Added upload validation (work in progress)
authorMarcel Werk <burntime@woltlab.com>
Mon, 12 Mar 2012 22:32:27 +0000 (23:32 +0100)
committerMarcel Werk <burntime@woltlab.com>
Mon, 12 Mar 2012 22:32:27 +0000 (23:32 +0100)
wcfsetup/install/files/lib/system/upload/UploadFile.class.php
wcfsetup/install/files/lib/system/upload/UploadHandler.class.php

index 6f949bd06fedac9d121e97d2f88ad4b7cd8d9c4d..76074b3ac888408fd16a4f9409575001ed088d68 100644 (file)
@@ -1,5 +1,6 @@
 <?php
 namespace wcf\system\upload;
+use wcf\util\StringUtil;
 
 /**
  * Represents a file upload.
@@ -74,6 +75,19 @@ class UploadFile {
                return $this->filename;
        }
        
+       /**
+        * Returns the extension of the original file name.
+        * 
+        * @return string
+        */
+       public function getFileExtension() {
+               if (($position = StringUtil::lastIndexOf($this->getFilename(), '.')) !== false) {
+                       return StringUtil::substring($this->getFilename(), $position + 1);
+               }
+               
+               return '';
+       }
+       
        /**
         * Returns the file location.
         * 
@@ -118,18 +132,36 @@ class UploadFile {
         * @return      boolean
         */
        public function validateFile($maxFilesize, array $fileExtensions) {
+               if ($this->errorCode != 0) {
+                       $this->validationErrorType = 'uploadFailed';
+                       return false;
+               }
+               
+               if ($this->getFilesize() > $maxFilesize) {
+                       $this->validationErrorType = 'tooLarge';
+                       return false;
+               }
                
+               if (!in_array($this->getFileExtension(), $fileExtensions)) {
+                       $this->validationErrorType = 'invalidExtension';
+                       return false;
+               }
        }
        
        /**
         * Returns the validation error type.
         * 
-        * @return string
+        * @return      string
         */
        public function getValidationErrorType() {
                return $this->validationErrorType;
        }
        
+       /**
+        * Gets image data.
+        * 
+        * @return      array
+        */
        public function getImageData() {
                if (strpos($this->getMimeType(), 'image/') == 0) {
                        if (($imageData = @getImageSize($this->getLocation())) !== false) {
index 73911764c57eaeaf9fc6f0875546911ac9be54ea..d15d8cc2539feb2139a022297468ecd27b15dca7 100644 (file)
@@ -23,7 +23,7 @@ class UploadHandler {
         * list of validation errors.
         * @var array
         */
-       protected $errors = array();
+       protected $erroneousFiles = array();
        
        /**
         * Creates a new UploadHandler object.
@@ -62,7 +62,7 @@ class UploadHandler {
                $result = true;
                foreach ($this->files as $file) {
                        if (!$file->validateFile($maxFilesize, $fileExtensions)) {
-                               $this->errors[$file->getFilename()] = $file->getValidationErrorType();
+                               $this->erroneousFiles[] = $file;
                                $result = false;
                        }
                }
@@ -71,12 +71,12 @@ class UploadHandler {
        }
        
        /**
-        * Returns a list of validation errors.
+        * Returns a list of erroneous files.
         * 
-        * @return array
+        * @return array<wcf\system\upload\UploadFile>
         */
-       public function getErrors() {
-               return $this->errors;
+       public function getErroneousFiles() {
+               return $this->erroneousFiles;
        }
        
        /**
@@ -86,7 +86,9 @@ class UploadHandler {
         */
        public function saveFiles(IUploadFileSaveStrategy $saveStrategy) {
                foreach ($this->files as $file) {
-                       $saveStrategy->save($file);
+                       if (!$file->getValidationErrorType()) {
+                               $saveStrategy->save($file);
+                       }
                }
        }