Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How do I validate an image upload server-side using ColdFusion?

Posted on 2011-02-15
3
Medium Priority
?
379 Views
Last Modified: 2012-05-11
Hello,

I have an image upload on my page and I would like to validate that its actually an image server side after the form submits before I do anything with the image (i.e. actually upload it using <cffile).  I know ColdFusion has the <cfimage tag, but I don't know if that would be the right tag to use / how to use that tag to validate an uploaded image.

I know I could use RegEx to check the file extension, but that doesn't stop someone from saving a text file as .jpg and uploading it.  Therefore, I'm just looking for some good ol' server side validation for an image.

Thanks!!!!!!
0
Comment
Question by:stracqan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 52

Expert Comment

by:_agx_
ID: 34903031
You can use the IsImageFile(pathToFile) function to verify it's a recognized image.  


If upload security is your concern, these 2 are good reads
http://www.petefreitag.com/item/701.cfm
http://www.coldfusionjedi.com/index.cfm/2009/6/30/Are-you-aware-of-the-MIMEFile-Upload-Security-Issue
0
 
LVL 52

Accepted Solution

by:
_agx_ earned 1600 total points
ID: 34903089
>> IsImageFile(pathToFile) function

ie   <cfif IsImageFile(form.nameOfYourFileField)>
          ... good image. do something ...
      </cfif>
0
 

Author Closing Comment

by:stracqan
ID: 34903146
Thanks!!
0

Featured Post

New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The technique is by far very Simple! How we can export the ColdFusion query results to DOC file?  Well before writing this I researched a lot in Internet but did not found a good Answer anyways!  So i thought now i should share my small snippet w…
This is an updated version of a post made on my blog over 3 years ago. It is unfortunately, still very relevant as we continue to see both SQLi (SQL injection) and XSS (cross site scripting) attacks hitting some of the most recognizable website and …
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question