I have an api which accepts image in base64 encoded format from an android app, stores in in a location. The code that I found online for doing so is :
// Get image string posted from Android App
$base=$_REQUEST['image'];
// Get file name posted from Android App
$filename = $_REQUEST['filename'];
// Decode Image
$binary=base64_decode($base);
header('Content-Type: bitmap; charset=utf-8');
// Images will be saved under 'www/imgupload/uplodedimages' folder
$file = fopen('uploadedimages/'.$filename, 'wb');
// Create File
fwrite($file, $binary);
fclose($file);
I had my own, maybe not so popular way! I add some special string in beginning of the base 64 string, and in php, I check for it, if it was present, I know it was from my app and I remove the string from the base64 and decode and save the image! The php code, is it me thing like this : Here $base is the base 64 string came from app, which should have the prefix!
// here, $prefix, is the string that we added in the beginning of our base64 string
$prefix = "*%%*SOME_SPECIAL_CHARACTERS*%%*";
if (substr($base, 0, strlen($prefix)) == $prefix) {
$base = substr($base, strlen($prefix));
} else {
networkError("CHAR", -2);
}
// Decode Image
$binary = base64_decode($base);
Of curse still a professional hacker can hack this, but they hack anything