Limit Image Upload Size and Filetype

Hi there,

At the moment I have a field of type image which is currently as follows.

$default      = array();
$thumbnail_id = $data->post_id ? get_post_thumbnail_id( $data->post_id ) : '';
if ( $thumbnail_id ) {
	$default = array( $thumbnail_id );
}
$field = apply_filters( 'rwmb_frontend_post_thumbnail', array(
	'type'             => 'image',
	'name'             => esc_html__( 'Picture', 'rwmb-frontend-submission' ),
	'id'               => '_thumbnail_id',
	'max_file_uploads' => 1,
	'std'              => $default,
) );
$field = RWMB_Field::call( 'normalize', $field );
RWMB_Field::call( $field, 'admin_enqueue_scripts' );
RWMB_Field::call( 'show', $field, false, $data->post_id );

However, one thing I have noticed is that:

There doesn’t seem to be any limitation regarding what kind of file can be uploaded. I uploaded a zip file and it didn’t have any problems with it. Could someone upload a PHP file and then use it to hack a site? Is there a way I can make the image uploader only accept jpg, jpeg and pngs?

There doesn’t seem anything to say the maximum sized image that can be uploaded. Is there a way I can set this?
Is there a way I can also check for aspect ratio and make sure that the user uploads a landscape image rather than portrait?

If this is not possible with the image control, is there another type of field that would allow me to do this?

Jon

• This topic was modified 5 years, 10 months ago by roperjonathan. Reason: Formatting Issues