检查上传的文件是否为视频

Question

我想检查不受信任的用户上传的文件是否是视频文件。

我在Google上进行了搜索，大多数答案都建议检查MIME类型，甚至解析扩展名。

How to check a file is video type or not in php?

这真的很糟糕，因为它可以被欺骗。 第三个答案建议使用unix file命令，但是我不确定是否应该以这种方式使用它。

有没有办法识别上传的视频？到目前为止，我发现的只是预防措施，而不是实际答案（请参见What is the most secure method for uploading a file?）

Answer 1

您可以使用getid3类... http://getid3.sourceforge.net/

$file = ROOT_PATH.'upload/big_buck_bunny.mp4';//change this to match file path

require_once('getid3/getid3.php');
$engine = new getID3;
$fileinfo = $engine->analyze($file);

检查是否存在$fileinfo['video']或$fileinfo['mime_type']包含video/

echo '<pre>'; print_r($fileinfo); echo '</pre>';返回：

Array
(
    [GETID3_VERSION] => 1.9.15-201806201619
    [filesize] => 5510872
    [filepath] => C:/workspace/sites/test/upload
    [filename] => big_buck_bunny.mp4
    [filenamepath] => C:/workspace/sites/test/upload/big_buck_bunny.mp4
    [avdataoffset] => 37114
    [avdataend] => 5510872
    [fileformat] => mp4
    [audio] => Array
        (
            [dataformat] => mp4
            [codec] => ISO/IEC 14496-3 AAC
            [sample_rate] => 22050
            [channels] => 2
            [bits_per_sample] => 16
            [lossless] => 
            [channelmode] => stereo
            [streams] => Array
                (
                    [0] => Array
                        (
                            [dataformat] => mp4
                            [codec] => ISO/IEC 14496-3 AAC
                            [sample_rate] => 22050
                            [channels] => 2
                            [bits_per_sample] => 16
                            [lossless] => 
                            [channelmode] => stereo
                        )

                )

        )

    [video] => Array
        (
            [dataformat] => quicktime
            [rotate] => 0
            [resolution_x] => 640
            [resolution_y] => 360
            [fourcc] => avc1
            [fourcc_lookup] => H.264/MPEG-4 AVC
            [frame_rate] => 7.317
            [lossless] => 
            [pixel_aspect_ratio] => 1
        )

    [warning] => Array
        (
            [0] => Unknown QuickTime atom type: "hmhd" (68 6d 68 64), 28 bytes at offset 20144
            [1] => Unknown QuickTime atom type: "hmhd" (68 6d 68 64), 28 bytes at offset 30893
        )

    [comments] => Array
        (
            [language] => Array
                (
                    [0] => English
                )

        )

    [encoding] => UTF-8
    [mime_type] => video/mp4

    ---------- THERE IS WAY MORE STUFF HERE "print_r()" TO SEE ALL ----------

    [time_scale] => 22050
            [display_scale] => 1
            [video] => Array
                (
                    [rotate] => 0
                    [resolution_x] => 640
                    [resolution_y] => 360
                    [frame_rate] => 7.317
                    [frame_count] => 1
                )

            [audio] => Array
                (
                    [codec] => mp4
                    [sample_rate] => 22050
                    [channels] => 2
                    [bit_depth] => 16
                )

            [stts_framecount] => Array
                (
                    [0] => 1295
                    [1] => 1440
                    [2] => 1440
                    [3] => 648
                )

            [free] => Array
                (
                    [hierarchy] => free
                    [name] => free
                    [size] => 8
                    [offset] => 37098
                )

            [mdat] => Array
                (
                    [hierarchy] => mdat
                    [name] => mdat
                    [size] => 5473766
                    [offset] => 37106
                )

            [encoding] => UTF-8
        )

    [playtime_seconds] => 60.095
    [bitrate] => 728680.65562859
    [playtime_string] => 1:00
)