Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
i'd like to filter out the renamed bmp files.
Comment | File | Size | Author |
---|---|---|---|
#7 | filefield_check_type.patch | 1.14 KB | quicksketch |
#6 | filefield_check_type.patch | 1.15 KB | quicksketch |
#2 | patch10.patch | 975 bytes | Scott Reynolds |
Comments
Comment #1
sirkitree CreditAttribution: sirkitree commentedDidn't imagefield used to be dependent upon filefield? If it was it would be able to use the mimedetect.module (which is now a requirement of filefield) to accomplish this.
Comment #2
Scott Reynolds CreditAttribution: Scott Reynolds commentedThis patch seems correct. It prevents me from uploading a tar.gz that i renamed to a png. It only uses mimedetect if the module exists.
Comment #3
dopry CreditAttribution: dopry commentedthis looks good until I can come up with better options for mime filtering.
Comment #4
drewish CreditAttribution: drewish commentedduplicating the whole array of mime types seems kind of redundant...
how about
Comment #5
drewish CreditAttribution: drewish commentedsince there's not really a current patch.
Comment #6
quicksketchThe current filefield_validate_is_image() check is now done using image_get_info() which is a good rudimentary check. Instead of changing the is_image function (which isn't used by ImageField now anyway) we should add mime type checking to the extension check.
I think this should be effective, though I'm not entirely comfortable with MimeDetect and core's own detection quite yet.
Comment #7
quicksketchHeh, well I better actually check the right property ($file->filemime) otherwise we won't be able to upload anything. :)
Comment #8
quicksketchSome mime-type checking is certainly better than no mime-type checking (like the current approach). I committed this since it's not going to do any harm since users can easily get the old behavior by disabling the mimedetect module, which still isn't required for the Drupal 6 version.