW9dLxiruJ4wVzFMVJ6fZflCpVcB/xdCn1odWHithMJJr95XXH1Z7TbSHcVmIt2Y0LAi28pOwA7TTiPQ+uPVW3PUKktnMTbpOIj4CeAnmQJXFR2IijJ3IeB9IFx6WPR3tKNXax1v8QzMwTAz/lqaJQSyLIJPxzzVoN0eas6NQy23XifSXWwsUv1rFOMUbHWfIBkvAttvAPzCARzgH3nMUdx53XMDfCa41nGxeHY3P40ftjMRfO0C9dybpjXU1AC+PHeTKLf1NMplz4XvQYFtJfSKqUc+qWeLQ/tR781NUI1uvGYwlRyOX7HKCAO+OcV8ipcj8XeTiQYEF1o/LQe4OWcR3PGizEt2wwpO4uegFehbxfRxll8y0W0Ydw95smiYzPQTFvEuJD2ldbNxryMy4CDd4sLSomV3sqJ/VaaUWPZgN/m2+7DkjrvOKWVs0TBpJdiiM8xrxxW6XqbxnhW1im8J8v05FGuWK/rSSjs3DAp8J7XkNbD96lvi3yb8TBp3wSm5J00J7fd9ItGq64Dd/HsTFLCxAbsq3kwURuZYq0at2Gnobs64G8j2FW9BiDfuiwxONpY/AkkmPqxDYWH1sxxVkzmk5/FOV7Vfli1ds9Da2nCN28iF47BtvxJu/jPoo7UF9Im7ZxWlose3yNYn7CY4z3F+wFFGAcBfwnQ5P2aWvdx3bIAv92YD89a4o3oqg+a1NNkZ1NSKn0OayLh/svinUPfEJzBar6IndTbPBneg3qyhWk0VtJ68GwNs7fMbB7nqq4s5JMCcGfdp+1aREViEVm/cK9l0Y0xl2L9sOPGUPQc8M8c6ZuwAF4qqwnCBQVttMQaxQwUsDw2CZSEUoB7jLNc4P6wrgBwlLRhE3bJoB9pmot1WsO5AHWd9QUTGNPMtVUoLOCfBcqm8U3bdpwF5NO8bQy6Ywq/0vs14e6zzmUAfvSljf8ZKti3ClGJ4jWUDB6l48XLrb4ELKecVuamXsFJUoD1GGC/7Xxbr9fuEmvrnJUzn+9VU3ryIgH/gEeSA/4Bd07vTYOWbTPrYJLAC4eFf1zgFsF+qRUO9Y/bKZg8ZLy8Q17ge++AFbgBFhHua9CkuTZzAPq7S0WOXqF5XKZcEEuoOi22MJ8pKlqyZi3INganBGjixm2s+xbQLmrfAUtnolVypuCWWGCW9dE2jfzpUjrVEh/Lb72JJEBgjjkXivSQA7DpBWM2Qb5f07IA2VgaekZLMAQ9Couw8A94ODngH3DnLKxpADRY5OscR/zPnVpvu02B3yywj4VuHMgH9QIArQ39Z2GC8BudJ4E2GUdgMbfxHVQkuxAvrdBtqTxsg81/XdIuPk9XFi7WN+19IO+0aVvbWPcXCfgx31hPX9ceoJL+bFMGYKN0V3NSsUoUyjZt8WtcAptBApir6kGvJXEUdo1hGvBp8mibw38zyNg8gwP+Tdahcz8Oc/nX05MRdDz++Pm3mJTSDKAGL/SQrQxzC2yTV0BKSal12aZvQ/8DIHeVU51eA1iESqw6k7qGSgzGdGkMCz1hs+g/JcOBlqxZGS+YlYOKeEkf2Bz2TWW0CEoPlH4u8JhjNrMBoC3fuGQMeRmXwGaRgF0zmgbVWoUBRqBJnuQmAfebRa5jnsMB/ybu3LkfDQDrwQfVsg+Q9fDDoxy+SfnxN0su57kFuAkqaMpf5wZFFpzS4gzgOk+mJabZmxVkO0vsBNxNdl7savdUS7eZZcmiosR7lwB+ymgWVWicjPoE/AD2zFxDF/6i09bNGhdd/85xP+947bpdXp9LYGgSwNxWmm643nYYFGmghDEBdTHxAVNTNplDhyabDtvjgL9DYW66qsZx9sfx8j0//qbr+vRATQE/AWedX0/ePSw4bYAeLTRd7PJIy3kTUDxtZ8gmvc97zwLv9KxAbqV9AFDNYOY2XrU+AD/6ms9Mzm1XtKgmcl9GWRv70WbML6PNfk+XwCpKwGb6GpfemOe6yjJUl1FTb+qSZOyAf0mCH/xtCfbJjwNAqXPtAEaQiWUeq+3gBbHmDSwFmxATLZoAnXVQZ3MENwX9qItjb979I9BOWpqb5KduIodJQ8Za92cBctJB8Lwl6SAhX1J/2gbddg340W62Cf3XJKvXZnnt2I9NxtpmeXZ/DpfAoiWAeRDzGOZAvHtMv4pP/N+HsYHGqHmSSCxITg74FyTolbqNBft1bZlZfLrMurJSwlmzxhIEAqTTPUqwik+cQxm6VAH2J4FyC/pLresAiQT7XQR3Wv7+LEqN7eouAD+DcGcFHLMcvRnM+DItw4TdobbtEO0K8HMjGs4diH9Y1/mCKWQxhmcpeW37za9zCbgElicBrGvATH0oEx0/lQP+jgW68tVZQMR0jHCDAcS5W3rlu7fxA9jNoaa5SktTpGFypHKAcUUlwn7CGlrfr6ELsI+H5+6TTfj7uK4LwF9iqce96h4I5pCG3Mb98ZmgIMwDrLsA/FZBQ3u7CHJuPGgHdgENKOhXn0MH1jneHJfAikqgBY3IAf+K9nVvzaa2OikXf2839ooHKQGmIrSu0fp3AM4m2VYwUQFwz1IgYBWFdbhJ3dOESECL+zbNj94F4C/JFMHNykCFITjkXggA9PYP7yqzB81Kl1syuPiMbXiuMBSsW1BuiUxZhrKp09lWwCrY5DG9rEvAJbAACbSkETngX0Df+C1cAi6BmgS4bTwAq1UgAIjAhWxhvZgqYwArq2Q0jQVYBOCHNZxBt3W6EbnwsOAzDS6z+OCzC3m1ecZ6UC760kHs+UNxXAwLPT7rGNvgE6JLwCXQXgItaUQO+NuL3K90CbgEVkUC1rrfZrfFNmC4Lptpuz2CtsNYhXF7A5C2Q0ux3Yyrq6D5ps8IpckqHbje/yZLAMoaFTfuUYJ+bBtk7bJ2CbgEXAINJOCAv4GwvKhLwCWwohKw27a34bk3BcPjxDQN8DNt6aSc7cyAxD0xoAA0CTou6bbSZ4QF38ZYgALUldJR0s5VLoOxV9+F2gH/Kveot90lsDIScMC/Ml3lDXUJuARaSwDUE1CF2tJNSsHwtAYyIL6epYdgHkBwUlAnzgMY9pkGd9Yzkr5DahSeo6v4itYdu4IXWnqPW/hXsAO9yS6B1ZSAA/7V7DdvtUvAJbBICcwCw6VtAVgGdYd/Njd/Fzz80naMKzftGeEhIX1nXXPqzyPb+rUW9K9A/u4uH93rcgm4BJYjAQf8y5G739Ul4BJYJQmQEtQmg419TtI56Gmgdb90X4I+ZUbAjzbCmwB6EahGBPqwRjt9p7seAOgH2G9DMeuuFV6TS8AlsCYScMC/Jh3tj+kScAnMIQFSgubdPIk52QGmAfQYqLts6z5EM2nPBXgloJA4fWeOAeSXugRcAi6B5UrAAf9y5e93dwm4BNZJAgD5TL1Ja/+8XoOu5Mc4ASglOBAUPARFpKvn83pcAi4Bl8AaS8AB/xp3vj+6S8AlsAQJ2BShdoOtJTTFb+kScAm4BFwC6yGB/w9uNEwUj3EmdQAAAABJRU5ErkJggg=="text: "hi"__proto__: Object
54:783
$encoded_data = 'iVBORw0KGgoAAAANSUhEUgAAAvwA…Fb+kScAm4BFwC6yGB/w9uNEwUj3EmdQAAAABJRU ....';
$size = strlen(base64_decode($encoded_data));
remember base64 encoding increases the original data in size by about 33%
Now we can write a function -
function getFileSize($base64string){
$bytes = strlen(base64_decode($base64string));
$roughsize = (((int)$bytes) / 1024.0)* 0.67;
return round($roughsize,2);
}
this function will return filesize in Kb.
Now to know the Mime Type you can use Fileinfo
$imgdata = base64_decode($encoded_data);
$f = finfo_open();
$mime_type = finfo_buffer($f, $imgdata, FILEINFO_MIME_TYPE);
Providing user to upload images has wide usage, however, checking file extension and MIME type not guarantee correct file type.
Alternative:
I used imagejpeg() and imagecreatefromjpeg() functions for creating the image from $_FILE['userfile']['tmp_name'] and then saving it in images/ dir. In this case, I ignored move_uploaded_file() function.
Are still this code vulnerable to fake image uploading attack?
$filename = $_FILE['inputfile']['name'];
$upload_path = 'images/';
//extract extension
$ext = strtolower(substr($filename, strrpos($filename, '.') + 1));
// return mime type ala mimetype extension
$finfo = finfo_open(FILEINFO_MIME_TYPE);
//get MIME type of the given file
$mime = finfo_file($finfo, $filename);
//close finfo
finfo_close($finfo);
if (is_uploaded_file($_FILES['inputfile']['tmp_name'])) {
//first check: file extension and mime type
if(!in_array($ext, array('jpeg', 'jpg', 'gif', 'png')) && !in_array($mime, array('image/jpeg', 'image/gif', 'image/png')) ){
die("Error1: Invalid Image type");
}
if($ext == 'jpeg' || $ext == 'jpg'){
$im = #imagecreatefromjpeg($_FILE['inputfile']['tmp_name']);
if($im){
$createimage = imagejpeg($im, $upload_path.$_FILE['inputfile']['name']);
if(!$createimage){
die("Error3: Can't create image!");
}
//last check
$filecontent = file_get_contents($upload_path.$_FILE['inputfile']['name']);
//clean the file from any php code
$filecontent = str_replace(array("<?php", "<?", "?>"), "", $filecontent);
$handle = fopen($upload_path.$_FILE['inputfile']['name'], "wb");
fwrite($handle, $filecontent);
fclose($handle);
}
else{
die("Error2: Invalid Image Detected");
}
}
}
One can always embed PHP code safely in a perfectly valid image file. There are too many ways to do that to worth even thinking avoiding them. Many valid image formats, many data containers such as EXIF in jpg for example, pixel level and compression manipulation, etc.
To be on the safe side one should protect the server from arbitrary file inclusion attacks and sanitize the file extensions to escape from apache configuration mistakes.
A more crazy approach is to create a slightly modified copy of the image, more exactly create a new image from the original one modified, a slight resize or color manipulation will delete the bitmap level PHP injections while copying will save you from most of the PHP injected in other data containers within the image.
I have a page for uploading videos, and I want the file types to be mp4 flash and webm files. all the mp4 extension files and webm files work fine but the flash files (.flv and .f4v) are not recognized and therefore php returns the value 'application/octet-stream' which I believe is the default MIME for any files which aren't recognized. is there a better method than this code that will recognize the flash files for there true MIMES (video/x-flv and video/x-f4v) respectively?
$type = $_FILES["uploaded"]["type"];
$allowedTypes = ["video/mp4","video/quicktime","video/x-flv","video/x- f4v",
"video/webm"];
$isRefusedType = !in_array($type, $allowedTypes);
if ($isRefusedType)
{
$message="not an accepted file type";
}
else $message="OK";
Perhaps you can try this code:
<?php
$finfo = finfo_open(FILEINFO_MIME_TYPE); // mimetype
$type = finfo_file($finfo, $filename);
finfo_close($finfo);
?>
As described here, you will need PHP >= 5.3.0, is it a problem?
Another idea could be to check the data signature (see there):
<?php
$s = file_get_contents($_FILES["uploaded"]["tmp_name"]);
if ( substr($s,0,3) == 'FLV' ) { /* It's good! */ }
?>
Watching at the description of $_FILES['userfile']['type'] in the php documentation we can see:
The mime type of the file, if the browser provided this information.
An example would be "image/gif". This mime type is however not checked
on the PHP side and therefore don't take its value for granted.
So the Tiger-222 option seems to be your best chance to get the real value:
<?php
$finfo = finfo_open();
$fileinfo = finfo_file($finfo, $file, FILEINFO_MIME);
finfo_close($finfo);
?>
I'm saving some of my image in to mysql database using base64_encode.
now I want to restore them back to file system.
How can I do that?
Edit...!
Ok, I did not explain enough.
I use this code to encode my image and save them in to a blob table:
function base64_encode_image ($imagefile) {
$imgtype = array('jpg', 'gif', 'png');
$filename = file_exists($imagefile) ? htmlentities($imagefile) : die('Image file name does not exist');
$filetype = pathinfo($filename, PATHINFO_EXTENSION);
if (in_array($filetype, $imgtype)){
$imgbinary = fread(fopen($filename, "r"), filesize($filename));
} else {
die ('Invalid image type, jpg, gif, and png is only allowed');
}
return 'data:image/' . $filetype . ';base64,' . base64_encode($imgbinary);
}
and use this code to show my image in browser:
if (!isset($_GET['id']) && !ctype_digit($_GET['id'])){
die('Error');
} else {
require_once( addslashes(dirname(dirname(__FILE__)) . '/config.php') );
require_once( addslashes(dirname(__FILE__) . '/Functions.php'));
$row = mysql_fetch_array(mysql_query ("SELECT `id`,`cover_small` FROM `om_manga` WHERE `Active` = '1' AND `id` = '".sql_quote($_GET['id'])."'"));
if (isset($row['id'])){
header("Content-type: image/jpeg");
readfile($row['cover_small']);
} else {
die('Error');
}
}
Now i want them back to a jpg file.
The size of all those image are less then 3kb.
Use PHP's base64_decode() function to convert the encoded data back to binary.
Since base64_decode returns a string, you can use file_put_contents() to write the decoded contents to a file.
It makes me wonder why you're storing the image base64 encoded if you're not using it in that format. You could just as easily store the image in binary format in a binary blob column.
Base64 encoding adds a 33% character overhead (not bytes).
Edit for revised question
The answer to your second question is subjective without context. Without knowing the details of your system, I can't recommend whether you should extract the images.
Decode it the same way you encoded it...
base64_decode()
You might want to store the file extension of the image when writing it to the database so that you can restore it accurately. Just concatenate the new name with the existing extension.
What you should so is something similar to this :
// Retrieved values from database
$encodedImg = $sqlResult['encoded_img'];
$ext = $sqlResult['encoded_img_ext'];
// Concatenate new file name with existing extention
// NOTE : This parameter is a full path. Make sure that the folder
// you are writing the file to has the correct permissions allowing the
// script write access.
$newImagePath = "/some/path/on/the/servers/filesystem/";
$newImageName = $newImagePath."decoded_image.".$ext;
// Saving the decoded file with the new file name.
file_put_contents($newImageName, base64_decode($encodedImg));
I used this code to check for the type of images,
$f_type=$_FILES['fupload']['type'];
if ($f_type== "image/gif" OR $f_type== "image/png" OR $f_type== "image/jpeg" OR $f_type== "image/JPEG" OR $f_type== "image/PNG" OR $f_type== "image/GIF")
{
$error=False;
}
else
{
$error=True;
}
but some users complain they get an error while uploading any type of images, while some others don't get any errors!
I was wondering if this fixes the problem:
if (mime_content_type($_FILES['fupload']['type']) == "image/gif"){...
Any comments?
Never use $_FILES..['type']. The information contained in it is not verified at all, it's a user-defined value. Test the type yourself. For images, exif_imagetype is usually a good choice:
$allowedTypes = array(IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_GIF);
$detectedType = exif_imagetype($_FILES['fupload']['tmp_name']);
$error = !in_array($detectedType, $allowedTypes);
Alternatively, the finfo functions are great, if your server supports them.
In addition to #deceze, you may also finfo() to check the MIME-type of non-image-files:
$finfo = new finfo();
$fileMimeType = $finfo->file($path . $filename, FILEINFO_MIME_TYPE);
Sure you could check if it's an image with exif, but a better way I think is to do with finfo like this:
$allowed_types = array ( 'application/pdf', 'image/jpeg', 'image/png' );
$fileInfo = finfo_open(FILEINFO_MIME_TYPE);
$detected_type = finfo_file( $fileInfo, $_FILES['datei']['tmp_name'] );
if ( !in_array($detected_type, $allowed_types) ) {
die ( 'Please upload a pdf or an image ' );
}
finfo_close( $fileInfo );
The best way in my opinion is first to use getimagesize() followed by imagecreatefromstring().
$size = getimagesize($filename);
if ($size === false) {
throw new Exception("{$filename}: Invalid image.");
}
if ($size[0] > 2500 || $size[1] > 2500) {
throw new Exception("{$filename}: Image too large.");
}
if (!$img = #imagecreatefromstring(file_get_contents($filename))) {
throw new Exception("{$filename}: Invalid image content.");
}
Checking by getimagesize() prevents some DoS attacks, because we don't have to try to imagecreatefromstring() from every file provided by the user, either non-image file or file too big. Unfortunately, according to PHP docs cannot be relied on for checking image type content.
The imagecreatefromstring() finally tries to open the file as an image - if is succeeds - we have an image.
This is a simple, one line script that I use often.
$image = "/var/www/Core/temp/image.jpg";
$isImage = explode("/", mime_content_type())[0] == "image";
Basically I am using mime_content_type() to get something like "image/jpg" and then exploding it by "/" and checking against the first element of the array to see if it says "image".
I hope it works!
In PHP 5.5 I use this function for getting file type and check if image:
function getFileType( $file ) {
return image_type_to_mime_type( exif_imagetype( $file ) );
}
// Get file type
$file_type = getFileType( 'path/to/images/test.png' );
echo $file_type;
// Prints image/png
// 1. All images have mime type starting with "image"
// 2. No other non-image mime types contain string "image" in it
Then you could do:
if ( strpos( $filetype, 'image' ) !== false ) {
// This is an image
}
Complete list of mime types: http://www.sitepoint.com/web-foundations/mime-types-complete-list/
That last line is close. You can use:
if (mime_content_type($_FILES['fupload']['tmp_name']) == "image/gif"){...
In the case I'm currently working on, my $_FILES..['type'] reports itself as "text/csv", while both mime_content_type() and finfo() (suggested by others) report "text/plain.". As #deceze points out, $_FILES..['type'] is only useful to know what type a client thinks a file is.
you can try this
$file_extension = explode('.',$file['name']);
$file_extension = strtolower(end($file_extension));
$accepted_formate = array('jpeg','jpg','png');
if(in_array($file_extension,$accepted_formate)) {
echo "This is jpeg/jpg/png file";
} else {
echo $file_extension.' This is file not allowed !!';
}
WARNING: the following answer does not actually check the file type. It only checks the name. It is not suitable for actual security purposes.
EDIT: Don't Use this method as it serves no security check. I am leaving this answer here so that no one makes the same mistake like me by trying this.
I tried the following and it worked for me:
$allowed = array('gif','png' ,'jpg', 'pdf');
$filename = $_FILES['input_tag_name']['name'];
$ext = pathinfo($filename, PATHINFO_EXTENSION);
if(!in_array($ext,$allowed) ) {
echo 'error';
}
Source link