Hardened image file validation by removing custom validation

- Added test to check PHP files cannot be uploaded as an image.

app/Http/Controllers/ImageController.php

@@ -119,7 +119,7 @@ class ImageController extends Controller
     {
         $this->checkPermission('image-create-all');
         $this->validate($request, [
-            'file' => 'is_image'
+            'file' => 'mimes:jpeg,png,gif,bmp,webp,tiff'
         ]);
 
         if (!$this->imageRepo->isValidType($type)) {
@@ -135,7 +135,6 @@ class ImageController extends Controller
             return response($e->getMessage(), 500);
         }
 
-
         return response()->json($image);
     }
 

app/Providers/AppServiceProvider.php

@@ -21,12 +21,6 @@ class AppServiceProvider extends ServiceProvider
      */
     public function boot()
     {
-        // Custom validation methods
-        Validator::extend('is_image', function ($attribute, $value, $parameters, $validator) {
-            $imageMimes = ['image/png', 'image/bmp', 'image/gif', 'image/jpeg', 'image/jpg', 'image/tiff', 'image/webp'];
-            return in_array($value->getMimeType(), $imageMimes);
-        });
-
         // Custom blade view directives
         Blade::directive('icon', function ($expression) {
             return "<?php echo icon($expression); ?>";