How to Remove EXIF Data in PHP
Protect user upload privacy by removing EXIF data from image uploads.
When we take pictures using our phones or digital cameras, some information is typically retained within our digital image files. Some of that information is standard metadata, such as the image file format, height and width (in pixels), bit depth, transparency features, etc., and some of that information (usually part of the metadata object) is Exchangeable Image File Format (EXIF) data, which includes information about the camera a picture was taken with, the location where the image was taken, the exact date and time the image was taken, and more.
Why Remove EXIF Data?
Retaining EXIF data in an image can pose a privacy risk for the original photo taker. EXIF location information, for example, obviously isn’t something we want to let bad actors get ahold of, and even EXIF camera information - which can include the camera serial number, pointing bad actors directly to the camera owner - shouldn’t be shared publicly either.
If our PHP server code is processing image uploads and storing them in a publicly accessible location, it’s a good idea to strip EXIF data from those images en-route to storage so we don’t inadvertently compromise the privacy of those uploading images to our application.
Tutorial: Remove EXIF Data in PHP
Thankfully, there’s an API we can use to quickly handle EXIF removal for us!
In this tutorial, we’ll learn how to call an API that removes EXIF data from an image file’s metadata object, leaving all other metadata in place. By removing EXIF data and nothing else, we’ll still be able to perform useful image processing operations - such as accurately resizing and reformatting images for display on our web pages - while providing a high degree of privacy for our application users.
Step 1: Client SDK Installation
In our first step in this tutorial, we’re going to install the client SDK via Composer. To handle that, we can run the following command:
composer require cloudmersive/cloudmersive_imagerecognition_api_clientStep 2: API Key Configuration
To make our EXIF removal API calls, we’ll need to authorize our requests with a Cloudmersive API key. If we don’t have one already, we can easily get one for free by visiting the Cloudmersive website and creating a free account. With a free account, we’ll be able to make a limit of 800 API calls per month with no additional commitments.
Once we have our API key, we can include the configuration code snippet in our file and paste our API key in the indicated line:
<?php
require_once(__DIR__ . '/vendor/autoload.php');
// Configure API key authorization: Apikey
$config = Swagger\Client\Configuration::getDefaultConfiguration()->setApiKey('Apikey', 'YOUR_API_KEY');Step 3: Call the EXIF Removal Function
At this point, we’re close to the finish line! All that’s left is to create an instance of the API and call the EXIF removal function. We can handle both of those steps using the final set of code examples below:
$apiInstance = new Swagger\Client\Api\EditApi(
new GuzzleHttp\Client(),
$config
);
$image_file = "/path/to/inputfile"; // \SplFileObject | Image file to perform the operation on. Common file formats such as PNG, JPEG are supported.
try {
$result = $apiInstance->editRemoveExifData($image_file);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling EditApi->editRemoveExifData: ', $e->getMessage(), PHP_EOL;
}
?>The result of our operation will be a string containing the encoding for our new image file sans EXIF data. We can write our file bytes to a new file, and just like that, we’re all done!
Conclusion
Removing EXIF data is all about privacy - and we can now easily perform that service for image uploads processed through our PHP server.
Interested in more useful API tutorials? Don’t forget to hit subscribe!