Skip to content

Added validation of file type #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Added validation of file type #17

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 11 additions & 1 deletion src/Flow/Basic.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,20 @@ public static function save($destination, $config, RequestInterface $request = n
if (!$config instanceof ConfigInterface) {
$config = new Config(array(
'tempDir' => $config,
'mimeAccept' => array(
'image/gif',
'image/jpeg',
'image/png',
'image/bmp'
)
));
}
$file = new File($config, $request);

if (!$file->checkMime($config->getMimeAccept())){
header("HTTP/1.1 400 Bad Request");
echo "Invalid MIME Type: ".$file->getFileType();
return false;
}
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if ($file->checkChunk()) {
header("HTTP/1.1 200 Ok");
Expand Down
21 changes: 21 additions & 0 deletions src/Flow/Config.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,27 @@ public function __construct($config = array())
$this->config = $config;
}

/**
* Set mime accept types
*
* @param $mime
*/
public function setMimeAccept($mime)
{
$this->config['mimeAccept'] = $mime;
}

/**
* Get mime accept types
*
* @return array
*/
public function getMimeAccept()
{
return $this->config['mimeAccept'];
}


/**
* Set path to temporary directory for chunks storage
*
Expand Down
35 changes: 30 additions & 5 deletions src/Flow/File.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

namespace Flow;


class File
{
/**
Expand All @@ -24,7 +25,7 @@ class File
/**
* Constructor
*
* @param ConfigInterface $config
* @param ConfigInterface $config
* @param RequestInterface $request
*/
public function __construct(ConfigInterface $config, RequestInterface $request = null)
Expand Down Expand Up @@ -58,7 +59,7 @@ public function getIdentifier()
*/
public function getChunkPath($index)
{
return $this->config->getTempDir().DIRECTORY_SEPARATOR.$this->identifier.'_'.$index;
return $this->config->getTempDir() . DIRECTORY_SEPARATOR . $this->identifier . '_' . $index;
}

/**
Expand Down Expand Up @@ -148,7 +149,7 @@ public function save($destination)
{
$fh = fopen($destination, 'wb');
if (!$fh) {
throw new FileOpenException('failed to open destination file: '.$destination);
throw new FileOpenException('failed to open destination file: ' . $destination);
}

if (!flock($fh, LOCK_EX | LOCK_NB, $blocked)) {
Expand All @@ -161,7 +162,7 @@ public function save($destination)
}
// @codeCoverageIgnoreEnd

throw new FileLockException('failed to lock file: '.$destination);
throw new FileLockException('failed to lock file: ' . $destination);
}

$totalChunks = $this->request->getTotalChunks();
Expand All @@ -174,7 +175,7 @@ public function save($destination)
$chunk = fopen($file, "rb");

if (!$chunk) {
throw new FileOpenException('failed to open chunk: '.$file);
throw new FileOpenException('failed to open chunk: ' . $file);
}

if ($preProcessChunk !== null) {
Expand Down Expand Up @@ -230,4 +231,28 @@ public function _move_uploaded_file($filePath, $destinationPath)
{
return move_uploaded_file($filePath, $destinationPath);
}


/**
* Check Mime Type
*/
public function checkMime($acceptMimes)
{
$fileMime = $this->request->getFileType();

foreach ($acceptMimes as $acceptMime) {
if ($fileMime === $acceptMime) {
return true;
}
}
return false;
}

/**
* Get Mime Type
*/
public function getFileType()
{
return $this->request->getFileType();
}
}
24 changes: 24 additions & 0 deletions src/Flow/Request.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,30 @@ public function __construct($params = null, $file = null)
$this->file = $file;
}


/**
* Get parameter of file
*
* @param string $name
*
* @return string|int|null
*/
protected function getFileParam($name)
{
return isset($this->file[$name]) ? $this->file[$name] : null;
}

/**
* Get uploaded file type
*
* @return string|null
*/
public function getFileType()
{
return $this->getFileParam('type');
}


/**
* Get parameter value
*
Expand Down