/**
* Validates a $_FILES array against the upload configuration
*
* @param array $file_array The $_FILES array for a single file
* @return string The validation error message
*/
private function validateField($file_array)
{
if (empty($file_array['name'])) {
if ($this->required) {
return self::compose('Please upload a file');
}
return NULL;
}
if ($file_array['error'] == UPLOAD_ERR_FORM_SIZE || $file_array['error'] == UPLOAD_ERR_INI_SIZE) {
$max_size = !empty($_POST['MAX_FILE_SIZE']) ? $_POST['MAX_FILE_SIZE'] : ini_get('upload_max_filesize');
$max_size = !is_numeric($max_size) ? fFilesystem::convertToBytes($max_size) : $max_size;
return self::compose('The file uploaded is over the limit of %s', fFilesystem::formatFilesize($max_size));
}
if ($this->max_size && $file_array['size'] > $this->max_size) {
return self::compose('The file uploaded is over the limit of %s', fFilesystem::formatFilesize($this->max_size));
}
if (empty($file_array['tmp_name']) || empty($file_array['size'])) {
if ($this->required) {
return self::compose('Please upload a file');
}
return NULL;
}
if (!empty($this->mime_types) && file_exists($file_array['tmp_name'])) {
$contents = file_get_contents($file_array['tmp_name'], FALSE, NULL, 0, 4096);
if (!in_array(fFile::determineMimeType($file_array['name'], $contents), $this->mime_types)) {
return self::compose($this->mime_type_message);
}
}
if (!$this->allow_php) {
$file_info = fFilesystem::getPathInfo($file_array['name']);
if (in_array(strtolower($file_info['extension']), array('php', 'php4', 'php5'))) {
return self::compose('The file uploaded is a PHP file, but those are not permitted');
}
}
if (!$this->allow_dot_files) {
if (substr($file_array['name'], 0, 1) == '.') {
return self::compose('The name of the uploaded file may not being with a .');
}
}
if ($this->image_dimensions && file_exists($file_array['tmp_name'])) {
if (fImage::isImageCompatible($file_array['tmp_name'])) {
list($width, $height, $other) = getimagesize($file_array['tmp_name']);
if ($this->image_dimensions['min_width'] && $width < $this->image_dimensions['min_width']) {
return self::compose('The uploaded image is narrower than the minimum width of %spx', $this->image_dimensions['min_width']);
}
if ($this->image_dimensions['min_height'] && $height < $this->image_dimensions['min_height']) {
return self::compose('The uploaded image is shorter than the minimum height of %spx', $this->image_dimensions['min_height']);
}
if ($this->image_dimensions['max_width'] && $width > $this->image_dimensions['max_width']) {
return self::compose('The uploaded image is wider than the maximum width of %spx', $this->image_dimensions['max_width']);
}
if ($this->image_dimensions['max_height'] && $height > $this->image_dimensions['max_height']) {
return self::compose('The uploaded image is taller than the maximum height of %spx', $this->image_dimensions['max_height']);
}
}
}
if ($this->image_ratio && file_exists($file_array['tmp_name'])) {
if (fImage::isImageCompatible($file_array['tmp_name'])) {
list($width, $height, $other) = getimagesize($file_array['tmp_name']);
if ($this->image_ratio['allow_excess_dimension'] == 'width' && $width / $height < $this->image_ratio['width'] / $this->image_ratio['height']) {
return self::compose('The uploaded image is too narrow for its height. The required ratio is %1$sx%2$s or wider.', $this->image_ratio['width'], $this->image_ratio['height']);
}
if ($this->image_ratio['allow_excess_dimension'] == 'height' && $width / $height > $this->image_ratio['width'] / $this->image_ratio['height']) {
return self::compose('The uploaded image is too short for its width. The required ratio is %1$sx%2$s or taller.', $this->image_ratio['width'], $this->image_ratio['height']);
}
}
}
}
/**
* Validates the uploaded file, ensuring a file was actually uploaded and that is matched the restrictions put in place
*
* @throws fValidationException When no file is uploaded or the uploaded file violates the options set for this object
*
* @param string $field The field the file was uploaded through
* @param integer $index If the field was an array of file uploads, this specifies which one to validate
* @return void
*/
public function validate($field, $index = NULL)
{
if (!self::check($field)) {
throw new fProgrammerException('The field specified, %s, does not appear to be a file upload field', $field);
}
$file_array = $this->extractFileUploadArray($field, $index);
// Do some validation of the file provided
if (empty($file_array['name'])) {
throw new fValidationException('Please upload a file');
}
if ($file_array['error'] == UPLOAD_ERR_FORM_SIZE || $file_array['error'] == UPLOAD_ERR_INI_SIZE) {
$max_size = !empty($_POST['MAX_FILE_SIZE']) ? $_POST['MAX_FILE_SIZE'] : ini_get('upload_max_filesize');
$max_size = !is_numeric($max_size) ? fFilesystem::convertToBytes($max_size) : $max_size;
$msg = $this->max_message != "" ? $this->max_message : 'The file uploaded is over the limit of %s';
throw new fValidationException($msg, fFilesystem::formatFilesize($max_size));
}
if ($this->max_file_size && $file_array['size'] > $this->max_file_size) {
$msg = $this->max_message != "" ? $this->max_message : 'The file uploaded is over the limit of %s';
throw new fValidationException($msg, fFilesystem::formatFilesize($this->max_file_size));
}
if (empty($file_array['tmp_name']) || empty($file_array['size'])) {
throw new fValidationException('Please upload a file');
}
if (!empty($this->mime_types) && file_exists($file_array['tmp_name']) && !in_array(fFile::determineMimeType($file_array['tmp_name']), $this->mime_types)) {
throw new fValidationException($this->mime_type_message);
}
if (!$this->allow_php) {
$file_info = fFilesystem::getPathInfo($file_array['name']);
if (in_array(strtolower($file_info['extension']), array('php', 'php4', 'php5'))) {
throw new fValidationException('The file uploaded is a PHP file, but those are not permitted');
}
}
return $file_array;
}
/**
* Extracts the filename and mime-type from an fFile object
*
* @param string|fFile &$contents The file to extrapolate the info from
* @param string &$filename The filename to use for the file
* @param string &$mime_type The mime type of the file
* @return void
*/
private function extrapolateFileInfo(&$contents, &$filename, &$mime_type)
{
if ($contents instanceof fFile) {
if ($filename === NULL) {
$filename = $contents->getName();
}
if ($mime_type === NULL) {
$mime_type = $contents->getMimeType();
}
$contents = $contents->read();
} else {
if (!self::stringlike($filename)) {
throw new fProgrammerException('The filename specified, %s, does not appear to be a valid filename', $filename);
}
$filename = (string) $filename;
if ($mime_type === NULL) {
$mime_type = fFile::determineMimeType($filename, $contents);
}
}
}
/**
* Validates a $_FILES array against the upload configuration
*
* @param array $file_array The $_FILES array for a single file
* @return string The validation error message
*/
private function validateField($file_array)
{
if (empty($file_array['name'])) {
if ($this->required) {
return self::compose('Please upload a file');
}
return NULL;
}
if ($file_array['error'] == UPLOAD_ERR_FORM_SIZE || $file_array['error'] == UPLOAD_ERR_INI_SIZE) {
$max_size = !empty($_POST['MAX_FILE_SIZE']) ? $_POST['MAX_FILE_SIZE'] : ini_get('upload_max_filesize');
$max_size = !is_numeric($max_size) ? fFilesystem::convertToBytes($max_size) : $max_size;
return self::compose('The file uploaded is over the limit of %s', fFilesystem::formatFilesize($max_size));
}
if ($this->max_size && $file_array['size'] > $this->max_size) {
return self::compose('The file uploaded is over the limit of %s', fFilesystem::formatFilesize($this->max_size));
}
if (empty($file_array['tmp_name']) || empty($file_array['size'])) {
if ($this->required) {
return self::compose('Please upload a file');
}
return NULL;
}
if (!empty($this->mime_types) && file_exists($file_array['tmp_name'])) {
$contents = file_get_contents($file_array['tmp_name'], FALSE, NULL, 0, 4096);
if (!in_array(fFile::determineMimeType($file_array['name'], $contents), $this->mime_types)) {
return self::compose($this->mime_type_message);
}
}
if (!$this->allow_php) {
$file_info = fFilesystem::getPathInfo($file_array['name']);
if (in_array(strtolower($file_info['extension']), array('php', 'php4', 'php5'))) {
return self::compose('The file uploaded is a PHP file, but those are not permitted');
}
}
if (!$this->allow_dot_files) {
if (substr($file_array['name'], 0, 1) == '.') {
return self::compose('The name of the uploaded file may not being with a .');
}
}
}
