danwin1210/le-chat-php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use mime_content_type to determin uploaded files mime type when available

Browse Source
This commit is contained in:
Daniel Winzen
2020-12-27 16:43:37 +01:00
parent ae642df38d
commit 45035ebf36
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
chat.php
View File

@ -3042,10 +3042,12 @@ function validate_input() : string {
$stmt->execute([$newmessage['postdate'], $id[0], $newmessage['poster'], $newmessage['recipient'], $newmessage['text']]); $stmt->execute([$newmessage['postdate'], $id[0], $newmessage['poster'], $newmessage['recipient'], $newmessage['text']]);
} }
if(isset($hash) && $id){ if(isset($hash) && $id){
if(!empty($_FILES['file']['type']) && preg_match('~^[a-z0-9/\-.+]*$~i', $_FILES['file']['type'])){ if(function_exists('mime_content_type')){
$type=$_FILES['file']['type']; $type = mime_content_type($_FILES['file']['tmp_name']);
}elseif(!empty($_FILES['file']['type']) && preg_match('~^[a-z0-9/\-.+]*$~i', $_FILES['file']['type'])){
$type = $_FILES['file']['type'];
}else{ }else{
$type='application/octet-stream'; $type = 'application/octet-stream';
} }
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'files (postid, hash, filename, type, data) VALUES (?, ?, ?, ?, ?);'); $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'files (postid, hash, filename, type, data) VALUES (?, ?, ?, ?, ?);');
$stmt->execute([$id[0], $hash, str_replace('"', '\"', $_FILES['file']['name']), $type, base64_encode(file_get_contents($_FILES['file']['tmp_name']))]); $stmt->execute([$id[0], $hash, str_replace('"', '\"', $_FILES['file']['name']), $type, base64_encode(file_get_contents($_FILES['file']['tmp_name']))]);