wp_check_filetype_and_ext() – Attempts to determine the real file type of a file.
You appear to be a bot. Output may be restricted
Description
Attempts to determine the real file type of a file.
If unable to, the file name extension will be used to determine type. If it's determined that the extension does not match the file's real type, then the "proper_filename" value will be set with a proper filename and extension. Currently this function only supports renaming images validated via wp_get_image_mime().
Usage
$array = wp_check_filetype_and_ext( $file, $filename, $mimes );
Parameters
- $file
- ( string ) required – Full path to the file.
- $filename
- ( string ) required – The name of the file (may differ from $file due to $file being in a tmp directory).
- $mimes
- ( string[]|null ) optional – Optional. Array of allowed mime types keyed by their file extension regex. Defaults to the result of get_allowed_mime_types().
- $ext
- ( string|false ) optional – File extension, or false if the file doesn't match a mime type.
- $type
- ( string|false ) optional – File mime type, or false if the file doesn't match a mime type.
- $proper_filename
- ( string|false ) optional – File name with its correct extension, or false if it cannot be determined. }
Returns
array { Values for the extension, mime type, and corrected filename.
Source
File name: wordpress/wp-includes/functions.php
Lines:
function wp_check_filetype_and_ext( $file, $filename, $mimes = null ) { $proper_filename = false; // Do basic extension validation and MIME mapping. $wp_filetype = wp_check_filetype( $filename, $mimes ); $ext = $wp_filetype['ext']; $type = $wp_filetype['type']; // We can't do any further validation without a file to work with. if ( ! file_exists( $file ) ) { return compact( 'ext', 'type', 'proper_filename' ); } $real_mime = false; // Validate image types. if ( $type && str_starts_with( $type, 'image/' ) ) { // Attempt to figure out what type of image it actually is. $real_mime = wp_get_image_mime( $file ); if ( $real_mime && $real_mime !== $type ) { /** * Filters the list mapping image mime types to their respective extensions. * * @since 3.0.0 * * @param array $mime_to_ext Array of image mime types and their matching extensions. */ $mime_to_ext = apply_filters( 'getimagesize_mimes_to_exts', array( 'image/jpeg' => 'jpg', 'image/png' => 'png', 'image/gif' => 'gif', 'image/bmp' => 'bmp', 'image/tiff' => 'tif', 'image/webp' => 'webp', ) ); // Replace whatever is after the last period in the filename with the correct extension. if ( ! empty( $mime_to_ext[ $real_mime ] ) ) { $filename_parts = explode( '.', $filename ); array_pop( $filename_parts ); $filename_parts[] = $mime_to_ext[ $real_mime ]; $new_filename = implode( '.', $filename_parts ); if ( $new_filename !== $filename ) { $proper_filename = $new_filename; // Mark that it changed. } // Redefine the extension / MIME. $wp_filetype = wp_check_filetype( $new_filename, $mimes ); $ext = $wp_filetype['ext']; $type = $wp_filetype['type']; } else { // Reset $real_mime and try validating again. $real_mime = false; } } } // Validate files that didn't get validated during previous checks. if ( $type && ! $real_mime && extension_loaded( 'fileinfo' ) ) { $finfo = finfo_open( FILEINFO_MIME_TYPE ); $real_mime = finfo_file( $finfo, $file ); finfo_close( $finfo ); $google_docs_types = array( 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', ); foreach ( $google_docs_types as $google_docs_type ) { /* * finfo_file() can return duplicate mime type for Google docs, * this conditional reduces it to a single instance. * * @see https://bugs.php.net/bug.php?id=77784 * @see https://core.trac.wordpress.org/ticket/57898 */ if ( 2 === substr_count( $real_mime, $google_docs_type ) ) { $real_mime = $google_docs_type; } } // fileinfo often misidentifies obscure files as one of these types. $nonspecific_types = array( 'application/octet-stream', 'application/encrypted', 'application/CDFV2-encrypted', 'application/zip', ); /* * If $real_mime doesn't match the content type we're expecting from the file's extension, * we need to do some additional vetting. Media types and those listed in $nonspecific_types are * allowed some leeway, but anything else must exactly match the real content type. */