biztonságosabb fájl típus ellenőrzés

getimagesize állítólag nem a legjobb erre

https://www.php.net/manual/en/function.getimagesize.php

interface.php

@@ -45,16 +45,16 @@ function process_uploaded_file($file_info)
     $MINIMUM_SIZE_BY_DIM = 2000; // minimális oldalméret
 
     $tmp_filename = $file_info["tmp_name"];
-    $img_info = getimagesize($tmp_filename);
+    $img_sizes = getimagesize($tmp_filename);
 
     // MIME-ellenőrzés
-    $mime_type = $img_info["mime"];
+    $mime_type = mime_content_type($tmp_filename);
     if (!in_array($mime_type, $ACCEPTED_MIME_TYPES)) { // ha nem megfelelő a fájltípus, akkor visszatérünk -1-gyel
         return MIME_ERROR;
     }
 
     // méretellenőrzés
-    if ($img_info[0] < $MINIMUM_SIZE_BY_DIM && $img_info[1] < $MINIMUM_SIZE_BY_DIM) {
+    if ($img_sizes[0] < $MINIMUM_SIZE_BY_DIM && $img_sizes[1] < $MINIMUM_SIZE_BY_DIM) {
         return SIZE_ERROR;
     }
 
@@ -105,14 +105,14 @@ function publish_image($artwork_details)
 
     //echo mysqli_error($dbconn);
 
-    $img_info = getimagesize($thumb_filename);
+    $img_sizes = getimagesize($thumb_filename);
 
     // felhasználótól jött adatok, ellenőrizni kell
     $author = mysqli_real_escape_string($dbconn, $artwork_details["author"]);
     $title = mysqli_real_escape_string($dbconn, $artwork_details["title"]);
     $desc = mysqli_real_escape_string($dbconn, $artwork_details["desc"]);
     $uid = md5_file($thumb_filename); // valami random...
-    $aspect_ratio = $img_info[0] / $img_info[1];
+    $aspect_ratio = $img_sizes[0] / $img_sizes[1];
     $query = "INSERT INTO publish_table (Author,Title,Description,Image_FileName,AspectRatio,ColorMean,Approved,UID,TS) VALUES('$author', '$title', '$desc', '$final_filename', $aspect_ratio, '$color_mean', TRUE, '$uid', CURRENT_TIMESTAMP);";
 
     $res = mysqli_query($dbconn, $query);