diff options
| author | nobody <nobody@localhost> | 2006-01-05 23:36:45 +0000 |
|---|---|---|
| committer | nobody <nobody@localhost> | 2006-01-05 23:36:45 +0000 |
| commit | 4ce70280face928c604c4300fd2ba6fdc78243da (patch) | |
| tree | 3b2f616b592484fcd8bf9b70ea4a062cd5ac64fc /includes/MimeMagic.php | |
| parent | 9018faf3a776fffd61bbb9a7516da6ae8bf55f55 (diff) | |
| parent | b2a8013a4893454f32dc13bd253e141d7fef2f35 (diff) | |
| download | mediawikicore-4ce70280face928c604c4300fd2ba6fdc78243da.tar.gz mediawikicore-4ce70280face928c604c4300fd2ba6fdc78243da.zip | |
This commit was manufactured by cvs2svn to create tag 'REL1_5_5'.1.5.5
Diffstat (limited to 'includes/MimeMagic.php')
| -rw-r--r-- | includes/MimeMagic.php | 42 |
1 files changed, 35 insertions, 7 deletions
diff --git a/includes/MimeMagic.php b/includes/MimeMagic.php index 5be0ee602954..31f57d0e7d11 100644 --- a/includes/MimeMagic.php +++ b/includes/MimeMagic.php @@ -304,6 +304,27 @@ class MimeMagic { return in_array( $mime, $types ); } + /** + * Returns true if the extension represents a type which can + * be reliably detected from its content. Use this to determine + * whether strict content checks should be applied to reject + * invalid uploads; if we can't identify the type we won't + * be able to say if it's invalid. + * + * @todo Be more accurate when using fancy mime detector plugins; + * right now this is the bare minimum getimagesize() list. + * @return bool + */ + function isRecognizableExtension( $extension ) { + static $types = array( + 'gif', 'jpeg', 'jpg', 'png', 'swf', 'psd', + 'bmp', 'tiff', 'tif', 'jpc', 'jp2', + 'jpx', 'jb2', 'swc', 'iff', 'wbmp', + 'xbm' + ); + return in_array( strtolower( $extension ), $types ); + } + /** mime type detection. This uses detectMimeType to detect the mim type of the file, * but applies additional checks to determine some well known file formats that may be missed @@ -318,14 +339,21 @@ class MimeMagic { $fname = 'MimeMagic::guessMimeType'; $mime= $this->detectMimeType($file,$useExt); - if (strpos($mime,"text/")===0 || - $mime==="application/xml") { + // Read a chunk of the file + $f = fopen( $file, "rt" ); + if( !$f ) return "unknown/unknown"; + $head = fread( $f, 1024 ); + fclose( $f ); + + $sub4 = substr( $head, 0, 4 ); + if ( $sub4 == "\x01\x00\x09\x00" || $sub4 == "\xd7\xcd\xc6\x9a" ) { + // WMF kill kill kill + // Note that WMF may have a bare header, no magic number. + // The former of the above two checks is theoretically prone to false positives + $mime = "application/x-msmetafile"; + } - // Read a chunk of the file - $f = fopen( $file, "rt" ); - if( !$f ) return "unknown/unknown"; - $head = fread( $f, 1024 ); - fclose( $f ); + if (strpos($mime,"text/")===0 || $mime==="application/xml") { $xml_type= NULL; $script_type= NULL; |