Working with Images - PHP

2

I have already worked and still work with some image manipulation libraries in PHP , but I decided to study the origin of the manipulations, how they work, how to implement and work with the images.

  

As we know the images are uploaded through a <input type="file"> , which allows uploading any type of file, I'm already considering the changes in HTML and / or JavaScript , which can be done by the malicious user.

I already have a certain treatment through the native errors of $_FILE['image']['error'] , also using getimagesize() to, in a certain way, confirm the truth of the image, using $_FILE['image']['type'] , using MIME and offset 2 taken from own getimagesize() , which looks like this:

//array de arquivos suportados
$support=array(1=>"image/gif",2=>"image/jpg",3=>"image/png");

//informações do getimagesize()
$getimagesize=getimagesize($_FILE['image']['tmp_name']);

//uma das verificações
if($support[$getimagesize[2]]==$getimagesize['mime']){}

Why this type of verification? Because there are ways to create files that are not images with extensions of one, and in addition to that example, I also do a check based on the imagesx and imagesy sizes, to try to prevent possible malicious files as much as possible.

So, during this study, I came across some questions that I have not yet found anything on the internet to heal my doubts, they are:

  • What are the errors, obtained by $_FILES['image']['error'] that still holds the file on the server?

For example, upload a .txt file that is not an image, but is a complete file, it generates $_FILES['image']['error'] == 0 , so the file has been transferred to the temporary folder and I can delete it.

The return of the getimagesize() function is an array containing:

Array
(
    [0] => 500
    [1] => 300
    [2] => 3
    [3] => width="500" height="300"
    [bits] => 8
    [mime] => image/png
)
  • What is the purpose of the bits key and what are its minimum, maximum, and maximum values?
  

Note: I know it's my first question and it may be a bit confusing, but I tried to be as clear as possible, if anyone can help me I'll be grateful.

    
asked by anonymous 20.07.2018 / 20:36

0 answers