我正在与HTML5的文件API（教程这里），我需要验证文件是否是一个图像或没有。主要的问题是，与正常上传，我可以打电话和getimagesize（）和作为参数，路径到临时文件 - 然后决定将其存储在服务器或不

I'm working with the HTML5's File API (tutorial here) and I need to validate whether a file is an image or not. The main issue is that with a normal upload, I could call getimagesize() and as the parameter, the path to the temporary file -- and then decide to store it on the server or not.

然而，随着文件上传API，该文件将与 PHP：//输入 ，它返回传输的实际位数

However, with the File Upload API, the files are received with php://input, which returns the actual bits of the transfer.

什么是在这种情况下验证的最好方法？我一定要算账存储位的物理位置，然后对其进行验证，并删除它，或者它是一个更好的办法？

What's the best way to validate in this situation? Do I have to store the bits to a physical location and then validate it and delete it afterwards or is it a better way?

感谢。

推荐答案

如果它是一个图像将您存储在磁盘上？如果是的话，那么我会说，最好的方法是创建一个临时文件，写入数据，然后判断是否与正规函数的图像，如果是将临时文件到最终目的地，否则只是删除

If it's an image will you store it on disk? If yes, then I'd say the best way would be to create a temporary file, write the data and then check if it's an image with the regular functions, if it is move the temporary file to the final destination, otherwise just delete it.

如果由于某种原因，你不想这样做，你可以检查幻数在输入数据（这里是一个更完整的列表）。但裸记住，这是更有可能比通常的解决方案失败。

If for some reason you don't want to do this you can check for magic numbers in the incoming data (here is a more complete list). However bare in mind that this is more likely to fail than the usual solutions.