Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

CFileValidator could validate uploaded file by its MIME-type, added $…

…mimeTypes and $wrongMimeTypes properties.
  • Loading branch information...
commit e8bd65ec5a9c6cdd5d49b2c3e89f31040db3835f 1 parent 10785df
resurtm authored
Showing with 43 additions and 1 deletion.
  1. +1 −0  CHANGELOG
  2. +42 −1 framework/validators/CFileValidator.php
1  CHANGELOG
View
@@ -82,6 +82,7 @@ Version 1.1.11 work in progress
- Enh #938: CFileValidator::sizeToBytes() is now public and available for using in the whole application (resurtm)
- Enh #943: CDateTimeParser is now able to parse short textual representation of month, e.g. Jan, Jun, Aug (resurtm)
- Enh #967: Commands from YII_CONSOLE_COMMANDS environment variable are now always added to yiic console application (schmunk)
+- Enh: CFileValidator could validate uploaded file by its MIME-type, added $mimeTypes and $wrongMimeTypes properties (resurtm)
- Enh: Fixed romanian translation to use the better-supported cedilla characters (tudorilisoi)
- Enh: Added default value to CConsoleCommand::confirm (musterknabe)
- Enh: Allowed returning integer values as application exit code in CConsoleCommand actions (cebe)
43 framework/validators/CFileValidator.php
View
@@ -75,6 +75,15 @@ class CFileValidator extends CValidator
*/
public $types;
/**
+ * @var mixed a list of MIME-types of the file that are allowed to be uploaded.
+ * This can be either an array or a string consisting of MIME-types separated
+ * by space or comma (e.g. "image/gif, image/jpeg"). MIME-types are
+ * case-insensitive. Defaults to null, meaning all MIME-types are allowed.
+ * In order to use this property fileinfo PECL extension should be installed.
+ * @since 1.1.11
+ */
+ public $mimeTypes;
+ /**
* @var integer the minimum number of bytes required for the uploaded file.
* Defaults to null, meaning no limit.
* @see tooSmall
@@ -100,10 +109,17 @@ class CFileValidator extends CValidator
public $tooSmall;
/**
* @var string the error message used when the uploaded file has an extension name
- * that is not listed among {@link extensions}.
+ * that is not listed among {@link types}.
*/
public $wrongType;
/**
+ * @var string the error message used when the uploaded file has a MIME-type
+ * that is not listed among {@link mimeTypes}. In order to use this property
+ * fileinfo PECL extension should be installed.
+ * @since 1.1.11
+ */
+ public $wrongMimeType;
+ /**
* @var integer the maximum file count the given attribute can hold.
* It defaults to 1, meaning single file upload. By defining a higher number,
* multiple uploads become possible.
@@ -194,6 +210,31 @@ protected function validateFile($object, $attribute, $file)
$this->addError($object,$attribute,$message,array('{file}'=>$file->getName(), '{extensions}'=>implode(', ',$types)));
}
}
+
+ if($this->mimeTypes!==null)
+ {
+ if(function_exists('finfo_open'))
+ {
+ $mimeType=false;
+ if($info=finfo_open(defined('FILEINFO_MIME_TYPE') ? FILEINFO_MIME_TYPE : FILEINFO_MIME))
+ $mimeType=finfo_file($info,$file->getTempName());
+ }
+ else if(function_exists('mime_content_type'))
+ $mimeType=mime_content_type($file->getTempName());
+ else
+ throw new CException(Yii::t('yii','In order to use MIME-type validation provided by CFileValidator fileinfo PECL extension should be installed.'));
+
+ if(is_string($this->mimeTypes))
+ $mimeTypes=preg_split('/[\s,]+/',strtolower($this->mimeTypes),-1,PREG_SPLIT_NO_EMPTY);
+ else
+ $mimeTypes=$this->mimeTypes;
+
+ if($mimeType===false || !in_array(strtolower($mimeType),$mimeTypes))
+ {
+ $message=$this->wrongMimeType!==null?$this->wrongMimeType : Yii::t('yii','The file "{file}" cannot be uploaded. Only files of these MIME-types are allowed: {mimeTypes}.');
+ $this->addError($object,$attribute,$message,array('{file}'=>$file->getName(), '{mimeTypes}'=>implode(', ',$mimeTypes)));
+ }
+ }
}
/**
Please sign in to comment.
Something went wrong with that request. Please try again.