verot.net - RSS

class.upload.php version 0.29 released

Wed, 03 Feb 2010 15:43:00

I am pleased to announce the release of the version 0.29 of the script class.upload.php. The class is now compatible with PHP 5.3. MIME detection is stronger, and more documented. Malicious images cannot be uploaded.

Plans for version 0.30

Mon, 01 Feb 2010 01:13:00

I will implement some of the following functionalities in the next version of the class:

support for UTF-8 text and TTF fonts
resize an image as the percentage of the original dimensions
drop shadows
replace a color with transparency
add an opacity setting to create semi-transparent images

And maybe:

rotate pictures in any angle
support for IPTC and EXIF data
round corners
image overlay to create borders and corners
correction of color levels
alpha masks
unsharp mask

If you want other features, please contact me. If you like to see development on the class happening faster, don't hesitate to donate!

class.upload.php version 0.28 released

Mon, 10 Aug 2009 20:59:00

I am pleased to announce the release of the version 0.28 of the script class.upload.php. The class is now compatible with PHP 5.3. MIME detection is stronger, and more documented. Safe mode handling has been improved.

Release of 0.28RC4

Sat, 18 Jul 2009 14:26:00

I have released a test version 0.28RC4, with support for PHP 5.3, and improved MIME type detection amongst other things. You can get it here

Release of 0.28RC3

Mon, 29 Jun 2009 01:08:00

I have released a test version 0.28RC3, with improved MIME type detection. You can get it here

Ratings on PHP Classes

Thu, 28 May 2009 18:04:00

The class is ranking second best rated in this month's PHP classes charts. Thanks!

class.upload.php version 0.27 released

Thu, 14 May 2009 00:02:00

I am pleased to announce the release of the version 0.27 of the script class.upload.php. MIME detection is stronger, transparency replacement for true color images has been improved, and you can now crop a picture before resizing it. Many translation files were added.

class.upload.php version 0.26 released

Thu, 13 Nov 2008 21:46:00

I am pleased to announce the release of the version 0.26 of the script class.upload.php. It is a major update, with a substantial rewrite of the MIME detection code, support for Flash uploaders, and some new features and improvements.

Release of 0.26RC2

Sat, 06 Sep 2008 00:37:00

I have released a test version 0.26RC2, which is more secure, and should work with Flash uploaders.

You can get it here.

This version fixes a few bugs, but most notable rewrites the entire MIME type detection. The class is now using Fileinfo PECL extension, UNIX file() command, MIME magic, and getimagesize(), in that order, to detect the MIME type. The MIME type as sent by the browser (or guessed from the file extension in case of Flash) will be used only if all the previous methods fail.

Please use it and test it. Some of the MIME detection routines depend on the OS, so I couldn't test everything. If you use a Flash uploader, can you also give a go to 0.26RC2

Release of 0.26RC1 for Flash uploaders

Fri, 01 Feb 2008 01:40:00

I have released a test version 0.26RC1, which should work with Flash uploaders.

You can get it here.

However, I think it creates a security hole as it makes the class to rely on the file extension when the MIME type is application/octet-stream, thus enabling an attacker to upload a malicious file with an image extension.

I will do some further checking, and may do some more groundwork to allow Flash, open_basedir and MIME type detection play well together, while making sure it is all secured.

You can check the relevant forum thread.