ueditor1_3_6 一点问题记录
文件:getRemoteImage.php
第49行:
if ( !in_array( $fileType , $config[ 'allowFiles' ] ) || stristr( $heads[ 'Content-Type' ] , "image" ) ) { array_push( $tmpNames , "error" ); continue; }
$heads[ 'Content-Type' ] 永远为空,因为没有这个数组键
所以
true || false 退出
false || false 继续执行
$heads[ 'Content-Type' ] 永远为空 为什么为空:
第40行:
$heads = get_headers( $imgUrl );
print_r(get_headers($url)); print_r(get_headers($url, 1)); Array ( [0] => HTTP/1.1 200 OK [1] => Date: Sat, 29 May 2004 12:28:13 GMT [2] => Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) [3] => Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT [4] => ETag: "3f80f-1b6-3e1cb03b" [5] => Accept-Ranges: bytes [6] => Content-Length: 438 [7] => Connection: close [8] => Content-Type: text/html ) Array ( [0] => HTTP/1.1 200 OK [Date] => Sat, 29 May 2004 12:28:14 GMT [Server] => Apache/1.3.27 (Unix) (Red-Hat/Linux) [Last-Modified] => Wed, 08 Jan 2003 23:11:55 GMT [ETag] => "3f80f-1b6-3e1cb03b" [Accept-Ranges] => bytes [Content-Length] => 438 [Connection] => close [Content-Type] => text/html )
所以$heads[ 'Content-Type' ] 永远为空,因为没有这个数组键,结果永远false
所以,在验证的时候,图片的Content-Type 以及非图片的Content-Type 都能够请求成功
达不到//格式验证(扩展名验证和Content-Type验证)里面的Content-Type验证结果。
验证的两点:
1、后缀只能为图片后缀
2、Content-Type 只能为image*