i'd like to filter out the renamed bmp files.
Didn't imagefield used to be dependent upon filefield? If it was it would be able to use the mimedetect.module (which is now a requirement of filefield) to accomplish this.
This patch seems correct. It prevents me from uploading a tar.gz that i renamed to a png. It only uses mimedetect if the module exists.
this looks good until I can come up with better options for mime filtering.
duplicating the whole array of mime types seems kind of redundant...
$filemime = module_exists('mimedetect') ? mimedetect_mime($file) : $file->filemime;
return in_array($filemime, array('image/jpg', 'image/pjpeg', 'image/jpeg', 'image/png', 'image/gif'));
since there's not really a current patch.
The current filefield_validate_is_image() check is now done using image_get_info() which is a good rudimentary check. Instead of changing the is_image function (which isn't used by ImageField now anyway) we should add mime type checking to the extension check.
I think this should be effective, though I'm not entirely comfortable with MimeDetect and core's own detection quite yet.
Heh, well I better actually check the right property ($file->filemime) otherwise we won't be able to upload anything. :)
Some mime-type checking is certainly better than no mime-type checking (like the current approach). I committed this since it's not going to do any harm since users can easily get the old behavior by disabling the mimedetect module, which still isn't required for the Drupal 6 version.
Automatically closed -- issue fixed for 2 weeks with no activity.
Drupal is a registered trademark of Dries Buytaert.