验证上传文件的类型,该怎么处理 -PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

验证上传文件的类型,该怎么处理

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 13, 2016 pm 01:45 PM

infophp

验证上传文件的类型
通过验证后缀名不是一个好办法，因为看见别人使用过将木马的后缀名改为.jpg。然后入侵的例子

那么有没有一个更加安全的方法来验证上传文件的正确类型呢？

------解决方案--------------------
复制粘贴

最烂的方法就是通过$_FILES[...]['type']来检测上传文件的类型，因为只需简单修改文件扩展名就可以伪造它。

另一个相对安全点的方法是通过文件头两个字节的内容来判断上传文件的类型，例子代码如下：

$handle = fopen($_FILES[...]['tmp_name'], 'rb');
$content = fread($handle, 2);
fclose($handle);

$info = unpack('c2chars', $content);

if (emptyempty($info['chars1']) || emptyempty($info['chars2'])) {
exit('Error!');
}

if ($info['chars1'] $info['chars1'] += 256;
}
if ($info['chars2'] $info['chars2'] += 256;
}

$code = $info['chars1'] . $info['chars2'];

PHP中的pack&unpack函数很炫，有兴趣的可以看：Handling binary data in PHP with pack() and unpack()

注：网上搜索的大多数相关的程序没有做256的相关操作，这是我通过试验数据自己意淫的TDD结果，不肯定是否一定正确，读者自己斟酌。

通过switch判断$code变量，就可以对应到文件类型，常见的图片类型结果大致如下：

GIF：7173
JPG：255216
PNG：13780

当然也可以判断其他的文件类型，自己做做试验就知道数值大小了。但此方法也不是一定安全的，因为前两个字节的内容也是可以伪造的，所以最好还要限制一下文件的扩展名，以防意外的解析，比如说，你创建一个名为foobar.php的文件，内容如下：

GIF89

当你使用前两个字节去检测文件类型的时候，就会得出GIF：7173的结果，即便使用shell下的file命令去检测，一样会误认为是GIF图片：

# file foobar.php
foobar.php: GIF image data 16188 x 26736

由于扩展名是.php，那么此文件就被php引擎解析了，如此一来就给了黑客一个web shell，安全也就无从谈起了。所以说限制文件扩展名非常重要，切记！至于已经如何发现这类伪装，最简单的方法是在用shell命令过滤一遍：

# strings foobar.php | grep -i "

如果想彻底屏蔽此类危险，可以考虑使用gd，imagemagick，graphicsmagick等工具把用户上传的图片进行必要的编辑后再转存，这样就能抹去可能的嵌入代码。如果想更安全点，还应该把图片服务器独立出来，不装php，只解析静态文件。

补充：如果仅仅是判断图片的话，还有一个更简单方法，那就是getimagesize，这个方法虽然从名字上看是用来取得图片大小的，但结果里包含了图片类型，另外，虽然这个方法在文档里被归纳在GD部分，但是即便没有安装GD，也是可用的，不过和前面一样，也要注意安全问题。

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

PHP and Python: Different Paradigms ExplainedApr 18, 2025 am 12:26 AM

PHP is mainly procedural programming, but also supports object-oriented programming (OOP); Python supports a variety of paradigms, including OOP, functional and procedural programming. PHP is suitable for web development, and Python is suitable for a variety of applications such as data analysis and machine learning.

PHP and Python: A Deep Dive into Their HistoryApr 18, 2025 am 12:25 AM

PHP originated in 1994 and was developed by RasmusLerdorf. It was originally used to track website visitors and gradually evolved into a server-side scripting language and was widely used in web development. Python was developed by Guidovan Rossum in the late 1980s and was first released in 1991. It emphasizes code readability and simplicity, and is suitable for scientific computing, data analysis and other fields.

Choosing Between PHP and Python: A GuideApr 18, 2025 am 12:24 AM

PHP is suitable for web development and rapid prototyping, and Python is suitable for data science and machine learning. 1.PHP is used for dynamic web development, with simple syntax and suitable for rapid development. 2. Python has concise syntax, is suitable for multiple fields, and has a strong library ecosystem.

PHP and Frameworks: Modernizing the LanguageApr 18, 2025 am 12:14 AM

PHP remains important in the modernization process because it supports a large number of websites and applications and adapts to development needs through frameworks. 1.PHP7 improves performance and introduces new features. 2. Modern frameworks such as Laravel, Symfony and CodeIgniter simplify development and improve code quality. 3. Performance optimization and best practices further improve application efficiency.

PHP's Impact: Web Development and BeyondApr 18, 2025 am 12:10 AM

PHPhassignificantlyimpactedwebdevelopmentandextendsbeyondit.1)ItpowersmajorplatformslikeWordPressandexcelsindatabaseinteractions.2)PHP'sadaptabilityallowsittoscaleforlargeapplicationsusingframeworkslikeLaravel.3)Beyondweb,PHPisusedincommand-linescrip

How does PHP type hinting work, including scalar types, return types, union types, and nullable types?Apr 17, 2025 am 12:25 AM

PHP type prompts to improve code quality and readability. 1) Scalar type tips: Since PHP7.0, basic data types are allowed to be specified in function parameters, such as int, float, etc. 2) Return type prompt: Ensure the consistency of the function return value type. 3) Union type prompt: Since PHP8.0, multiple types are allowed to be specified in function parameters or return values. 4) Nullable type prompt: Allows to include null values and handle functions that may return null values.

How does PHP handle object cloning (clone keyword) and the __clone magic method?Apr 17, 2025 am 12:24 AM

In PHP, use the clone keyword to create a copy of the object and customize the cloning behavior through the \_\_clone magic method. 1. Use the clone keyword to make a shallow copy, cloning the object's properties but not the object's properties. 2. The \_\_clone method can deeply copy nested objects to avoid shallow copying problems. 3. Pay attention to avoid circular references and performance problems in cloning, and optimize cloning operations to improve efficiency.

PHP vs. Python: Use Cases and ApplicationsApr 17, 2025 am 12:23 AM

PHP is suitable for web development and content management systems, and Python is suitable for data science, machine learning and automation scripts. 1.PHP performs well in building fast and scalable websites and applications and is commonly used in CMS such as WordPress. 2. Python has performed outstandingly in the fields of data science and machine learning, with rich libraries such as NumPy and TensorFlow.

See all articles