⚠ In case you've missed it, we have migrated to our new website, with a brand new forum. For more details about the migration you can read our blog post for website migration. This is an archived forum. ⚠

  •     

profile picture

How to validate the format of the image in image crud?



J-c
  • profile picture
  • Member

Posted 15 January 2013 - 20:28 PM

Hello,

I use image crud and i want to upload image files (jpg, png, gif). But image crud allows me to upload anything (txt, mpeg...).
How can i get restrictions ?

I try to change the 'accept_file_types' in libraries/image_crud.php => 'accept_file_types' => '/.[gif|jpeg|jpg|png]$/i'
But it doesn't work. And the application/config/image_crud doesn't have a line like :
$config['image_crud_file_upload_allow_file_types'] = 'gif|jpeg|jpg|png';

Thanks for your help and sorry for my english

J-c
  • profile picture
  • Member

Posted 16 January 2013 - 17:00 PM

nobody ? :(

tlc033
  • profile picture
  • Member

Posted 17 January 2013 - 10:52 AM

Hi J-c and welcome on GC.
Take a loock at class ImageUploadHandler on librarie/image_crud.php (~ line 552)
// The php.ini settings upload_max_filesize and post_max_size
// take precedence over the following max_file_size setting:
'max_file_size' => null,
'min_file_size' => 1,
'accept_file_types' => '/.+$/i',
'max_number_of_files' => null,

Maby it can help you.

J-c
  • profile picture
  • Member

Posted 18 January 2013 - 18:11 PM

Hi tlc033,
thank you for your answer!

I try everything but nothing works :


//'accept_file_types' => '/.[gif|jpeg|jpg|png]$/i',
//'accept_file_types' => 'gif|jpeg|jpg|png',
//'accepted_file_types' => '/(\\.|\\/)(gif|jpeg|jpg|png)$/i',
'accept_file_types' => 'png',


I don't know why.
is it works for you ?

J-c
  • profile picture
  • Member

Posted 20 January 2013 - 19:34 PM

Corrected here by web-johnny : /topic/1269-image-crud-xss-vulnerability/