Delicious Bookmark this on Delicious Share on Facebook SlashdotSlashdot It! Digg! Digg



PHP : Function Reference : Fileinfo Functions : finfo_file

finfo_file

Return information about a file (PECL fileinfo:0.1-1.0.4)
string finfo_file ( resource finfo, string file_name [, int options [, resource context]] )

Example 616. A finfo_file() example

<?php
$finfo
= finfo_open(FILEINFO_MIME); // return mime type ala mimetype extension
foreach (glob("*") as $filename) {
   echo
finfo_file($finfo, $filename) . "\n";
}
finfo_close($finfo);
?>

The above example will output something similar to:

text/html
image/gif
application/vnd.ms-excel

Code Examples / Notes » finfo_file

ryan day

to check images on unix based systems its much better to use the identify command provided by image magic as it provides accurate results about all files
<?php
function is_jpg($fullpathtoimage){
if(file_exists($fullpathtoimage)){
exec("identify $fullpathtoimage",$out);
//using system() echos STDOUT automatically
if(!empty($out)){
//identify returns an empty result to php
//if the file is not an image
$info = $out[0];
$info = explode(' ',$out[0]);
//^IF THE FILENAME CONTAINS SPACES
//^THIS WILL NOT WORK...be creative
$type = $info[1];
if($type == 'JPEG'){
return true;
}
}
}
return false;
}
?>
identify can process all types of images that are web friendly
sample output:
./image/someimage.jpg JPEG 150x112 150x112+0+0 DirectClass 8-bit 4.54688kb
if you dont want to control the image name or want to support spaces use: escapeshellarg()
http://us2.php.net/manual/en/function.escapeshellarg.php
function links:
exec() -- http://us2.php.net/manual/en/function.exec.php
explode() -- http://us2.php.net/manual/en/function.explode.php


03-may-2007 10:10

this returns the string
"cannot open `FILEPATH' (No such file or directory)"
if non-existent path given, instead of FALSE as written above.
Environment: PHP 5.2.1, WinXp.


schraalhans keukenmeester

Tempting as it may seem to use finfo_file() to validate uploaded image files (Check whether a supposed imagefile really contains an image), the results cannot be trusted. It's not that hard to wrap harmful executable code in a file identified as a GIF for instance.
A better & safer option is to check the result of:
if (!$img = @imagecreatefromgif($uploadedfilename)) {
 trigger_error('Not a GIF image!',E_USER_WARNING);
 // do necessary stuff
}


webshowpro

Just an improvement on the sample Ryan Day posted - slightly off topic since this method does not use finfo_file but in some cases this method might be preferable.
The main change is the -format %m parameters given to the identify call.  I would suggest using the full system path to identify i.e. /usr/bin/identify to be a little safer (the location may change from server to server though).
<?php
function is_jpg($fullpathtoimage){
   if(file_exists($fullpathtoimage)){
       exec("/usr/bin/identify -format %m $fullpathtoimage",$out);
       //using system() echos STDOUT automatically
       if(!empty($out)){
           //identify returns an empty result to php
           //if the file is not an image
           
           if($out == 'JPEG'){
               return true;
           }
       }
   }
   return false;
}
?>


spazdaq

FYI
contrary to the documentation, finfo_file seems to be returning a semicolon delimited string that contains not just the mime type but also the character set.
so
$finfo = finfo_open(FILEINFO_MIME);
echo(finfo_file($finfo, $my_file));
returns: text/plain; charset=us-ascii
it may be dependent on the magic file, but i'm too lazy to investigate further.


php

Annoying one this - only tested on Windows.
It looks like finfo_file only works if you give it an absolute filename or a file listed in $_FILES - presumably because there are known locations that php looks for files.
eg:
finfo_file($handle,'img.gif'); // returns an error
finfo_file($handle,realpath('img.gif')); // returns correctly


Change Language


Follow Navioo On Twitter
finfo_buffer
finfo_close
finfo_file
finfo_open
finfo_set_flags
eXTReMe Tracker