Checking if image URL is valid in PHP
If downloading images using PHP the first step in avoiding errors is ensuring that the URL is valid. A great method for this is to check the URL HTTP response code.
200 means “ok” and the URL is valid and has not changed.
403, 404, 302 and 301 are the several main HTTP codes to seek when checking that the URL no longer contains what it should do.
Using exif_imagetype() as a request method gives the option to also confirm what type of image the content truly is. Then checking for key in the string of the HTTP response header.
$image_url = 'https://i.redd.it/fnxbn804hpd31.jpg'; $image_type_check = @exif_imagetype($image_url);//Get image type + check if exists if (strpos($http_response_header[0], "403") || strpos($http_response_header[0], "404") || strpos($http_response_header[0], "302") || strpos($http_response_header[0], "301")) < echo "403/404/302/301
"; > else < echo "image exists
"; >
The image is taken from Reddit, running the above code (as of this being posted) simply returns “image exists” because the URL is a HTTP response of 200.
If I changed the URL and added some random characters onto it chances are it is not a valid URL and returns “403/404/302/301”.
Another method is to check only for response 200:
$image_url = 'https://i.redd.it/fnxbn804hpd31.jpg'; $image_type_check = @exif_imagetype($image_url); if (strpos($http_response_header[0], "200")) < echo "image exists
"; > else < echo "image DOES NOT exist
"; >
Continuing on with the image EXIF type, you can run checks like:
if ($image_type_check == IMAGETYPE_JPEG)
if ($image_type_check == IMAGETYPE_PNG)
To confirm what type of image. Sometimes JPG can actually be a GIF with the wrong extension
Use PHP To Check Whether Remote URL, Email Or Image Link Exist
In PHP, we have a built-in function file_exist that can help us to verify whether a particular file exist in our directory. However, do you ever have the need to check whether a particular URL, email or image link exist? We can use regular express to validate that the syntax of an email is correct but won’t it be nice to reduce the amount of spam mail received? How about those images you have on your site? Won’t you want to check whether there is a broken image or url link? Well, i have! Its always good to be informed in advance than meeting dissatisfy visitors. Anyway, in this article you will get to find and learn some of the more efficient and quicker ways to verify whether a particular link exist to use on your web application.
Check Remote Image Link Exist
There are many ways to check whether a particular image link exist after the introduce of PHP 5, GetImageSize. GetImageSize allows us to take in a remote link to retrieve the size of the image. Hence, we can do a simple check such as the one shown below,
$external_link = ‘http://www.example.com/example.jpg’; if (@GetImageSize($external_link)) < echo "image exists "; >else
The above work well for any server that had GD installed. But there are more problem than just the one mention. This method is actually inefficient as it will download the entire image into your server before checking it. Thus, making the process very long. There might also be security risk as mention on Secure File Upload Check List that many image format allow comment to be embedded within the image and these comment might just be some PHP code that hacker has written. In short, this method download file from remote server to your server and take the risk of hacker using it to run malicious code after it has been downloaded on your server. BOMB! So if you are using the above method i advice you to change it and if you insist to use this, you can provide more validation checking for it. Just drop it.
So how do we check Image link in a more secure and quick environment? If you are using curl, you can try the following script:
function checkRemoteFile($url) < $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$url); // don't download content curl_setopt($ch, CURLOPT_NOBODY, 1); curl_setopt($ch, CURLOPT_FAILONERROR, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); if(curl_exec($ch)!==FALSE) < return true; >else < return false; >>
Like i said, this will depend on curl. However, it is secure and quick! How about the rest of us? Lucky, PHP also provides another method called file_get_contents. file_get_contents returns the file in a string, starting at the specified offset up to maxlen bytes. On failure, file_get_contents() will return FALSE. With these in mind we can create a function to check that the file downloaded is valid by taking only 1 bytes of information from the file. Hence, whatever evil things exist on the file will only be able to run 1 byte and furthermore the function returns a string where code cannot be run. Thus, this will gives us a simple solution such as the one below,
function url_exists($url) < if(@file_get_contents($url,0,NULL,0,1)) else < return 0;>>
The above one is more secure than the initial one that we have and it has no dependency. The speed for this method is also faster than the initial one. But is there a faster one than the curl version?
Check For Remote URL Link
There are many ways to check whether a remote url link exist. However, checking Remote URL required the page to return certain header code to indicate that the page is successfully loaded (200). Hence, you might not want to use the method for checking image link for url link. Furthermore, For different cases you might be interested with different solution. Assuming you are just checking whether an existing domain exist, you can use the following code
which is written by adam at darkhousemedia dot com. The above method definitely run faster than fopen but for https and domain names but for path url such as ‘http://example.com?p=231’, the above won’t work although the speed is definitely one of the fastest.
Nonetheless, there are still better alternative than the one presented. We can just tried to check the header with the following code:
The above work perfectly without the need to worry about complex code. However, the above method only work for HTTP and PHP 5 and above, other lower version of PHP will not. Therefore, we will need some modification on the above method to cater for lower PHP version.
function is_valid_url($url) < $url = @parse_url($url); if (!$url) < return false; >$url = array_map('trim', $url); $url['port'] = (!isset($url['port'])) ? 80 : (int)$url['port']; $path = (isset($url['path'])) ? $url['path'] : ''; if ($path == '') < $path = '/'; >$path .= (isset($url['query'])) ? "?$url[query] " : ''; if (isset($url['host']) AND $url['host'] != gethostbyname($url['host'])) < if (PHP_VERSION >= 5) < $headers = get_headers( "$url[scheme]://$url[host]:$url[port]$path "); >else < $fp = fsockopen($url['host'], $url['port'], $errno, $errstr, 30); if (!$fp) < return false; >fputs($fp, "HEAD $path HTTP/1.1\r\nHost: $url[host]\r\n\r\n "); $headers = fread($fp, 4096); fclose($fp); > $headers = (is_array($headers)) ? implode( "\n ", $headers) : $headers; return (bool)preg_match('#^HTTP/.*\s+[(200|301|302)]+\s#i', $headers); > return false; > The code here is the more detail version of the previous one which is created by SecondV on forums Dot digitalpoint Dot com. The above code cater for lower PHP version while still using the same approach of getting the return header value. Furthermore, it also validate the URL by using the parse_url method. f_open can also be used to check remote URL link.
function image_exist($url) < if (@fclose(@fopen( $url, "r "))) < // true; >else < // false; >>
However, this method required allow_url_fopen to be enabled on your php.ini file or else it will fail. Furthermore, i will not prefer this method over the previous one as it seems more sense that the page return success due to header code to indicate a success.
We can’t actually check whether a given email exist or not as it really depend on how the SMTP is being setup for each respective mail server. Nonetheless, we are still able to check whether a given domain exist to reduce the number of invalid ones. PHP has a function checkdnsrr which does the work nicely.
function email_exist($email) < list($userid, $domain) = split( "@ ", $email); if (checkdnsrr($domain, "MX ")) < return true;>else < return false;>>
Using the function above will help us to verify whether a particular domain exist to trick user that you have an email checker if they really intend to fake one. However, Windows doesn’t support such function yet. Hence, we will need to create such function just for Windows server.
if(!function_exists('checkdnsrr')) function checkdnsrr($hostName, $recType = '') < if(!empty($hostName)) < if( $recType == '' ) $recType = "MX "; exec( "nslookup -type=$recType $hostName ", $result); // check each line to find the one that starts with the host // name. If it exists then the function succeeded. foreach ($result as $line) < if(eregi( "^$hostName ",$line)) < return true; >> // otherwise there was no mail handler for the domain return false; > return false; > Once you have cater for both Linux and Windows server, you may want to create a full flag function to check on email such as the one shown below:
function check_email($email) < $email_error = false; $Email = htmlspecialchars(stripslashes(strip_tags(trim($email)))); //parse unnecessary characters to prevent exploits if ($Email == " ") < email_error = true; >elseif (!eregi( "^([a-zA-Z0-9._-])+@([a-zA-Z0-9._-])+\.([a-zA-Z0-9._-])([a-zA-Z0-9._-])+ ", $Email)) < email_error = true; >else < list($Email, $domain) = split( "@ ", $Email, 2); if (! checkdnsrr($domain, "MX ")) < email_error = true; >else < $array = array($Email, $domain); $Email = implode( "@ ", $array); >> if (email_error) < return false; >else >
Now we know why we need to verify our email after we sign up for any particular services online! Since we cannot check whether a particular email exist, we will force to send out verification email to our user before they are able to access our portal. However, if you are interested to check through PHP forcefully, you may want to visit webdigi. They create a mail class to verify an email through checking the port of mail SMTP 25 but like i said previously it really depend on how each mail server is being design. This might not work. But we can still force user to verify their email through a simple script shown below,
function check_email($email) < $email_error = false; $Email = htmlspecialchars(stripslashes(strip_tags(trim($email)))); //parse unnecessary characters to prevent exploits if ($Email == " ") < email_error = true; >elseif (!eregi( "^([a-zA-Z0-9._-])+@([a-zA-Z0-9._-])+\.([a-zA-Z0-9._-])([a-zA-Z0-9._-])+ ", $Email)) < email_error = true; >else < list($Email, $domain) = split( "@ ", $Email, 2); if (! checkdnsrr($domain, "MX ")) < email_error = true; >else < $array = array($Email, $domain); $Email = implode( "@ ", $array); >> if (email_error) < return false; >else > function EmailValidation($email) < if (check_email($email)) < $domain = explode( "@ ", $email ); if ( @fsockopen ($domain[1],80,$errno,$errstr,3)) < $code = "here we place a secret key with the email address: $email "; mail($email, "Your Verification Code ", "Please click the following URL to verify your email:\n\n ". $_SERVER['PHP_SELF']. "/?v=$code amp;email=$email ", "From: \ "example\ " [email protected] > "); echo "Your account needs to be verify. We have send you an email, click the link provided and you are verified. "; return true; > else < return false; //if a connection cannot be established return false >> else < return false; //if email address is an invalid format return false >> function EmailForm() < if(empty($_POST['email']))< echo " Email amp;nbsp; "; > elseif(isset($_POST['email'])) < if(EmailValidation($_POST['email'])) < echo "An email has been sent to you. Please follow the instructions to activate your account. "; >else < echo "Your email address appears to be invalid. Please try again. "; >>else elseif(isset($_GET['v']) amp; amp; isset($_GET['email'])) < $clean['emai'] = $_GET['email']; //need to filter these data to be clean $clean['v'] = $_GET['v']; //need to filter these data to be clean $code = "here we place a secret key with the email address: $email "; $code = md5($code); if ($clean['v'] != $code) < echo "The Verification Code is invalid. Please Try Again. "; exit(0); >else echo "The email ".$clean['emai']. " has been verified "; >else < echo "An error has occured, please contact the administrator. "; >> EmailForm();
Might be a bit confusing but i believe you will get the above code since its quite simple. Instead of breaking them into different pages, i sum them up on a single one.
Quick check whether link is broken
Here is another tips to check whether a link is broken.
$file = ‘http://www.domain.com/somefile.jpg’; $file_headers = @get_headers($file); if($file_headers[0] == ‘HTTP/1.1 404 Not Found’) < $exists = false; >else
And the same version on a curl version
credit goes to havran @ http://www.php.net/manual/en/function.file-exists.php#74469
The above solution can help many people to verify the content that the user has entered. Remember it is not safe to trust user input and such verification can come in handle. On the other hand, this can also help us to check broken and invalid links so that we get the information we need from our users. The information above might not be solid but it is good enough for me and hoping it will work for you.
How to Check If String is URL or Not in PHP?
Now, let’s see post of how to check string is url or not in php. This post will give you a simple example of how to check if string is url in php. if you want to see an example of check if string is url php then you are in the right place. you can understand a concept of check value is url or not.
In PHP, you can check if a string is a valid URL or not by using the filter_var() function with the FILTER_VALIDATE_URL filter. Here’s an example code snippet:
$url = «https://www.example.com»;
if (filter_var($url, FILTER_VALIDATE_URL) !== false) echo «$url is a valid URL»;
> else echo «$url is not a valid URL»;
>
In this example, the filter_var() function checks if the $url variable is a valid URL using the FILTER_VALIDATE_URL filter. If the URL is valid, it will return the URL string, otherwise it will return false.
You can also use regular expressions to check if a string matches the format of a URL, but using the filter_var() function is a more reliable and convenient method.
Hardik Savani
I’m a full-stack developer, entrepreneur and owner of Aatman Infotech. I live in India and I love to write tutorials and tips that can help to other artisan. I am a big fan of PHP, Laravel, Angular, Vue, Node, Javascript, JQuery, Codeigniter and Bootstrap from the early stage. I believe in Hardworking and Consistency.
We are Recommending you
- PHP MySQL DataTables Server-side Processing Example
- PHP CKEditor Custom File Upload Example
- PHP — Getting Started PHPUnit Test Example
- PHP Bootstrap Autocomplete Tokenfield using Ajax Example
- PHP Import Excel File into MySQL Database Tutorial
- PHP Capture Screenshot of Website from URL Example
- PHP Remove Duplicates from Multidimensional Array Example
- MySQL Query to Get Current Year Data Example
- How to Get File Name without Extension in PHP?
- How to Remove Specific Element by Value from Array in PHP?
- How to Get Minimum Key Value of Array in PHP?
- How to access PHP variables in JQuery?
- How to Get Product using Rakuten Marketing API in PHP?
- How to Remove Null Values from Array in PHP?