From 03ddfbbaf1ba078df16638c642f8a3a9d8ca8c1c Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Fri, 15 Jun 2012 14:10:20 +0100
Subject: [PATCH] [ticket/10963] Modified filespec::is_image() to check actual
 mimetype

Modified filespec::is_image() to check the Fileinfo mimetype rather than
trusting the browser.

PHPBB3-10963
---
 phpBB/includes/functions_upload.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php
index f70e20e616..f3ae9d6cc4 100644
--- a/phpBB/includes/functions_upload.php
+++ b/phpBB/includes/functions_upload.php
@@ -151,7 +151,10 @@ class filespec
 	*/
 	function is_image()
 	{
-		return (strpos($this->mimetype, 'image/') !== false) ? true : false;
+		$finfo = new finfo(FILEINFO_MIME_TYPE);
+		$mimetype = $finfo->file($this->filename);
+
+		return (strpos($mimetype, 'image/') !== false) ? true : false;
 	}
 
 	/**
@@ -342,6 +345,7 @@ class filespec
 
 			// Remove temporary filename
 			@unlink($this->filename);
+			$this->filename = $this->destination_file;
 
 			if (sizeof($this->error))
 			{