Solved

How do I validate an image upload server-side using ColdFusion?

Posted on 2011-02-15
3
372 Views
Last Modified: 2012-05-11
Hello,

I have an image upload on my page and I would like to validate that its actually an image server side after the form submits before I do anything with the image (i.e. actually upload it using <cffile).  I know ColdFusion has the <cfimage tag, but I don't know if that would be the right tag to use / how to use that tag to validate an uploaded image.

I know I could use RegEx to check the file extension, but that doesn't stop someone from saving a text file as .jpg and uploading it.  Therefore, I'm just looking for some good ol' server side validation for an image.

Thanks!!!!!!
0
Comment
Question by:stracqan
  • 2
3 Comments
 
LVL 52

Expert Comment

by:_agx_
ID: 34903031
You can use the IsImageFile(pathToFile) function to verify it's a recognized image.  


If upload security is your concern, these 2 are good reads
http://www.petefreitag.com/item/701.cfm
http://www.coldfusionjedi.com/index.cfm/2009/6/30/Are-you-aware-of-the-MIMEFile-Upload-Security-Issue
0
 
LVL 52

Accepted Solution

by:
_agx_ earned 400 total points
ID: 34903089
>> IsImageFile(pathToFile) function

ie   <cfif IsImageFile(form.nameOfYourFileField)>
          ... good image. do something ...
      </cfif>
0
 

Author Closing Comment

by:stracqan
ID: 34903146
Thanks!!
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PROBLEM: How to add your own buttons to the bottom toolbar with paging info ( result count ). While creating a cfgrid, I ran into an issue where I wanted to embed my own custom buttons where the default ones ( insert / delete / etc… ) are for aes…
Sometimes databases have MILLIONS of records and we need a way to quickly query that table to return the results me need. Sure you could use CFQUERY but it takes too long when there are millions of records. That is why SOLR was invented. Please …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now