hello:
I have a method like following:
def file=(file_field)
#remember to validate the content type
File.open("#{RAILS_ROOT}/public/images/users/#
{file_field.original_filename}",“wb+”) do|i|
i.write(file_field.read)
end
self.photo="/images/users/"+file_field.original_filename
end
i want to use it to upload the image file locally,but how do i make
sure that the uploaded file is image file?
if use the validate_format_of method,i wonder its ability,because any
file can pass its validate as long as the file is named like a
image,such as .jpg.
or use the file_field.content_type to manage the validate?If this
way,how to write the code?
None of these mimetype based methods do anything else but check the
file extension as far as I know.
As a first step we would trust our customers not to rename textfiles
and
upload them as images. If somebody should do it more than once, we
would
most likely lock his account. But we never had any trouble of that
kind.
If you must make sure, that you have an real image file, maybe you
can use a tool like RMagick, open it and try to access some of the
internal binary data like size, to see if RMagick gives an error.
Thorsten M. wrote:
None of these mimetype based methods do anything else but check the
file extension as far as I know.
As a first step we would trust our customers not to rename textfiles
and
upload them as images. If somebody should do it more than once, we
would
most likely lock his account. But we never had any trouble of that
kind.
If you must make sure, that you have an real image file, maybe you
can use a tool like RMagick, open it and try to access some of the
internal binary data like size, to see if RMagick gives an error.
Thank you!I had thought there was a easy and well_known way to do it.