Allow to define authorized MIME types in ImageManager::validateUpload()

classes/ImageManager.php

@@ -358,7 +358,7 @@ public static function imagecopyresampled(
      *
      * @param string $filename File path to check
      * @param string $fileMimeType File known mime type (generally from $_FILES)
-     * @param array $mimeTypeList Allowed MIME types
+     * @param array<string>|null $mimeTypeList Allowed MIME types
      *
      * @return bool
      */
@@ -379,14 +379,17 @@ public static function isRealImage($filename, $fileMimeType = null, $mimeTypeLis
             } else {
                 $fileMimeType = false;
             }
-        } elseif (function_exists('finfo_open')) {
+        }
+        if (!$mimeType && function_exists('finfo_open')) {
             $const = defined('FILEINFO_MIME_TYPE') ? FILEINFO_MIME_TYPE : FILEINFO_MIME;
             $finfo = finfo_open($const);
             $mimeType = finfo_file($finfo, $filename);
             finfo_close($finfo);
-        } elseif (function_exists('mime_content_type')) {
+        }
+        if (!$mimeType && function_exists('mime_content_type')) {
             $mimeType = mime_content_type($filename);
-        } elseif (function_exists('exec')) {
+        }
+        if (!$mimeType && function_exists('exec')) {
             $mimeType = trim(exec('file -b --mime-type ' . escapeshellarg($filename)));
             if (!$mimeType) {
                 $mimeType = trim(exec('file --mime ' . escapeshellarg($filename)));
@@ -442,15 +445,17 @@ public static function isCorrectImageFileExt($filename, $authorizedExtensions =
      *
      * @param array $file Upload $_FILE value
      * @param int $maxFileSize Maximum upload size
+     * @param array<string>|null $types Authorized extensions
+     * @param array<string>|null $mimeTypeList Authorized mimetypes
      *
      * @return bool|string Return false if no error encountered
      */
-    public static function validateUpload($file, $maxFileSize = 0, $types = null)
+    public static function validateUpload($file, $maxFileSize = 0, $types = null, $mimeTypeList = null)
     {
         if ((int) $maxFileSize > 0 && $file['size'] > (int) $maxFileSize) {
             return Context::getContext()->getTranslator()->trans('Image is too large (%1$d kB). Maximum allowed: %2$d kB', array($file['size'] / 1024, $maxFileSize / 1024), 'Admin.Notifications.Error');
         }
-        if (!ImageManager::isRealImage($file['tmp_name'], $file['type']) || !ImageManager::isCorrectImageFileExt($file['name'], $types) || preg_match('/\%00/', $file['name'])) {
+        if (!ImageManager::isRealImage($file['tmp_name'], $file['type'], $mimeTypeList) || !ImageManager::isCorrectImageFileExt($file['name'], $types) || preg_match('/\%00/', $file['name'])) {
             return Context::getContext()->getTranslator()->trans('Image format not recognized, allowed formats are: .gif, .jpg, .png', array(), 'Admin.Notifications.Error');
         }
         if ($file['error']) {