On Jul 18, 2007, at 9:33 AM, Wayne E. Seguin wrote:

> On Jul 18, 2007, at 10:25 , John Joyce wrote:
>> I know how to validate a file based only on the file name dot  
>> extension, but this seems wholly insecure to me.
>> I feel that just testing for .jpg, .png, .jpeg, .gif, etc... is  
>> not enough.
>> Clearly renaming a file to anything at all is easy to do.
>> How can I read into the file and check to see if it is is actually  
>> a file of a given image type? Is there file header info to look for ?
>> Such as a particular byte sequence at a particular location in the  
>> file?
>>
>>
>> John Joyce
>
> Use the unix file command `file #{file_name}`
>
> example:
>
> > file the.gif
> the.gif: GIF image data, version 89a, 91 x 91
>
> --
> Wayne E. Seguin
> Sr. Systems Architect & Systems Admin
> wayneseguin / gmail.com
>
>
>
The file command and bindings to it are OK, but results are not  
consistent across common image file types.  What's worse is that the  
code would be unportable. Ideally, the solution would rely simply on  
the file format internally and thus be portable.