1

I am on shared hosting, and have been battling with them to get fileinfo working, we have finally got it working, but again I have been hit with another barrier, I have essentially got this because I am creating a new file upload tool and we need to know what mimetypes are being uploaded, but fileinfo does not want to play ball.

So, a .sql file will return text/plain, correct.

However, every other file will simply return application/octet-stream, what I am wondering is why this is the case, I don't want to be pissing the host off with tons of questions so I want to get some research on the issue before I hassle them furthur.

Code:

function get_mime($filename)
{
    $result = new finfo(FILEINFO_MIME_TYPE, "/usr/share/file/magic.mime"); 
    return $result->file($filename, FILEINFO_MIME_TYPE);
}

echo $user->get_mime($_FILES['file']['tmp_name'][$i]);

Any help would be greatly appreciated, many thanks

Update

So I have gone about updating the code of the MIMETYPE check, and I have updated the code to reflect the following(for the function):

function get_mime($filename)
{
    $result = new finfo(FILEINFO_MIME_TYPE, "/usr/share/file/magic.mime"); // return mime type ala mimetype extension

    if (is_resource($result) === true)
    {
        return $result->file($filename, FILEINFO_MIME_TYPE);
    } else {
        return "failed";
    }

    return false;
}

Obviously, as you can see I have made it output failed when it, fails. This is happening 100% of the time, and removing that if statement causes it to return application/octet-stream, which is incorrect.

The upload process will be: User uploads -> Files are moved to a temporary folder above public, (upload_check) where they will be checked by fileinfo, if the file is not what we accept it will be discarded, else it will be copied to the public files and and then discarded from the temporary folder.

I have created that process, and still fileinfo doesn't want to co-operate and returns application/octet-stream for everything, even though they are on the server just saved above the public_html folder.

Any advice?

Jake

Jake Ball
  • 798
  • 2
  • 8
  • 26

2 Answers2

3

Advice

I really think you are getting things wrong here ...

A. when a file is uploaded it also returns mime type automatically in the $_FILES 

echo $_FILES['file']['type'][$i] ;

B if you want to get mime for a file that was not uploaded, or try and make a better determination that what the client headers provided, use mime_content_type http://php.net/manual/en/function.mime-content-type.php

echo mime_content_type($fileName);

C. Depreciation

Both mime_content_type & Fileinfo are not properly maintained and they have been depreciated.

Update: It once was incorrectly marked as deprecated in the manual, but it has been fixed https://bugs.php.net/bug.php?id=71367 on the 14th of January 2016. As can see supports 7.0 so not discontinued at all.

Alternatively can suggest you look at the following links for replacement

Getting mime type of zipped files

http://www.php.net/manual/en/function.mime-content-type.php#87856

D. You can also use getID3 http://sourceforge.net/projects/getid3/files/getID3%28%29%201.x/1.9.3/ which can check the real mime type for some common files ...

E. Using Linux Command line probably saver 

$mime = shell_exec("file -bi " . escapeshellarg($file));

Or on Mac

$mime = shell_exec("file -b --mime ".escapeshellarg($file));

Finally

Why do you want to work on $_FILES['file']['tmp_name'][$i] directly ?? This has been know to give so many issues

try

$tempDir = ""; // Temp
foreach ( $_FILES ["file"] ["error"] as $key => $error ) {
    if ($error == UPLOAD_ERR_OK) {
        $tmp_name = $_FILES ["file"] ["tmp_name"] [$key];
        $name = $_FILES ["file"] ["name"] [$key];
        $tempFile = "$tempDir/$name";
        move_uploaded_file ( $tmp_name, $tempFile );
        echo $user->get_mime ( $tempFile );
        unlink ( $tempFile );

    }
}
ficuscr
  • 6,975
  • 2
  • 32
  • 52
Baba
  • 94,024
  • 28
  • 166
  • 217
  • Hello, thank you for your comment. I understand completely where you are coming from, and I have now understood where I am going wrong anyway, I am currently coding a uploader that will allow me to define what extensions and filetypes are allowed, I know that $_FILES will return the MIMETYPE, but it is very easily fooled(i.e saving print "Hello World" into a jpeg with php tags, it will return "image/jpeg". I am coding a secure uploader, and I would like to chose what files are uploaded, however I guess it will be creating a platform that allows all filetypes, as it seems near-impossible to – Jake Ball Apr 29 '12 at 22:52
  • get the correct & true MIMETYPE of any given file in the $_FILES array. Thank you for your comment – Jake Ball Apr 29 '12 at 22:53
  • Hey @Baba, thanks for your in-depth reply. You have essentially outlined exactly what I was planning to do, I move the temporary file to a folder, where I will then call the finfo function to get the true, or a better idea of the MIMETYPE which will then determine if the file is uploaded to the public server or discarded from the server. I have got up to the moving the files to a temp folder, however what is causing problems is fileinfo, it still persists on "failing", I have updated my post to reflect that. – Jake Ball Apr 30 '12 at 21:07
  • If you are only going to use images use getimagesize ... It would tell you if its a valid image, height , width and also return mime type – Baba May 01 '12 at 09:53
  • @Baba, You say "Both mime_content_type & Fileinfo are not properly maintained and they have been depreciated". Could you provide a citation as I think that is incorrect. Maybe you mean the "magic file" junk that used to be a dependency? – ficuscr Jul 21 '17 at 17:11
2

You should check if the magic file you are trying to use exists and can be read by php.

Try :

$finfo = finfo_open(FILEINFO_MIME, "/usr/share/file/magic.mime");

if (!$finfo) {
    echo "Opening fileinfo database failed";
    exit();
}

finfo_close($finfo);
ilanco
  • 9,581
  • 4
  • 32
  • 37