コード例 #1
0
 public function validateFileIntegrity($attribute, $file, $parameters)
 {
     if ($file instanceof \Symfony\Component\HttpFoundation\File\UploadedFile) {
         switch ($file->getClientMimeType()) {
             // For some reason, MP3 files routinely get scanned as octet-streams.
             // Attempt to evaluate it as music or a video.
             case "application/octet-stream":
             case "audio/mpeg":
             case "audio/mp3":
             case "video/mp4":
             case "video/flv":
             case "video/webm":
                 return FileStorage::probe($file);
             case "application/x-shockwave-flash":
                 // This is much slower than exif_imagetype but much more reliable with flash files.
                 return getimagesize($file->getPathname())['mime'] == "application/x-shockwave-flash";
             case "image/x-ms-bmp":
                 return exif_imagetype($file->getPathname()) == IMAGETYPE_BMP;
             case "image/gif":
                 return exif_imagetype($file->getPathname()) == IMAGETYPE_GIF;
             case "image/jpeg":
             case "image/jpg":
                 return exif_imagetype($file->getPathname()) == IMAGETYPE_JPEG;
             case "image/png":
                 return exif_imagetype($file->getPathname()) == IMAGETYPE_PNG;
             case "image/svg":
             case "image/svg+xml":
                 try {
                     $dom = new \DOMDocument();
                     $dom->Load($file->getPathname());
                     if ($dom->getElementsByTagName('script')->length > 0) {
                         return false;
                     }
                     return $dom->saveXML() !== false;
                 } catch (\Exception $error) {
                     return false;
                 }
                 // Things we allow but can't validate.
             // Things we allow but can't validate.
             case "application/epub+zip":
             case "application/pdf":
                 return true;
             default:
                 return false;
         }
     }
     return false;
     dd($value);
 }