Working with Images - PHP

Asked

Viewed 139 times

1

I have worked and still work with some image manipulation libraries in PHP, but I decided to study at source the manipulations, how they work, how to implement and work with images.

As we know the images are uploaded through a <input type="file">, which allows you to upload any type of file, I am already considering the changes in HTML and/or JavaScript, that can be done by malicious user.

I already have a certain treatment through the native mistakes of $_FILE['image']['error'], also using getimagesize() to somehow confirm the veracity of the image, using $_FILE['image']['type'], using MIME and offset 2 taken from himself getimagesize(), that stays that way:

//array de arquivos suportados
$support=array(1=>"image/gif",2=>"image/jpg",3=>"image/png");

//informações do getimagesize()
$getimagesize=getimagesize($_FILE['image']['tmp_name']);

//uma das verificações
if($support[$getimagesize[2]]==$getimagesize['mime']){}

Why this kind of checking? Because there are ways to create files that are not images with extensions of one, and besides this example, I also do a size-based check imagesx and imagesy, to try to prevent as many possible malicious files as possible.

So during this study, I came across some questions where I haven’t found anything on the Internet yet that would clear up my doubts, are they:

  • What errors, obtained by $_FILES['image']['error'] that still keeps the file on the server?

For example, upload a file .txt which is not an image, but is a complete file, generates the $_FILES['image']['error'] == 0, then the file was transferred to the temporary folder and I can delete it.


The return of function getimagesize() is an array containing:

Array
(
    [0] => 500
    [1] => 300
    [2] => 3
    [3] => width="500" height="300"
    [bits] => 8
    [mime] => image/png
)
  • What is the purpose of the key bits and what its values, minimum, maximum?

Obs: I know this is my first question and you may be a little confused, but I tried to be as clear as I could, if anyone could help me I would be grateful.

  • 1

    The bit key only tells you how many bits the image has per color. In your case there, it’s an 8-bit PNG. Could be a 24-bit JPEG, or maybe a 24-bit PNG.

  • Thank you @sam, and these values you quoted are default values?

  • 1

    I’m not an expert on images, but I think it can vary. For example, a GIF has 8 bits (256 colors), whereas JPG and PNG can have 24 bits (16 million colors). But the important thing is that the key "bits" only informs the bits by image color.

  • 1

    Got it, thanks a lot for your help

1 answer

0

What errors, obtained by $_FILES['image']['error'] still keeps the file on the server?

Only when the value of the key 'error' is 0 (or the constant UPLOAD_ERR_OK) the file will be kept in 'tmp_name'

What is the purpose of key bits of getimagesize() and what its values, minimum, maximum?

The key bits tells you how many bits the image has per color. In the example it is an 8-bit PNG. It could be a 24-bit JPEG or PNG. (credits to @Sam)

Browser other questions tagged

You are not signed in. Login or sign up in order to post.