关于文件名，随机命名绝对是个好主意，可以解决很多麻烦.

Regarding file names, random names are definitely a good idea and take away a lot of headaches.

如果您想完全确保内容干净，请考虑使用 GD 或 ImageMagick 将传入的图像 1:1 复制到新的空图像中.

If you want to make totally sure the content is clean, consider using GD or ImageMagick to copy the incoming image 1:1 into a new, empty one.

这会稍微降低图像质量，因为内容会被压缩两次，但它会删除原始图像中存在的任何 EXIF 信息.用户通常甚至不知道有多少信息被放入 JPG 文件的元数据部分！相机信息、位置、时间、使用的软件......对于托管图像的网站来说，为用户删除这些信息是很好的政策.

That will slightly diminish image quality because content gets compressed twice, but it will remove any EXIF information present in the original image. Users are often not even aware how much info gets put into the Metadata section of JPG files! Camera info, position, times, software used... It's good policy for sites that host images to remove that info for the user.

此外，复制图像可能会摆脱大多数使用错误图像数据导致查看器软件溢出并注入恶意代码的漏洞.这样处理过的图像很可能对 GD 来说是不可读的.

Also, copying the image will probably get rid of most exploits that use faulty image data to cause overflows in the viewer software, and inject malicious code. Such manipulated images will probably simply turn out unreadable for GD.