Completed
Push — master ( 12c282...714a7e )
by Garion
15s queued 11s
created
tests/MimeUploadValidatorTest.php 1 patch
Indentation   +92 added lines, -92 removed lines patch added patch discarded remove patch
@@ -12,96 +12,96 @@
 block discarded – undo
12 12
  */
13 13
 class MimeUploadValidatorTest extends SapphireTest
14 14
 {
15
-    public function testInvalidFileExtensionValidatingMimeType()
16
-    {
17
-        // setup plaintext file with invalid extension
18
-        $tmpFileName = 'UploadTest-testUpload.jpg';
19
-        $tmpFilePath = TEMP_FOLDER . '/' . $tmpFileName;
20
-        $tmpFileContent = '';
21
-
22
-        for ($i = 0; $i < 10000; $i++) {
23
-            $tmpFileContent .= '0';
24
-        }
25
-
26
-        file_put_contents($tmpFilePath, $tmpFileContent);
27
-
28
-        // emulates the $_FILES array
29
-        $tmpFile = [
30
-            'name' => $tmpFileName,
31
-            'size' => filesize($tmpFilePath),
32
-            'tmp_name' => $tmpFilePath,
33
-            'extension' => 'jpg',
34
-            'error' => UPLOAD_ERR_OK,
35
-        ];
36
-
37
-        $upload = Upload::create();
38
-        $upload->setValidator(MimeUploadValidator::create());
39
-        $result = $upload->load($tmpFile);
40
-        $errors = $upload->getErrors();
41
-
42
-        $this->assertFalse($result, 'Load failed because file extension does not match excepted MIME type');
43
-        $this->assertEquals('File is not a valid upload', $errors[0]);
44
-
45
-        unlink($tmpFilePath);
46
-    }
47
-
48
-    public function testGetExpectedMimeTypes()
49
-    {
50
-        // Setup a file with a capitalised extension and try to match it against a lowercase file.
51
-        $tmpFileName = 'text.TXT';
52
-        $tmpFilePath = TEMP_FOLDER . '/' . $tmpFileName;
53
-        $tmpFileContent = '';
54
-
55
-        for ($i = 0; $i < 10000; $i++) {
56
-            $tmpFileContent .= '0';
57
-        }
58
-
59
-        file_put_contents($tmpFilePath, $tmpFileContent);
60
-
61
-        $validator = MimeUploadValidator::create();
62
-        $tmpFile = [
63
-            'name' => $tmpFileName,
64
-            'tmp_name' => $tmpFilePath,
65
-        ];
66
-
67
-        $expected = $validator->getExpectedMimeTypes($tmpFile);
68
-        $this->assertCount(1, $expected);
69
-        $this->assertContains('text/plain', $expected);
70
-
71
-        unlink($tmpFilePath);
72
-
73
-        // Test a physical ico file with capitalised extension
74
-        $tmpFile = [
75
-            'name' => 'favicon.ICO',
76
-            'tmp_name' => 'assets/favicon.ICO',
77
-        ];
78
-
79
-        // Ensure that site configuration doesn't interfere with the test
80
-        $icoMimes = [
81
-            'ico' => [
82
-                'image/vnd.microsoft.icon',
83
-                'image/x-icon',
84
-                'image/x-ico'
85
-            ]
86
-        ];
87
-        Config::modify()->set(MimeUploadValidator::class, 'MimeTypes', $icoMimes);
88
-
89
-        $expected = $validator->getExpectedMimeTypes($tmpFile);
90
-        $this->assertCount(3, $expected);
91
-        $this->assertContains('image/x-icon', $expected);
92
-    }
93
-
94
-    public function testMimeComparison()
95
-    {
96
-        $validator = MimeUploadValidator::create();
97
-
98
-        $this->assertTrue($validator->compareMime('application/xhtml+xml', 'application/xml'));
99
-        $this->assertTrue($validator->compareMime('application/vnd.text', 'application/text'));
100
-        $this->assertTrue($validator->compareMime('application/vnd.vnd.text', 'application/text'));
101
-        $this->assertTrue($validator->compareMime('application/x-text', 'application/text'));
102
-        $this->assertTrue($validator->compareMime('application/gzip', 'application/gzip'));
103
-        $this->assertTrue($validator->compareMime('application/x-gzip', 'application/gzip'));
104
-        $this->assertFalse($validator->compareMime('application/png', 'application/json'));
105
-        $this->assertFalse($validator->compareMime('text/plain', 'text/json'));
106
-    }
15
+	public function testInvalidFileExtensionValidatingMimeType()
16
+	{
17
+		// setup plaintext file with invalid extension
18
+		$tmpFileName = 'UploadTest-testUpload.jpg';
19
+		$tmpFilePath = TEMP_FOLDER . '/' . $tmpFileName;
20
+		$tmpFileContent = '';
21
+
22
+		for ($i = 0; $i < 10000; $i++) {
23
+			$tmpFileContent .= '0';
24
+		}
25
+
26
+		file_put_contents($tmpFilePath, $tmpFileContent);
27
+
28
+		// emulates the $_FILES array
29
+		$tmpFile = [
30
+			'name' => $tmpFileName,
31
+			'size' => filesize($tmpFilePath),
32
+			'tmp_name' => $tmpFilePath,
33
+			'extension' => 'jpg',
34
+			'error' => UPLOAD_ERR_OK,
35
+		];
36
+
37
+		$upload = Upload::create();
38
+		$upload->setValidator(MimeUploadValidator::create());
39
+		$result = $upload->load($tmpFile);
40
+		$errors = $upload->getErrors();
41
+
42
+		$this->assertFalse($result, 'Load failed because file extension does not match excepted MIME type');
43
+		$this->assertEquals('File is not a valid upload', $errors[0]);
44
+
45
+		unlink($tmpFilePath);
46
+	}
47
+
48
+	public function testGetExpectedMimeTypes()
49
+	{
50
+		// Setup a file with a capitalised extension and try to match it against a lowercase file.
51
+		$tmpFileName = 'text.TXT';
52
+		$tmpFilePath = TEMP_FOLDER . '/' . $tmpFileName;
53
+		$tmpFileContent = '';
54
+
55
+		for ($i = 0; $i < 10000; $i++) {
56
+			$tmpFileContent .= '0';
57
+		}
58
+
59
+		file_put_contents($tmpFilePath, $tmpFileContent);
60
+
61
+		$validator = MimeUploadValidator::create();
62
+		$tmpFile = [
63
+			'name' => $tmpFileName,
64
+			'tmp_name' => $tmpFilePath,
65
+		];
66
+
67
+		$expected = $validator->getExpectedMimeTypes($tmpFile);
68
+		$this->assertCount(1, $expected);
69
+		$this->assertContains('text/plain', $expected);
70
+
71
+		unlink($tmpFilePath);
72
+
73
+		// Test a physical ico file with capitalised extension
74
+		$tmpFile = [
75
+			'name' => 'favicon.ICO',
76
+			'tmp_name' => 'assets/favicon.ICO',
77
+		];
78
+
79
+		// Ensure that site configuration doesn't interfere with the test
80
+		$icoMimes = [
81
+			'ico' => [
82
+				'image/vnd.microsoft.icon',
83
+				'image/x-icon',
84
+				'image/x-ico'
85
+			]
86
+		];
87
+		Config::modify()->set(MimeUploadValidator::class, 'MimeTypes', $icoMimes);
88
+
89
+		$expected = $validator->getExpectedMimeTypes($tmpFile);
90
+		$this->assertCount(3, $expected);
91
+		$this->assertContains('image/x-icon', $expected);
92
+	}
93
+
94
+	public function testMimeComparison()
95
+	{
96
+		$validator = MimeUploadValidator::create();
97
+
98
+		$this->assertTrue($validator->compareMime('application/xhtml+xml', 'application/xml'));
99
+		$this->assertTrue($validator->compareMime('application/vnd.text', 'application/text'));
100
+		$this->assertTrue($validator->compareMime('application/vnd.vnd.text', 'application/text'));
101
+		$this->assertTrue($validator->compareMime('application/x-text', 'application/text'));
102
+		$this->assertTrue($validator->compareMime('application/gzip', 'application/gzip'));
103
+		$this->assertTrue($validator->compareMime('application/x-gzip', 'application/gzip'));
104
+		$this->assertFalse($validator->compareMime('application/png', 'application/json'));
105
+		$this->assertFalse($validator->compareMime('text/plain', 'text/json'));
106
+	}
107 107
 }
Please login to merge, or discard this patch.
src/MimeUploadValidator.php 1 patch
Indentation   +157 added lines, -157 removed lines patch added patch discarded remove patch
@@ -18,161 +18,161 @@
 block discarded – undo
18 18
  */
19 19
 class MimeUploadValidator extends Upload_Validator
20 20
 {
21
-    /**
22
-     * The preg_replace() pattern to use against MIME types. Used to strip out
23
-     * useless characters so matching of MIME types can be fuzzy.
24
-     *
25
-     * @var string Regexp pattern
26
-     */
27
-    protected $filterPattern = '/.*[\/\.\-\+]/i';
28
-
29
-    /**
30
-     * @param string $pattern
31
-     */
32
-    public function setFilterPattern($pattern)
33
-    {
34
-        $this->filterPattern = $pattern;
35
-    }
36
-
37
-    /**
38
-     * @return string
39
-     */
40
-    public function getFilterPattern()
41
-    {
42
-        return $this->filterPattern;
43
-    }
44
-
45
-    /**
46
-     * Check if the temporary file has a valid MIME type for it's extension.
47
-     *
48
-     * @uses finfo php extension
49
-     * @return bool|null
50
-     * @throws MimeUploadValidatorException
51
-     */
52
-    public function isValidMime()
53
-    {
54
-        $extension = strtolower(pathinfo($this->tmpFile['name'], PATHINFO_EXTENSION));
55
-
56
-        // we can't check filenames without an extension or no temp file path, let them pass validation.
57
-        if (!$extension || !$this->tmpFile['tmp_name']) {
58
-            return true;
59
-        }
60
-
61
-        $expectedMimes = $this->getExpectedMimeTypes($this->tmpFile);
62
-        if (empty($expectedMimes)) {
63
-            throw new MimeUploadValidatorException(
64
-                sprintf('Could not find a MIME type for extension %s', $extension)
65
-            );
66
-        }
67
-
68
-        $fileInfo = new finfo(FILEINFO_MIME_TYPE);
69
-        $foundMime = $fileInfo->file($this->tmpFile['tmp_name']);
70
-        if (!$foundMime) {
71
-            throw new MimeUploadValidatorException(
72
-                sprintf('Could not find a MIME type for file %s', $this->tmpFile['tmp_name'])
73
-            );
74
-        }
75
-
76
-        foreach ($expectedMimes as $expected) {
77
-            if ($this->compareMime($foundMime, $expected)) {
78
-                return true;
79
-            }
80
-        }
81
-
82
-        return false;
83
-    }
84
-
85
-    /**
86
-     * Fetches an array of valid mimetypes.
87
-     *
88
-     * @param $file
89
-     * @return array
90
-     * @throws MimeUploadValidatorException
91
-     */
92
-    public function getExpectedMimeTypes($file)
93
-    {
94
-        $extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
95
-
96
-        // if the finfo php extension isn't loaded, we can't complete this check.
97
-        if (!class_exists('finfo')) {
98
-            throw new MimeUploadValidatorException('PHP extension finfo is not loaded');
99
-        }
100
-
101
-        // Attempt to figure out which mime types are expected/acceptable here.
102
-        $expectedMimes = array();
103
-
104
-        // Get the mime types set in framework core
105
-        $knownMimes = Config::inst()->get(HTTP::class, 'MimeTypes');
106
-        if (isset($knownMimes[$extension])) {
107
-            $expectedMimes[] = $knownMimes[$extension];
108
-        }
109
-
110
-        // Get the mime types and their variations from mime validator
111
-        $knownMimes = $this->config()->get('MimeTypes');
112
-        if (isset($knownMimes[$extension])) {
113
-            $mimes = (array) $knownMimes[$extension];
114
-
115
-            foreach ($mimes as $mime) {
116
-                if (!in_array($mime, $expectedMimes)) {
117
-                    $expectedMimes[] = $mime;
118
-                }
119
-            }
120
-        }
121
-
122
-        return $expectedMimes;
123
-    }
124
-
125
-    /**
126
-     * Check two MIME types roughly match eachother.
127
-     *
128
-     * Before we check MIME types, remove known prefixes "vnd.", "x-" etc.
129
-     * If there is a suffix, we'll use that to compare. Examples:
130
-     *
131
-     * application/x-json = json
132
-     * application/json = json
133
-     * application/xhtml+xml = xml
134
-     * application/xml = xml
135
-     *
136
-     * @param string $first The first MIME type to compare to the second
137
-     * @param string $second The second MIME type to compare to the first
138
-     * @return boolean
139
-     */
140
-    public function compareMime($first, $second)
141
-    {
142
-        return preg_replace($this->filterPattern, '', $first) === preg_replace($this->filterPattern, '', $second);
143
-    }
144
-
145
-    public function validate()
146
-    {
147
-        if (parent::validate() === false) {
148
-            return false;
149
-        }
150
-
151
-        try {
152
-            $result = $this->isValidMime();
153
-            if ($result === false) {
154
-                $extension = strtolower(pathinfo($this->tmpFile['name'], PATHINFO_EXTENSION));
155
-                $this->errors[] = _t(
156
-                    __CLASS__ . '.INVALIDMIME',
157
-                    'File type does not match extension (.{extension})',
158
-                    [
159
-                        'extension' => $extension,
160
-                    ]
161
-                );
162
-
163
-                return false;
164
-            }
165
-        } catch (MimeUploadValidatorException $e) {
166
-            $this->errors[] = _t(
167
-                __CLASS__ . '.FAILEDMIMECHECK',
168
-                'MIME validation failed: {message}',
169
-                'Argument 1: Message about why MIME type detection failed',
170
-                ['message' => $e->getMessage()]
171
-            );
172
-
173
-            return false;
174
-        }
175
-
176
-        return true;
177
-    }
21
+	/**
22
+	 * The preg_replace() pattern to use against MIME types. Used to strip out
23
+	 * useless characters so matching of MIME types can be fuzzy.
24
+	 *
25
+	 * @var string Regexp pattern
26
+	 */
27
+	protected $filterPattern = '/.*[\/\.\-\+]/i';
28
+
29
+	/**
30
+	 * @param string $pattern
31
+	 */
32
+	public function setFilterPattern($pattern)
33
+	{
34
+		$this->filterPattern = $pattern;
35
+	}
36
+
37
+	/**
38
+	 * @return string
39
+	 */
40
+	public function getFilterPattern()
41
+	{
42
+		return $this->filterPattern;
43
+	}
44
+
45
+	/**
46
+	 * Check if the temporary file has a valid MIME type for it's extension.
47
+	 *
48
+	 * @uses finfo php extension
49
+	 * @return bool|null
50
+	 * @throws MimeUploadValidatorException
51
+	 */
52
+	public function isValidMime()
53
+	{
54
+		$extension = strtolower(pathinfo($this->tmpFile['name'], PATHINFO_EXTENSION));
55
+
56
+		// we can't check filenames without an extension or no temp file path, let them pass validation.
57
+		if (!$extension || !$this->tmpFile['tmp_name']) {
58
+			return true;
59
+		}
60
+
61
+		$expectedMimes = $this->getExpectedMimeTypes($this->tmpFile);
62
+		if (empty($expectedMimes)) {
63
+			throw new MimeUploadValidatorException(
64
+				sprintf('Could not find a MIME type for extension %s', $extension)
65
+			);
66
+		}
67
+
68
+		$fileInfo = new finfo(FILEINFO_MIME_TYPE);
69
+		$foundMime = $fileInfo->file($this->tmpFile['tmp_name']);
70
+		if (!$foundMime) {
71
+			throw new MimeUploadValidatorException(
72
+				sprintf('Could not find a MIME type for file %s', $this->tmpFile['tmp_name'])
73
+			);
74
+		}
75
+
76
+		foreach ($expectedMimes as $expected) {
77
+			if ($this->compareMime($foundMime, $expected)) {
78
+				return true;
79
+			}
80
+		}
81
+
82
+		return false;
83
+	}
84
+
85
+	/**
86
+	 * Fetches an array of valid mimetypes.
87
+	 *
88
+	 * @param $file
89
+	 * @return array
90
+	 * @throws MimeUploadValidatorException
91
+	 */
92
+	public function getExpectedMimeTypes($file)
93
+	{
94
+		$extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
95
+
96
+		// if the finfo php extension isn't loaded, we can't complete this check.
97
+		if (!class_exists('finfo')) {
98
+			throw new MimeUploadValidatorException('PHP extension finfo is not loaded');
99
+		}
100
+
101
+		// Attempt to figure out which mime types are expected/acceptable here.
102
+		$expectedMimes = array();
103
+
104
+		// Get the mime types set in framework core
105
+		$knownMimes = Config::inst()->get(HTTP::class, 'MimeTypes');
106
+		if (isset($knownMimes[$extension])) {
107
+			$expectedMimes[] = $knownMimes[$extension];
108
+		}
109
+
110
+		// Get the mime types and their variations from mime validator
111
+		$knownMimes = $this->config()->get('MimeTypes');
112
+		if (isset($knownMimes[$extension])) {
113
+			$mimes = (array) $knownMimes[$extension];
114
+
115
+			foreach ($mimes as $mime) {
116
+				if (!in_array($mime, $expectedMimes)) {
117
+					$expectedMimes[] = $mime;
118
+				}
119
+			}
120
+		}
121
+
122
+		return $expectedMimes;
123
+	}
124
+
125
+	/**
126
+	 * Check two MIME types roughly match eachother.
127
+	 *
128
+	 * Before we check MIME types, remove known prefixes "vnd.", "x-" etc.
129
+	 * If there is a suffix, we'll use that to compare. Examples:
130
+	 *
131
+	 * application/x-json = json
132
+	 * application/json = json
133
+	 * application/xhtml+xml = xml
134
+	 * application/xml = xml
135
+	 *
136
+	 * @param string $first The first MIME type to compare to the second
137
+	 * @param string $second The second MIME type to compare to the first
138
+	 * @return boolean
139
+	 */
140
+	public function compareMime($first, $second)
141
+	{
142
+		return preg_replace($this->filterPattern, '', $first) === preg_replace($this->filterPattern, '', $second);
143
+	}
144
+
145
+	public function validate()
146
+	{
147
+		if (parent::validate() === false) {
148
+			return false;
149
+		}
150
+
151
+		try {
152
+			$result = $this->isValidMime();
153
+			if ($result === false) {
154
+				$extension = strtolower(pathinfo($this->tmpFile['name'], PATHINFO_EXTENSION));
155
+				$this->errors[] = _t(
156
+					__CLASS__ . '.INVALIDMIME',
157
+					'File type does not match extension (.{extension})',
158
+					[
159
+						'extension' => $extension,
160
+					]
161
+				);
162
+
163
+				return false;
164
+			}
165
+		} catch (MimeUploadValidatorException $e) {
166
+			$this->errors[] = _t(
167
+				__CLASS__ . '.FAILEDMIMECHECK',
168
+				'MIME validation failed: {message}',
169
+				'Argument 1: Message about why MIME type detection failed',
170
+				['message' => $e->getMessage()]
171
+			);
172
+
173
+			return false;
174
+		}
175
+
176
+		return true;
177
+	}
178 178
 }
Please login to merge, or discard this patch.