| | 296 | // If the file claims to be an image, validate it's extension |
| | 297 | if ( 'image/' == substr( $type, 0, 6 ) && is_uploaded_file( $file['tmp_name'] ) ) { |
| | 298 | // Get the image's true MIME |
| | 299 | $imgstats = @getimagesize( $file['tmp_name'] ); |
| | 300 | |
| | 301 | // If the real MIME doesn't match the claimed MIME |
| | 302 | if ( !empty($imgstats['mime']) && $imgstats['mime'] != $type ) { |
| | 303 | // Figure out what the extension should be |
| | 304 | $mime_to_ext = apply_filters( 'image_mime_to_ext', array( |
| | 305 | 'image/jpeg' => 'jpg', |
| | 306 | 'image/png' => 'png', |
| | 307 | 'image/gif' => 'gif', |
| | 308 | 'image/bmp' => 'bmp', |
| | 309 | 'image/tiff' => 'tif', |
| | 310 | ) ); |
| | 311 | |
| | 312 | // Replace whatever's after the last period in the filename with the correct extension |
| | 313 | if ( !empty($mime_to_ext[$imgstats['mime']]) ) { |
| | 314 | $filename_parts = explode( '.', $file['name'] ); |
| | 315 | array_pop( $filename_parts ); |
| | 316 | $filename_parts[] = $mime_to_ext[$imgstats['mime']]; |
| | 317 | $file['name'] = implode( '.', $filename_parts ); |
| | 318 | } |
| | 319 | } |
| | 320 | } |
| | 321 | |
