mp3 upload mimetype being missed by firefox specically

Question

I have a file upload, it works great in everything except for firefox, it keeps saying the mimetype isnt supported. This is my code:

 if(isset($_POST[submitfile]))
 {
     $uploadedsong = $_FILES['soup']['tmp_name'];
           $mimetype = $_FILES['soup']['type'];
                 if($mimetype=="audio/mpeg"||$mimetype=="audio/x-mpeg-3"||$mimetype=="audio/mp3"||$mimetype=="audio/x-mpeg"||$mimetype=="audio/x-mp3"||$mimetype=="audio/mpeg3"||$mimetype=="audio/x-mpeg3"||$mimetype=="audio/mpg"||$mimetype=="audio/x-mpg"||$mimetype=="audio/x-mpegaudio")
                 {

This is allowing uploads for every browser, EXCEPT firefox! extremely frustrating, i dont know why this is happening. Any ideas?

Which one is giving firefox to you? – hakre Feb 26 '12 at 02:20 — hakre, Feb 26 '12 at 02:20
Not the version but the mime-type. – hakre Feb 26 '12 at 02:22 — hakre, Feb 26 '12 at 02:22

score 2 · Accepted Answer · edited Jun 20 '20 at 09:12

2

The mime-type for the file-upload is totally informative and not further explicitly (and specifically) binding of what's-o-ever. Don't rely to it.

Firefox is doing nothing wrong here, it's the wrong expectations you've coded into your script - from the PHP Manual^Docs:

$_FILES['userfile']['type']

The mime type of the file, if the browser provided this information. An example would be "image/gif". This mime type is however not checked on the PHP side and therefore don't take its value for granted.

So the use of this information is limited, it is not strict.

You should log which mime-type was uploaded, because you can't test against all browser/OS combinations.

Inspecting the file is necessary as well if you want to ensure it follows the convention of a mp3 file. Next to fileinfo^Docs (which is for all files), there is php-reader and Zend_Mimme_Magic and a lot of other mp3 files related libraries.

edited Jun 20 '20 at 09:12

Community

1
1

answered Feb 26 '12 at 02:22

hakre

193,403
52
435
836

im not quite sure what you mean, im using the mime-type for verification purposes, and i strip the extension and rename it to .mp3, is this bad practice? how should i be going about the upload otherwise? – JimmyBanks Feb 26 '12 at 02:23
Then take a look which mime-type (content-type) string Firefox sends to your script and check if it's missing in your list. Technically any browser can send any kind of content-type to you (including `application/octet-stream` which just means binary file) - regardless of what the file is. A Browser does not verify anything if a user selects a file for upload. It often only adds the information the underlying operating system is providing about the file. – hakre Feb 26 '12 at 02:31
oh okay, thanks for the explanation, so it isnt reliable whatsoever, dang. – JimmyBanks Feb 26 '12 at 07:18

score 1 · Answer 2 · answered Feb 26 '12 at 02:22

1

Try using this to get the mime type

$file_info = new finfo(FILEINFO_MIME); $mime_type = $file_info->file($file);

answered Feb 26 '12 at 02:22

Alex

11,479
6
28
50

i get "class 'finfo' not found when trying to use this function – JimmyBanks Feb 26 '12 at 03:16
You need to install the fileinfo extension for this one to woork or upgrade to php 5.3 – Alex Feb 26 '12 at 03:43

mp3 upload mimetype being missed by firefox specically

2 Answers2