1: <?php
2: 3: 4: 5: 6: 7:
8:
9:
10: namespace Rundiz\Upload;
11:
12: 13: 14: 15: 16: 17: 18:
19: class Upload
20: {
21:
22:
23: 24: 25:
26: public $allowed_file_extensions;
27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37:
38: public $file_extensions_mime_types;
39: 40: 41:
42: public $max_file_size;
43: 44: 45: 46: 47:
48: public $new_file_name;
49: 50: 51:
52: public $overwrite = false;
53: 54: 55: 56:
57: public $web_safe_file_name = true;
58: 59: 60:
61: public $security_scan = false;
62: 63: 64: 65: 66:
67: public $stop_on_failed_upload_multiple = true;
68: 69: 70:
71: public $move_uploaded_to = '.';
72:
73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118:
119: public $error_codes = array();
120:
121: 122: 123:
124: public $error_messages = array();
125:
126: 127: 128:
129: protected $input_file_name;
130: 131: 132: 133: 134:
135: protected $files = array();
136: 137: 138:
139: protected $move_uploaded_queue = array();
140:
141:
142: 143: 144: 145: 146:
147: public function __construct($input_file_name)
148: {
149: $this->clear();
150: $this->setInputFileName($input_file_name);
151: }
152:
153:
154: 155: 156:
157: public function __destruct()
158: {
159: $this->clear();
160: }
161:
162:
163: 164: 165: 166: 167: 168: 169: 170: 171: 172:
173: protected static function __($string)
174: {
175: return $string;
176: }
177:
178:
179: 180: 181:
182: public function clear()
183: {
184: $this->allowed_file_extensions = null;
185: $this->error_messages = array();
186: $this->file_extensions_mime_types = null;
187: $this->files = array();
188: $this->input_file_name = null;
189: $this->max_file_size = null;
190: $this->move_uploaded_queue = array();
191: $this->move_uploaded_to = '.';
192: $this->new_file_name = null;
193: $this->overwrite = false;
194: $this->web_safe_file_name = true;
195: $this->security_scan = false;
196: $this->stop_on_failed_upload_multiple = true;
197: }
198:
199:
200: 201: 202:
203: protected function clearUploadedAtTemp()
204: {
205: foreach ($this->move_uploaded_queue as $key => $queue_item) {
206: if (is_array($queue_item) && isset($queue_item['tmp_name'])) {
207: if (is_file($queue_item['tmp_name']) && is_writable($queue_item['tmp_name'])) {
208: unlink($queue_item['tmp_name']);
209: }
210: }
211: }
212: unset($key, $queue_item);
213: $this->move_uploaded_queue = array();
214: }
215:
216:
217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245:
246: public function getUploadedData()
247: {
248: if (empty($this->move_uploaded_queue) || !is_array($this->move_uploaded_queue)) {
249: return array();
250: }
251:
252: $output = array();
253:
254: foreach ($this->move_uploaded_queue as $key => $queue_item) {
255: if (
256: is_array($queue_item) &&
257: array_key_exists('name', $queue_item) &&
258: array_key_exists('tmp_name', $queue_item) &&
259: array_key_exists('new_name', $queue_item) &&
260: array_key_exists('move_uploaded_to', $queue_item) &&
261: array_key_exists('move_uploaded_status', $queue_item) &&
262: $queue_item['move_uploaded_status'] === 'success'
263: ) {
264:
265: $file_name_explode = explode('.', $queue_item['name']);
266: $file_extension = (isset($file_name_explode[count($file_name_explode)-1]) ? $file_name_explode[count($file_name_explode)-1] : null);
267: unset($file_name_explode);
268:
269:
270: $Finfo = new \finfo();
271: $mime = $Finfo->file($queue_item['move_uploaded_to'], FILEINFO_MIME_TYPE);
272: unset($Finfo);
273:
274: $output[$key] = array();
275: $output[$key]['name'] = $queue_item['name'];
276: $output[$key]['extension'] = $file_extension;
277: $output[$key]['size'] = (is_file($queue_item['move_uploaded_to']) ? filesize($queue_item['move_uploaded_to']) : 0);
278: $output[$key]['new_name'] = $queue_item['new_name'];
279: $output[$key]['full_path_new_name'] = $queue_item['move_uploaded_to'];
280: $output[$key]['mime'] = $mime;
281: $output[$key]['md5_file'] = (is_file($queue_item['move_uploaded_to']) ? md5_file($queue_item['move_uploaded_to']) : null);
282:
283: unset($file_extension, $mime);
284: }
285: }
286:
287: return $output;
288: }
289:
290:
291: 292: 293: 294: 295:
296: protected function moveUploadedFiles()
297: {
298: $i = 0;
299: if (is_array($this->move_uploaded_queue)) {
300: foreach ($this->move_uploaded_queue as $key => $queue_item) {
301: if (is_array($queue_item) && isset($queue_item['name']) && isset($queue_item['tmp_name']) && isset($queue_item['new_name'])) {
302: $destination_name = $queue_item['new_name'];
303:
304: if ($this->overwrite === false) {
305:
306: $destination_name = $this->renameDuplicateFile($destination_name);
307: }
308:
309: $move_result = move_uploaded_file($queue_item['tmp_name'], $this->move_uploaded_to.DIRECTORY_SEPARATOR.$destination_name);
310: if ($move_result === true) {
311:
312: $this->move_uploaded_queue[$key] = array_merge(
313: $this->move_uploaded_queue[$key],
314: array(
315: 'new_name' => $destination_name,
316: 'move_uploaded_status' => 'success',
317: 'move_uploaded_to' => $this->move_uploaded_to.DIRECTORY_SEPARATOR.$destination_name,
318: )
319: );
320: $i++;
321: } else {
322: $this->setErrorMessage(
323: sprintf(static::__('Unable to move uploaded file. (%s => %s)'), $queue_item['name'], $this->move_uploaded_to . DIRECTORY_SEPARATOR . $destination_name),
324: 'RDU_MOVE_UPLOADED_FAILED',
325: $queue_item['name'] . '=> ' . $this->move_uploaded_to . DIRECTORY_SEPARATOR . $destination_name
326: );
327: }
328:
329: unset($destination_name, $move_result);
330: }
331: }
332: unset($key, $queue_item);
333: }
334:
335: if ($i == count($this->move_uploaded_queue) && $i > 0) {
336: return true;
337: } else {
338: return false;
339: }
340: }
341:
342:
343: 344: 345: 346: 347: 348:
349: protected function renameDuplicateFile($file_name, $loop_count = 1)
350: {
351: if (!file_exists($this->move_uploaded_to.DIRECTORY_SEPARATOR.$file_name)) {
352: return $file_name;
353: } else {
354: $file_name_explode = explode('.', $file_name);
355: $file_extension = (isset($file_name_explode[count($file_name_explode)-1]) ? $file_name_explode[count($file_name_explode)-1] : null);
356: unset($file_name_explode[count($file_name_explode)-1]);
357: $file_name_only = implode('.', $file_name_explode);
358: unset($file_name_explode);
359:
360: $i = 1;
361: $found = true;
362: do {
363: $new_file_name = $file_name_only.'_'.$i.'.'.$file_extension;
364: if (file_exists($this->move_uploaded_to.DIRECTORY_SEPARATOR.$new_file_name)) {
365: $found = true;
366: if ($i > 1000) {
367:
368: $file_name = uniqid().'-'.str_replace('.', '', microtime(true));
369: $found = false;
370: }
371: } else {
372: $file_name = $new_file_name;
373: $found = false;
374: }
375: $i++;
376: } while ($found === true);
377:
378: unset($file_extension, $file_name_only, $new_file_name);
379: return $file_name;
380: }
381: }
382:
383:
384: 385: 386: 387: 388:
389: protected function securityScan()
390: {
391: if (
392: is_array($this->files[$this->input_file_name]) &&
393: array_key_exists('name', $this->files[$this->input_file_name]) &&
394: array_key_exists('tmp_name', $this->files[$this->input_file_name]) &&
395: $this->files[$this->input_file_name]['tmp_name'] != null
396: ) {
397:
398: if (is_file($this->files[$this->input_file_name]['tmp_name'])) {
399: $file_content = file_get_contents($this->files[$this->input_file_name]['tmp_name']);
400:
401:
402: if (strpos($file_content, '<?php') !== false) {
403:
404: $this->setErrorMessage(
405: sprintf(static::__('Error! Found php embedded in the uploaded file. (%s).'), $this->files[$this->input_file_name]['name']),
406: 'RDU_SEC_ERR_PHP',
407: $this->files[$this->input_file_name]['name'],
408: $this->files[$this->input_file_name]['name'],
409: $this->files[$this->input_file_name]['size'],
410: $this->files[$this->input_file_name]['type']
411: );
412: return false;
413: }
414:
415:
416: if (strpos($file_content, '#!/') !== false && strpos($file_content, '/perl') !== false) {
417:
418: $this->setErrorMessage(
419: sprintf(static::__('Error! Found cgi/perl embedded in the uploaded file. (%s).'), $this->files[$this->input_file_name]['name']),
420: 'RDU_SEC_ERR_CGI',
421: $this->files[$this->input_file_name]['name'],
422: $this->files[$this->input_file_name]['name'],
423: $this->files[$this->input_file_name]['size'],
424: $this->files[$this->input_file_name]['type']
425: );
426: return false;
427: }
428:
429: unset($file_content);
430: }
431: }
432:
433: return true;
434: }
435:
436:
437: 438: 439: 440: 441: 442: 443: 444: 445: 446: 447:
448: protected function setErrorMessage(
449: $error_messages,
450: $code,
451: $errorAttributes = '',
452: $errorFileName = '',
453: $errorFileSize = '',
454: $errorFileMime = ''
455: ) {
456: $arg_list = func_get_args();
457: $numargs = func_num_args();
458: for ($i = 0; $i < $numargs; $i++) {
459: if (is_array($arg_list) && array_key_exists($i, $arg_list) && !is_scalar($arg_list[$i])) {
460: return false;
461: } elseif ($arg_list === false) {
462: return false;
463: }
464: }
465: unset($arg_list, $i, $numargs);
466:
467: $this->error_messages[] = $error_messages;
468: $this->error_codes[] = array(
469: 'code' => $code,
470: 'errorAttributes' => $errorAttributes,
471: 'errorFileName' => $errorFileName,
472: 'errorFileSize' => $errorFileSize,
473: 'errorFileMime' => $errorFileMime,
474: );
475: }
476:
477:
478: 479: 480: 481: 482: 483: 484:
485: public function setInputFileName($input_file_name)
486: {
487: $this->input_file_name = $input_file_name;
488: }
489:
490:
491: 492: 493: 494: 495: 496: 497:
498: protected function setNewFileName()
499: {
500: $this->new_file_name = trim($this->new_file_name);
501:
502: if ($this->new_file_name == null) {
503:
504: if (is_array($this->files[$this->input_file_name]) && array_key_exists('name', $this->files[$this->input_file_name])) {
505: $file_name_explode = explode('.', $this->files[$this->input_file_name]['name']);
506: unset($file_name_explode[count($file_name_explode)-1]);
507: $this->new_file_name = implode('.', $file_name_explode);
508: unset($file_name_explode);
509: } else {
510: $this->setNewFileNameToRandom();
511: }
512: }
513:
514:
515: $reserved_characters = array('\\', '/', '?', '%', '*', ':', '|', '"', '<', '>', '!', '@');
516: $this->new_file_name = str_replace($reserved_characters, '', $this->new_file_name);
517: unset($reserved_characters);
518:
519: if (preg_match('#[^\.]+#iu', $this->new_file_name) == 0) {
520:
521: $this->setNewFileNameToRandom();
522: }
523:
524:
525:
526: $reserved_words = array(
527: 'CON', 'PRN', 'AUX', 'CLOCK$', 'NUL',
528: 'COM1', 'COM2', 'COM3', 'COM4', 'COM5', 'COM6', 'COM7', 'COM8', 'COM9',
529: 'LPT1', 'LPT2', 'LPT3', 'LPT4', 'LPT5', 'LPT6', 'LPT7', 'LPT8', 'LPT9',
530: 'LST', 'KEYBD$', 'SCREEN$', '$IDLE$', 'CONFIG$',
531: '$Mft', '$MftMirr', '$LogFile', '$Volume', '$AttrDef', '$Bitmap', '$Boot', '$BadClus', '$Secure',
532: '$Upcase', '$Extend', '$Quota', '$ObjId', '$Reparse',
533: );
534: foreach ($reserved_words as $reserved_word) {
535: if (strtolower($reserved_word) == strtolower($this->new_file_name)) {
536: $this->setNewFileNameToRandom();
537: }
538: }
539: unset($reserved_word, $reserved_words);
540:
541:
542: if ($this->new_file_name == null) {
543: $this->setNewFileNameToRandom();
544: }
545: }
546:
547:
548: 549: 550:
551: protected function setNewFileNameToRandom()
552: {
553: $this->new_file_name = uniqid().'-'.str_replace('.', '', microtime(true));
554: }
555:
556:
557: 558: 559:
560: protected function setupFileExtensionsMimeTypesForValidation()
561: {
562: if (!is_array($this->file_extensions_mime_types) && $this->file_extensions_mime_types == null) {
563:
564: $default_mime_types_file = 'file-extensions-mime-types.php';
565: if (is_file(__DIR__.DIRECTORY_SEPARATOR.$default_mime_types_file)) {
566: $this->file_extensions_mime_types = include __DIR__.DIRECTORY_SEPARATOR.$default_mime_types_file;
567: }
568: unset($default_mime_types_file);
569: }
570: }
571:
572:
573: 574: 575: 576:
577: protected function setWebSafeFileName()
578: {
579: if ($this->new_file_name == null) {
580: $this->setNewFileName();
581: }
582:
583:
584: $this->new_file_name = preg_replace('#\s+#iu', ' ', $this->new_file_name);
585:
586: $this->new_file_name = str_replace(' ', '-', $this->new_file_name);
587:
588: $this->new_file_name = preg_replace('#[^\da-z\-_]#iu', '', $this->new_file_name);
589:
590: $this->new_file_name = preg_replace('#-{2,}#', '-', $this->new_file_name);
591: }
592:
593:
594: 595: 596: 597: 598: 599: 600: 601:
602: public function testGetUploadedMimetype($input_file_name = null)
603: {
604: if ($input_file_name == null) {
605: $input_file_name = $this->input_file_name;
606: }
607:
608: if (
609: !isset($_FILES[$input_file_name]['name']) ||
610: (isset($_FILES[$input_file_name]['name']) && $_FILES[$input_file_name]['name'] == null) ||
611: !isset($_FILES[$input_file_name]['tmp_name']) ||
612: (isset($_FILES[$input_file_name]['tmp_name']) && $_FILES[$input_file_name]['tmp_name'] == null)
613: ) {
614: return static::__('You did not upload any file, please upload a file to get info.');
615: }
616:
617: if (!function_exists('finfo_open') || !function_exists('finfo_file')) {
618: return static::__('There is no finfo_open() function or finfo_file() function to get file\'s info. Please verify PHP installation.');
619: }
620:
621: $output = sprintf(static::__('File name: %s'), $_FILES[$input_file_name]['name']).'<br>'."\n";
622: $file_name_exp = explode('.', $_FILES[$input_file_name]['name']);
623: $file_extension = $file_name_exp[count($file_name_exp)-1];
624: unset($file_name_exp);
625: $output .= sprintf(static::__('File extension: %s'), $file_extension).'<br>'."\n";
626:
627: $Finfo = new \finfo();
628: $file_mimetype = $Finfo->file($_FILES[$input_file_name]['tmp_name'], FILEINFO_MIME_TYPE);
629: $output .= sprintf(static::__('Mime type: %s'), $file_mimetype).'<br>'."\n";
630: $output .= '<br>'."\n";
631: $output .= static::__('The array for use with extension-mime types validation.').'<br>'."\n";
632: $output .= 'array(<br>'."\n";
633: $output .= ' \''.$file_extension.'\' => array(\''.$file_mimetype.'\'),<br>'."\n";
634: $output .= ');'."\n";
635: unset($Finfo);
636:
637: if (is_writable($_FILES[$input_file_name]['tmp_name'])) {
638: unlink($_FILES[$input_file_name]['tmp_name']);
639: }
640:
641: unset($file_extension, $file_mimetype);
642: return $output;
643: }
644:
645:
646: 647: 648: 649: 650:
651: public function upload()
652: {
653:
654: $this->validateOptionsProperties();
655:
656: $this->setupFileExtensionsMimeTypesForValidation();
657:
658:
659: if (!is_dir($this->move_uploaded_to)) {
660: $this->setErrorMessage(
661: static::__('The target location where the uploaded file(s) will be moved to is not folder or directory.'),
662: 'RDU_MOVE_UPLOADED_TO_NOT_DIR',
663: $this->move_uploaded_to
664: );
665: return false;
666: } elseif (is_dir($this->move_uploaded_to) && !is_writable($this->move_uploaded_to)) {
667: $this->setErrorMessage(
668: static::__('The target location where the uploaded file(s) will be moved to is not writable. Please check the folder permission.'),
669: 'RDU_MOVE_UPLOADED_TO_NOT_WRITABLE',
670: $this->move_uploaded_to
671: );
672: return false;
673: } else {
674:
675: $this->move_uploaded_to = realpath($this->move_uploaded_to);
676: }
677:
678: if (isset($_FILES[$this->input_file_name]['name']) && is_array($_FILES[$this->input_file_name]['name'])) {
679: foreach ($_FILES[$this->input_file_name]['name'] as $key => $value) {
680: $this->files[$this->input_file_name]['input_file_key'] = $key;
681: $this->files[$this->input_file_name]['name'] = $_FILES[$this->input_file_name]['name'][$key];
682: $this->files[$this->input_file_name]['type'] = (isset($_FILES[$this->input_file_name]['type'][$key]) ? $_FILES[$this->input_file_name]['type'][$key] : null);
683: $this->files[$this->input_file_name]['tmp_name'] = (isset($_FILES[$this->input_file_name]['tmp_name'][$key]) ? $_FILES[$this->input_file_name]['tmp_name'][$key] : null);
684: $this->files[$this->input_file_name]['error'] = (isset($_FILES[$this->input_file_name]['error'][$key]) ? $_FILES[$this->input_file_name]['error'][$key] : 4);
685: $this->files[$this->input_file_name]['size'] = (isset($_FILES[$this->input_file_name]['size'][$key]) ? $_FILES[$this->input_file_name]['size'][$key] : 0);
686:
687: $result = $this->uploadSingleFile();
688:
689: if ($result == false && $this->stop_on_failed_upload_multiple === true) {
690:
691: unset($result);
692: return false;
693: }
694: }
695: unset($key, $value);
696: } else {
697: $this->files[$this->input_file_name] = $_FILES[$this->input_file_name];
698: $this->files[$this->input_file_name]['input_file_key'] = 0;
699:
700: $result = $this->uploadSingleFile();
701: }
702:
703: if (isset($result) && $result == false && $this->stop_on_failed_upload_multiple === true) {
704:
705: unset($result);
706: $this->clearUploadedAtTemp();
707: return false;
708: } elseif (count($this->error_messages) > 0 && $this->stop_on_failed_upload_multiple === true) {
709:
710: unset($result);
711: $this->clearUploadedAtTemp();
712: return false;
713: }
714:
715: return $this->moveUploadedFiles();
716: }
717:
718:
719: 720: 721: 722: 723: 724:
725: protected function uploadSingleFile()
726: {
727:
728: if (is_array($this->files[$this->input_file_name]) && array_key_exists('error', $this->files[$this->input_file_name]) && $this->files[$this->input_file_name]['error'] != 0) {
729: switch ($this->files[$this->input_file_name]['error']) {
730: case 1:
731: $this->setErrorMessage(
732: sprintf(static::__('The uploaded file exceeds the max file size directive. (%s > %s).'), $this->files[$this->input_file_name]['size'], ini_get('upload_max_filesize')),
733: 'RDU_' . $this->files[$this->input_file_name]['error'],
734: $this->files[$this->input_file_name]['size'] . ' > ' . ini_get('upload_max_filesize'),
735: $this->files[$this->input_file_name]['name'],
736: $this->files[$this->input_file_name]['size'],
737: $this->files[$this->input_file_name]['type']
738: );
739: return false;
740: case 2:
741: $this->setErrorMessage(
742: static::__('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.'),
743: 'RDU_' . $this->files[$this->input_file_name]['error'],
744: '',
745: $this->files[$this->input_file_name]['name'],
746: $this->files[$this->input_file_name]['size'],
747: $this->files[$this->input_file_name]['type']
748: );
749: return false;
750: case 3:
751: $this->setErrorMessage(
752: static::__('The uploaded file was only partially uploaded.'),
753: 'RDU_' . $this->files[$this->input_file_name]['error'],
754: '',
755: $this->files[$this->input_file_name]['name'],
756: $this->files[$this->input_file_name]['size'],
757: $this->files[$this->input_file_name]['type']
758: );
759: return false;
760: case 4:
761: $this->setErrorMessage(
762: static::__('You did not upload the file.'),
763: 'RDU_' . $this->files[$this->input_file_name]['error'],
764: '',
765: $this->files[$this->input_file_name]['name'],
766: $this->files[$this->input_file_name]['size'],
767: $this->files[$this->input_file_name]['type']
768: );
769: return false;
770: case 6:
771: $this->setErrorMessage(
772: static::__('Missing a temporary folder.'),
773: 'RDU_' . $this->files[$this->input_file_name]['error'],
774: '',
775: $this->files[$this->input_file_name]['name'],
776: $this->files[$this->input_file_name]['size'],
777: $this->files[$this->input_file_name]['type']
778: );
779: return false;
780: case 7:
781: $this->setErrorMessage(
782: static::__('Failed to write file to disk.'),
783: 'RDU_' . $this->files[$this->input_file_name]['error'],
784: '',
785: $this->files[$this->input_file_name]['name'],
786: $this->files[$this->input_file_name]['size'],
787: $this->files[$this->input_file_name]['type']
788: );
789: return false;
790: case 8:
791: $this->setErrorMessage(
792: static::__('A PHP extension stopped the file upload.'),
793: 'RDU_' . $this->files[$this->input_file_name]['error'],
794: '',
795: $this->files[$this->input_file_name]['name'],
796: $this->files[$this->input_file_name]['size'],
797: $this->files[$this->input_file_name]['type']
798: );
799: return false;
800: }
801: }
802:
803:
804: if (
805: empty($this->files[$this->input_file_name]) ||
806: (
807: is_array($this->files[$this->input_file_name]) &&
808: array_key_exists('name', $this->files[$this->input_file_name]) &&
809: $this->files[$this->input_file_name]['name'] == null
810: ) ||
811: (
812: is_array($this->files[$this->input_file_name]) &&
813: array_key_exists('tmp_name', $this->files[$this->input_file_name]) &&
814: $this->files[$this->input_file_name]['tmp_name'] == null
815: )
816: ) {
817: $this->setErrorMessage(
818: static::__('You did not upload the file.'),
819: 'RDU_4',
820: '',
821: $this->files[$this->input_file_name]['name'],
822: $this->files[$this->input_file_name]['size'],
823: $this->files[$this->input_file_name]['type']
824: );
825: return false;
826: }
827:
828:
829: $result = $this->validateExtensionAndMimeType();
830: if ($result !== true) {
831: return false;
832: }
833: unset($result);
834:
835:
836: $result = $this->validateFileSize();
837: if ($result !== true) {
838: return false;
839: }
840: unset($result);
841:
842:
843: if ($this->security_scan === true) {
844: $result = $this->securityScan();
845: if ($result !== true) {
846: return false;
847: }
848: unset($result);
849: }
850:
851:
852: $tmp_new_file_name = $this->new_file_name;
853: $this->setNewFileName();
854:
855:
856: if ($this->web_safe_file_name === true) {
857: $this->setWebSafeFileName();
858: }
859:
860:
861:
862: $file_name_explode = explode('.', $this->files[$this->input_file_name]['name']);
863: $file_extension = null;
864: if (is_array($file_name_explode)) {
865: $file_extension = '.'.$file_name_explode[count($file_name_explode)-1];
866: }
867: unset($file_name_explode);
868:
869: $this->move_uploaded_queue = array_merge(
870: $this->move_uploaded_queue,
871: array(
872: $this->files[$this->input_file_name]['input_file_key'] => array(
873: 'name' => $this->files[$this->input_file_name]['name'],
874: 'tmp_name' => $this->files[$this->input_file_name]['tmp_name'],
875: 'new_name' => $this->new_file_name.$file_extension,
876: )
877: )
878: );
879:
880: $this->new_file_name = $tmp_new_file_name;
881: unset($file_extension, $tmp_new_file_name);
882:
883:
884: return true;
885: }
886:
887:
888: 889: 890: 891: 892:
893: protected function validateExtensionAndMimeType()
894: {
895: if ($this->allowed_file_extensions == null && ($this->file_extensions_mime_types == null || empty($this->file_extensions_mime_types))) {
896:
897: return true;
898: }
899:
900:
901: $file_name_explode = explode('.', $this->files[$this->input_file_name]['name']);
902: if (!is_array($file_name_explode)) {
903: unset($file_name_explode);
904: $this->setErrorMessage(
905: sprintf(static::__('Unable to validate extension for the file %s.'), $this->files[$this->input_file_name]['name']),
906: 'RDU_UNABLE_VALIDATE_EXT',
907: $this->files[$this->input_file_name]['name'],
908: $this->files[$this->input_file_name]['name'],
909: $this->files[$this->input_file_name]['size'],
910: $this->files[$this->input_file_name]['type']
911: );
912: return false;
913: }
914: $file_extension = $file_name_explode[count($file_name_explode)-1];
915: unset($file_name_explode);
916:
917:
918: if (is_array($this->allowed_file_extensions) && !in_array($file_extension, $this->allowed_file_extensions)) {
919: unset($file_extension);
920: $this->setErrorMessage(
921: sprintf(static::__('You have uploaded the file that is not allowed extension. (%s)'), $this->files[$this->input_file_name]['name']),
922: 'RDU_NOT_ALLOW_EXT',
923: $this->files[$this->input_file_name]['name'],
924: $this->files[$this->input_file_name]['name'],
925: $this->files[$this->input_file_name]['size'],
926: $this->files[$this->input_file_name]['type']
927: );
928: return false;
929: }
930:
931:
932: if (is_array($this->file_extensions_mime_types) && !empty($this->file_extensions_mime_types)) {
933: if (!array_key_exists($file_extension, $this->file_extensions_mime_types)) {
934: unset($file_extension);
935: $this->setErrorMessage(
936: sprintf(static::__('Unable to validate the file extension and mime type. (%s). This file extension was not set in the "file_extensions_mime_types" property.'), $this->files[$this->input_file_name]['name']),
937: 'RDU_UNABLE_VALIDATE_EXT_AND_MIME',
938: $this->files[$this->input_file_name]['name'],
939: $this->files[$this->input_file_name]['name'],
940: $this->files[$this->input_file_name]['size'],
941: $this->files[$this->input_file_name]['type']
942: );
943: return false;
944: } else {
945: $Finfo = new \finfo();
946: $file_mimetype = $Finfo->file($this->files[$this->input_file_name]['tmp_name'], FILEINFO_MIME_TYPE);
947: if (is_array($this->file_extensions_mime_types[$file_extension]) && !in_array($file_mimetype, $this->file_extensions_mime_types[$file_extension])) {
948: unset($file_extension, $Finfo);
949: $this->setErrorMessage(
950: sprintf(static::__('The uploaded file has invalid mime type. (%s : %s).'), $this->files[$this->input_file_name]['name'], $file_mimetype),
951: 'RDU_INVALID_MIME',
952: $this->files[$this->input_file_name]['name'] . ' : ' . $file_mimetype,
953: $this->files[$this->input_file_name]['name'],
954: $this->files[$this->input_file_name]['size'],
955: $file_mimetype
956: );
957: unset($file_mimetype);
958: return false;
959: } elseif (!is_array($this->file_extensions_mime_types[$file_extension])) {
960: unset($file_extension, $file_mimetype, $Finfo);
961: $this->setErrorMessage(
962: static::__('Unable to validate mime type. The format of "file_extensions_mime_types" property is incorrect.'),
963: 'RDU_UNABLE_VALIDATE_MIME',
964: '',
965: $this->files[$this->input_file_name]['name'],
966: $this->files[$this->input_file_name]['size'],
967: $this->files[$this->input_file_name]['type']
968: );
969: return false;
970: }
971: unset($file_mimetype, $Finfo);
972: }
973: }
974:
975: unset($file_extension);
976: return true;
977: }
978:
979:
980: 981: 982: 983: 984:
985: protected function validateFileSize()
986: {
987: if (!is_numeric($this->max_file_size) && !is_int($this->max_file_size)) {
988:
989: return true;
990: }
991:
992: if (is_array($this->files[$this->input_file_name]) && array_key_exists('size', $this->files[$this->input_file_name]) && $this->files[$this->input_file_name]['size'] > $this->max_file_size) {
993: $this->setErrorMessage(
994: sprintf(static::__('The uploaded file exceeds the max file size directive. (%s > %s).'), $this->files[$this->input_file_name]['size'], $this->max_file_size),
995: 'RDU_1',
996: $this->files[$this->input_file_name]['size'] . ' > ' . $this->max_file_size,
997: $this->files[$this->input_file_name]['name'],
998: $this->files[$this->input_file_name]['size'],
999: $this->files[$this->input_file_name]['type']
1000: );
1001: return false;
1002: }
1003:
1004: return true;
1005: }
1006:
1007:
1008: 1009: 1010:
1011: protected function validateOptionsProperties()
1012: {
1013: if (!is_array($this->allowed_file_extensions) && $this->allowed_file_extensions != null) {
1014: $this->allowed_file_extensions = array($this->allowed_file_extensions);
1015: }
1016:
1017: if (!is_array($this->file_extensions_mime_types) && $this->file_extensions_mime_types != null) {
1018: $this->file_extensions_mime_types = null;
1019: }
1020:
1021: if (is_numeric($this->max_file_size) && !is_int($this->max_file_size)) {
1022: $this->max_file_size = intval($this->max_file_size);
1023: } elseif (!is_int($this->max_file_size) && $this->max_file_size != null) {
1024: $this->max_file_size = null;
1025: }
1026:
1027: if ($this->move_uploaded_to == null) {
1028: $this->move_uploaded_to = '.';
1029: }
1030:
1031: if (!is_string($this->new_file_name) && $this->new_file_name != null) {
1032: $this->new_file_name = null;
1033: }
1034:
1035: if (!is_bool($this->overwrite)) {
1036: $this->overwrite = false;
1037: }
1038:
1039: if (!is_bool($this->web_safe_file_name)) {
1040: $this->web_safe_file_name = true;
1041: }
1042:
1043: if (!is_bool($this->security_scan)) {
1044: $this->security_scan = false;
1045: }
1046:
1047: if (!is_bool($this->stop_on_failed_upload_multiple)) {
1048: $this->stop_on_failed_upload_multiple = true;
1049: }
1050: }
1051:
1052:
1053: }
1054: