How to accurately obtain the file format through unpack in PHP

Purpose: To identify XML uploaded by a user. 1. The XML uploaded by a user may have a suffix modified, that is, it is a script language but disguised as XML. For example, PHP has solved the following problem: so I use the following code to accurately obtain the file suffix problem 2: The Code reads the first two bytes of the file through fread, in... purpose: To identify the XML File Uploaded by a user

Problem 1: the XML uploaded by the user may be modified by the suffix, that is, it is a script language, but disguised as XML, such as PHP

Solved: the following code is used to accurately obtain the file suffix.

Problem 2: The Code reads the first two bytes of a file through fread, which is very helpful in image recognition, but it is not very clear in the difference between xml and PHP, because the first two bytes are both'

If ($ fp = fopen ($ this-> path, 'rb') = FALSE) {throw new \ Exception ('failed to open the file. ');} If (! ($ Read = fread ($ fp, 2) {throw new \ Exception ('file content read is empty or read failed ');}; $ info = unpack ('c2chars', $ read); $ code = intval ($ info ['chars1']. $ info ['chars2']); fclose ($ fp); switch ($ code) {case 3780: return 'pdf '; case 5666: return 'psd'; case 6033: return 'html '; case 6063: return 'xml'; // php default: throw new \ Exception (the file format is beyond the system's identification range. ');}

Reply content:

Purpose: To identify the XML File Uploaded by a user

Problem 1: the XML uploaded by the user may be modified by the suffix, that is, it is a script language, but disguised as XML, such as PHP

Solved: the following code is used to accurately obtain the file suffix.

Problem 2: The Code reads the first two bytes of a file through fread, which is very helpful in image recognition, but it is not very clear in the difference between xml and PHP, because the first two bytes are both'

If ($ fp = fopen ($ this-> path, 'rb') = FALSE) {throw new \ Exception ('failed to open the file. ');} If (! ($ Read = fread ($ fp, 2) {throw new \ Exception ('file content read is empty or read failed ');}; $ info = unpack ('c2chars', $ read); $ code = intval ($ info ['chars1']. $ info ['chars2']); fclose ($ fp); switch ($ code) {case 3780: return 'pdf '; case 5666: return 'psd'; case 6033: return 'html '; case 6063: return 'xml'; // php default: throw new \ Exception (the file format is beyond the system's identification range. ');}

In fact, I don't think it's as complicated as you think. Don't worry too much about the suffix. The key is the file content. You only need to use XML class for parsing, suchsimplexmlIf it is not a standard XML document, it will returnfalseIn addition, you can also convert all the contentstringPrevents code execution in files.