2

I am using a 3rd party system called Mailgun which stores any emails it receives and then I can query the emails via their API.

The issue I have is the validation of the attachments.

If I rename a word document (.docx) to a CSV file ending (.csv) and attach this file to an email the Mailgun API gives me a URL from which I can download it, so far so good.

However when checking the headers of this file using get_headers it responds back as:

array(7) {
  [0]=>
  string(15) "HTTP/1.1 200 OK"
  ["Content-Disposition"]=>
  string(10) "attachment"
  ["Content-Type"]=>
  string(23) "text/csv; charset=utf-8"
  ["Date"]=>
  string(29) "Tue, 16 Apr 2019 17:07:11 GMT"
  ["Server"]=>
  string(5) "nginx"
  ["Content-Length"]=>
  string(5) "15768"
  ["Connection"]=>
  string(5) "Close"
}

The issue is that I know this file is not a valid CSV file as I have just simply renamed a Word doc to .csv

Therefore my question is what is the best way to validate the file before I download it to my filesystem?

goose84
  • 282
  • 1
  • 2
  • 15
  • 1
    What exactly do you mean by validate in the context of your question? You can't know for sure what the file really is until you retrieve it. As you've shown, simply renaming a file isn't going to actually change the contents. – Dave Apr 16 '19 at 18:13
  • Possible duplicate of [How to check file types of uploaded files in PHP?](https://stackoverflow.com/questions/310714/how-to-check-file-types-of-uploaded-files-in-php) – miken32 Apr 16 '19 at 19:01

0 Answers0