/**
* Validate an uploaded file
*
* For validation if a upload specific config provided, then will be used. If not, Global config in
* SecureUPloadConfig will be used.
*
* Valid upload code is 10. Other codes are invalid ones. More information: Upload Class
*
* @param Upload $Upload Upload object
* @param SecureUPloadConfig $SecureUPloadConfig SecureUpload Config
* @param UploadConfig|null $UploadConfig Specific upload config
*
* @return int
*/
public function validate(Upload $Upload, SecureUPloadConfig $SecureUPloadConfig, UploadConfig $UploadConfig = null)
{
if (is_null($UploadConfig)) {
$min_filesize = $SecureUPloadConfig->get('min_filesize');
$max_filesize = $SecureUPloadConfig->get('max_filesize');
$accepted_extensions = array_keys($SecureUPloadConfig->get('file_types'));
$accepted_file_types = $SecureUPloadConfig->get('file_types');
} else {
$min_filesize = $UploadConfig->get('min_filesize');
$max_filesize = $UploadConfig->get('max_filesize');
$accepted_extensions = array_keys($UploadConfig->get('file_types'));
$accepted_file_types = $UploadConfig->get('file_types');
}
$Upload_tmp_name = $Upload->getTmpInfo('tmp_name');
if ($this->checkFileUploadedByPost($Upload_tmp_name) !== true) {
return 11;
}
$Upload_size = $Upload->getTmpInfo('size');
if ($this->checkMinFileSize($Upload_size, $min_filesize) !== true) {
return 12;
}
if ($this->checkMaxFileSize($Upload_size, $max_filesize) !== true) {
return 13;
}
$Upload_name = $Upload->getTmpInfo('name');
$Upload_extension = $this->getExtByPath($Upload_name);
if ($this->checkForbiddenExtensions($Upload_extension) !== true) {
return 14;
}
if ($this->checkExtension($Upload_extension, $accepted_extensions) !== true) {
return 15;
}
if ($this->checkMimeType($Upload_tmp_name, $Upload_extension, $accepted_file_types) !== true) {
return 16;
}
return 10;
}
/**
* Save uploaded file into upload folder.
*
* @param Upload $Upload Upload object
*/
private function saveUpload(Upload $Upload)
{
$Upload_tmp_info_name = $Upload->getTmpInfo('name');
$Upload_tmp_info_tmp_name = $Upload->getTmpInfo('tmp_name');
$Upload_name = md5($Upload_tmp_info_name . time());
$Upload_extension = pathinfo($Upload_tmp_info_name, PATHINFO_EXTENSION);
$Upload_path_array = $this->getUploadPathAsArray($Upload_extension);
if (!empty($Upload_path_array)) {
$Upload_path_string = implode($Upload_path_array, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR;
} else {
$Upload_path_string = '';
}
if ($this->UploadFolder->moveUploadedFile($Upload_path_array, $Upload_path_string, $Upload_tmp_info_tmp_name, $Upload_name, $Upload_extension)) {
$Upload->name = $Upload_name;
$Upload->ext = $Upload_extension;
$Upload->relative_path = $Upload_path_string . $Upload_name . '.' . $Upload_extension;
$Upload->relative_url = str_replace(DIRECTORY_SEPARATOR, '/', $Upload->relative_path);
$Upload->path = $this->SecureUPloadConfig->get('upload_folder') . $Upload->relative_path;
$Upload->id = $this->getId($Upload);
$Upload->size = $Upload->getTmpInfo('size');
$Upload->type = $this->getUploadType($Upload);
} else {
$Upload->status = 2;
$Upload->error = 17;
}
}
