From afa282f0ad2a7155766a69b605e27347d6c5f6fb Mon Sep 17 00:00:00 2001
From: Derek Jones <derek.jones@ellislab.com>
Date: Tue, 10 Feb 2009 17:11:52 +0000
Subject: added sanity check for images in is_allowed_filetype() using
 getimagesize()

---
 system/libraries/Upload.php | 15 +++++++++++++--
 user_guide/changelog.html   |  1 +
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php
index 54124bc3d..e40ef2bad 100644
--- a/system/libraries/Upload.php
+++ b/system/libraries/Upload.php
@@ -556,11 +556,22 @@ class CI_Upload {
 			$this->set_error('upload_no_file_types');
 			return FALSE;
 		}
-			 	
+
+		$image_types = array('gif', 'jpg', 'jpeg', 'png', 'jpe');
+
 		foreach ($this->allowed_types as $val)
 		{
 			$mime = $this->mimes_types(strtolower($val));
-		
+
+			// Images get some additional checks
+			if (in_array($val, $image_types))
+			{
+				if (getimagesize($this->file_temp) === FALSE)
+				{
+					return FALSE;
+				}
+			}
+
 			if (is_array($mime))
 			{
 				if (in_array($this->file_type, $mime, TRUE))
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index c66ff2314..cb9a370bf 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -95,6 +95,7 @@ SVN Revision: </p>
 			<li>Added 'application/msexcel' to config/mimes.php for .xls files.</li>
 			<li>Added 'proxy_ips' config item to whitelist reverse proxy servers from which to trust the HTTP_X_FORWARDED_FOR header to
 				to determine the visitor's IP address.</li>
+			<li>Improved accuracy of Upload::is_allowed_filetype() for images (#6715)</li>
 		</ul>
 	</li>
 </ul>
-- 
cgit v1.2.3-24-g4f1b