I'm having a problem with detecting the right type of an image file. Using $image['type'] gives me: image/jpeg, but If I use $image['mime'] It gives me: image/webp.
I need to detect the right type of the image so I can upload it to my server.
Which one shoud I use and why?
Thanks in advance.
Both are unreliable. Because both rely on data specified by logic outside your own control: the file name extension based approach obviously is unreliable, since anyone can specify whatever "dot something" he/she wants to append to a file name. And the mime type indication is set by the client side, so it depends on a variety of aspects and can easily be spoofed too.
The best bet would be to use the server side OS capabilities to actually test the content of the file instead of relying on data provided by others. SO for example the file command under typical Linux based systems.
The question I'd like to ask back, meant as a thought for you to re-think your approach: why do you need to detect that? Why is that required? Why can't you simply accept whatever the client side uploads (with size limits applied)?