FileValidator - Code Metrics - Inspection of "HTTP headers checks refactored to use PSR-7 abstra..." - yiisoft/yii2 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — 2.1 ( 3c16fa...722022 )

unknown

created 2017-09-08 12:13 UTC

FileValidator C

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	469
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	8

Test Coverage

Coverage

56.42%

Importance

Changes

Metric	Value
wmc	79
lcom	1
cbo	8
dl	0
loc	469
ccs	101
cts	179
cp	0.5642
rs	5.442
c	0
b	0
f	0

11 Methods

Rating	Name	Size	Complexity
F	init()	35	10
C	validateAttribute()	35	12
B	sizeToBytes()	16	7
B	validateExtension()	23	5
A	isEmpty()	5	3
A	clientValidateAttribute()	6	1
C	getClientOptions()	67	9
A	buildMimeTypeRegexp()	4	1
B	validateMimeType()	16	5
C	validateValue()	57	18
B	getSizeLimit()	20	8

How to fix Complexity

<?php
/**
 * @link http://www.yiiframework.com/
 * @copyright Copyright (c) 2008 Yii Software LLC
 * @license http://www.yiiframework.com/license/
 */

namespace yii\validators;

use Yii;
use yii\helpers\FileHelper;
use yii\helpers\Html;
use yii\helpers\Json;
use yii\web\JsExpression;
use yii\http\UploadedFile;

/**
 * FileValidator verifies if an attribute is receiving a valid uploaded file.
 *
 * Note that you should enable `fileinfo` PHP extension.
 *
 * @property int $sizeLimit The size limit for uploaded files. This property is read-only.
 *
 * @author Qiang Xue <[email protected]>
 * @since 2.0
 */
class FileValidator extends Validator
{
    /**
     * @var array|string a list of file name extensions that are allowed to be uploaded.
     * This can be either an array or a string consisting of file extension names
     * separated by space or comma (e.g. "gif, jpg").
     * Extension names are case-insensitive. Defaults to null, meaning all file name
     * extensions are allowed.
     * @see wrongExtension for the customized message for wrong file type.
     */
    public $extensions;
    /**
     * @var bool whether to check file type (extension) with mime-type. If extension produced by
     * file mime-type check differs from uploaded file extension, the file will be considered as invalid.
     */
    public $checkExtensionByMimeType = true;
    /**
     * @var array|string a list of file MIME types that are allowed to be uploaded.
     * This can be either an array or a string consisting of file MIME types
     * separated by space or comma (e.g. "text/plain, image/png").
     * The mask with the special character `*` can be used to match groups of mime types.
     * For example `image/*` will pass all mime types, that begin with `image/` (e.g. `image/jpeg`, `image/png`).
     * Mime type names are case-insensitive. Defaults to null, meaning all MIME types are allowed.
     * @see wrongMimeType for the customized message for wrong MIME type.
     */
    public $mimeTypes;
    /**
     * @var int the minimum number of bytes required for the uploaded file.
     * Defaults to null, meaning no limit.
     * @see tooSmall for the customized message for a file that is too small.
     */
    public $minSize;
    /**
     * @var int the maximum number of bytes required for the uploaded file.
     * Defaults to null, meaning no limit.
     * Note, the size limit is also affected by `upload_max_filesize` and `post_max_size` INI setting
     * and the 'MAX_FILE_SIZE' hidden field value. See [[getSizeLimit()]] for details.
     * @see http://php.net/manual/en/ini.core.php#ini.upload-max-filesize
     * @see http://php.net/post-max-size
     * @see getSizeLimit
     * @see tooBig for the customized message for a file that is too big.
     */
    public $maxSize;
    /**
     * @var int the maximum file count the given attribute can hold.
     * Defaults to 1, meaning single file upload. By defining a higher number,
     * multiple uploads become possible. Setting it to `0` means there is no limit on
     * the number of files that can be uploaded simultaneously.
     *
     * > Note: The maximum number of files allowed to be uploaded simultaneously is
     * also limited with PHP directive `max_file_uploads`, which defaults to 20.
     *
     * @see http://php.net/manual/en/ini.core.php#ini.max-file-uploads
     * @see tooMany for the customized message when too many files are uploaded.
     */
    public $maxFiles = 1;
    /**
     * @var string the error message used when a file is not uploaded correctly.
     */
    public $message;
    /**
     * @var string the error message used when no file is uploaded.
     * Note that this is the text of the validation error message. To make uploading files required,
     * you have to set [[skipOnEmpty]] to `false`.
     */
    public $uploadRequired;
    /**
     * @var string the error message used when the uploaded file is too large.
     * You may use the following tokens in the message:
     *
     * - {attribute}: the attribute name
     * - {file}: the uploaded file name
     * - {limit}: the maximum size allowed (see [[getSizeLimit()]])
     * - {formattedLimit}: the maximum size formatted
     *   with [[\yii\i18n\Formatter::asShortSize()|Formatter::asShortSize()]]
     */
    public $tooBig;
    /**
     * @var string the error message used when the uploaded file is too small.
     * You may use the following tokens in the message:
     *
     * - {attribute}: the attribute name
     * - {file}: the uploaded file name
     * - {limit}: the value of [[minSize]]
     * - {formattedLimit}: the value of [[minSize]] formatted
     *   with [[\yii\i18n\Formatter::asShortSize()|Formatter::asShortSize()]
     */
    public $tooSmall;
    /**
     * @var string the error message used if the count of multiple uploads exceeds limit.
     * You may use the following tokens in the message:
     *
     * - {attribute}: the attribute name
     * - {limit}: the value of [[maxFiles]]
     */
    public $tooMany;
    /**
     * @var string the error message used when the uploaded file has an extension name
     * that is not listed in [[extensions]]. You may use the following tokens in the message:
     *
     * - {attribute}: the attribute name
     * - {file}: the uploaded file name
     * - {extensions}: the list of the allowed extensions.
     */
    public $wrongExtension;
    /**
     * @var string the error message used when the file has an mime type
     * that is not allowed by [[mimeTypes]] property.
     * You may use the following tokens in the message:
     *
     * - {attribute}: the attribute name
     * - {file}: the uploaded file name
     * - {mimeTypes}: the value of [[mimeTypes]]
     */
    public $wrongMimeType;


    /**
     * @inheritdoc
     */
    public function init()
    {
        parent::init();
        if ($this->message === null) {
            $this->message = Yii::t('yii', 'File upload failed.');
        }
        if ($this->uploadRequired === null) {
            $this->uploadRequired = Yii::t('yii', 'Please upload a file.');
        }
        if ($this->tooMany === null) {
            $this->tooMany = Yii::t('yii', 'You can upload at most {limit, number} {limit, plural, one{file} other{files}}.');
        }
        if ($this->wrongExtension === null) {
            $this->wrongExtension = Yii::t('yii', 'Only files with these extensions are allowed: {extensions}.');
        }
        if ($this->tooBig === null) {
            $this->tooBig = Yii::t('yii', 'The file "{file}" is too big. Its size cannot exceed {formattedLimit}.');
        }
        if ($this->tooSmall === null) {
            $this->tooSmall = Yii::t('yii', 'The file "{file}" is too small. Its size cannot be smaller than {formattedLimit}.');
        }
        if (!is_array($this->extensions)) {
            $this->extensions = preg_split('/[\s,]+/', strtolower($this->extensions), -1, PREG_SPLIT_NO_EMPTY);
        } else {
            $this->extensions = array_map('strtolower', $this->extensions);
        }
        if ($this->wrongMimeType === null) {
            $this->wrongMimeType = Yii::t('yii', 'Only files with these MIME types are allowed: {mimeTypes}.');
        }
        if (!is_array($this->mimeTypes)) {
            $this->mimeTypes = preg_split('/[\s,]+/', strtolower($this->mimeTypes), -1, PREG_SPLIT_NO_EMPTY);
        } else {
            $this->mimeTypes = array_map('strtolower', $this->mimeTypes);
        }
    }

    /**
     * @inheritdoc
     */
    public function validateAttribute($model, $attribute)
    {
        if ($this->maxFiles != 1) {
            $files = $model->$attribute;
            if (!is_array($files)) {
                $this->addError($model, $attribute, $this->uploadRequired);

                return;
            }
            foreach ($files as $i => $file) {
                if (!$file instanceof UploadedFile || $file->error == UPLOAD_ERR_NO_FILE) {
                    unset($files[$i]);
                }
            }
            $model->$attribute = array_values($files);
            if (empty($files)) {
                $this->addError($model, $attribute, $this->uploadRequired);
            }
            if ($this->maxFiles && count($files) > $this->maxFiles) {
                $this->addError($model, $attribute, $this->tooMany, ['limit' => $this->maxFiles]);
            } else {
                foreach ($files as $file) {
                    $result = $this->validateValue($file);
                    if (!empty($result)) {
                        $this->addError($model, $attribute, $result[0], $result[1]);
                    }
                }
            }
        } else {
            $result = $this->validateValue($model->$attribute);
            if (!empty($result)) {
                $this->addError($model, $attribute, $result[0], $result[1]);
            }
        }
    }

    /**
     * @inheritdoc
     */
    protected function validateValue($value)
    {
        if (!$value instanceof UploadedFile || $value->getError() == UPLOAD_ERR_NO_FILE) {
            return [$this->uploadRequired, []];
        }

        switch ($value->error) {
            case UPLOAD_ERR_OK:
                if ($this->maxSize !== null && $value->size > $this->getSizeLimit()) {
                    return [
                        $this->tooBig,
                        [
                            'file' => $value->getClientFilename(),
                            'limit' => $this->getSizeLimit(),
                            'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
                        ],
                    ];
                } elseif ($this->minSize !== null && $value->size < $this->minSize) {
                    return [
                        $this->tooSmall,
                        [
                            'file' => $value->getClientFilename(),
                            'limit' => $this->minSize,
                            'formattedLimit' => Yii::$app->formatter->asShortSize($this->minSize),
                        ],
                    ];
                } elseif (!empty($this->extensions) && !$this->validateExtension($value)) {
                    return [$this->wrongExtension, ['file' => $value->getClientFilename(), 'extensions' => implode(', ', $this->extensions)]];
                } elseif (!empty($this->mimeTypes) && !$this->validateMimeType($value)) {
                    return [$this->wrongMimeType, ['file' => $value->getClientFilename(), 'mimeTypes' => implode(', ', $this->mimeTypes)]];
                }
                return null;
            case UPLOAD_ERR_INI_SIZE:
            case UPLOAD_ERR_FORM_SIZE:
                return [$this->tooBig, [
                    'file' => $value->getClientFilename(),
                    'limit' => $this->getSizeLimit(),
                    'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
                ]];
            case UPLOAD_ERR_PARTIAL:
                Yii::warning('File was only partially uploaded: ' . $value->getClientFilename(), __METHOD__);
                break;
            case UPLOAD_ERR_NO_TMP_DIR:
                Yii::warning('Missing the temporary folder to store the uploaded file: ' . $value->getClientFilename(), __METHOD__);
                break;
            case UPLOAD_ERR_CANT_WRITE:
                Yii::warning('Failed to write the uploaded file to disk: ' . $value->getClientFilename(), __METHOD__);
                break;
            case UPLOAD_ERR_EXTENSION:
                Yii::warning('File upload was stopped by some PHP extension: ' . $value->getClientFilename(), __METHOD__);
                break;
            default:
                break;
        }

        return [$this->message, []];
    }

    /**
     * Returns the maximum size allowed for uploaded files.
     * This is determined based on four factors:
     *
     * - 'upload_max_filesize' in php.ini
     * - 'post_max_size' in php.ini
     * - 'MAX_FILE_SIZE' hidden field
     * - [[maxSize]]
     *
     * @return int the size limit for uploaded files.
     */
    public function getSizeLimit()
    {
        // Get the lowest between post_max_size and upload_max_filesize, log a warning if the first is < than the latter
        $limit = $this->sizeToBytes(ini_get('upload_max_filesize'));
        $postLimit = $this->sizeToBytes(ini_get('post_max_size'));
        if ($postLimit > 0 && $postLimit < $limit) {
            Yii::warning('PHP.ini\'s \'post_max_size\' is less than \'upload_max_filesize\'.', __METHOD__);
            $limit = $postLimit;
        }
        if ($this->maxSize !== null && $limit > 0 && $this->maxSize < $limit) {
            $limit = $this->maxSize;
        }

        $maxFileSize = Yii::$app->getRequest()->getBodyParam('MAX_FILE_SIZE', 0);
        if ($maxFileSize > 0 && $maxFileSize < $limit) {
            $limit = (int)$maxFileSize;
        }

        return $limit;
    }

    /**
     * @inheritdoc
     * @param bool $trim
     */
    public function isEmpty($value, $trim = false)

    {
        $value = is_array($value) ? reset($value) : $value;
        return !($value instanceof UploadedFile) || $value->error == UPLOAD_ERR_NO_FILE;
    }

    /**
     * Converts php.ini style size to bytes
     *
     * @param string $sizeStr $sizeStr
     * @return int
     */
    private function sizeToBytes($sizeStr)
    {
        switch (substr($sizeStr, -1)) {
            case 'M':
            case 'm':
                return (int) $sizeStr * 1048576;
            case 'K':
            case 'k':
                return (int) $sizeStr * 1024;
            case 'G':
            case 'g':
                return (int) $sizeStr * 1073741824;
            default:
                return (int) $sizeStr;
        }
    }

    /**
     * Checks if given uploaded file have correct type (extension) according current validator settings.
     * @param UploadedFile $file
     * @return bool
     */
    protected function validateExtension($file)
    {
        $extension = mb_strtolower($file->extension, 'UTF-8');

        if ($this->checkExtensionByMimeType) {
            $mimeType = FileHelper::getMimeType($file->tempFilename, null, false);
            if ($mimeType === null) {
                return false;
            }

            $extensionsByMimeType = FileHelper::getExtensionsByMimeType($mimeType);

            if (!in_array($extension, $extensionsByMimeType, true)) {
                return false;
            }
        }

        if (!in_array($extension, $this->extensions, true)) {
            return false;
        }

        return true;
    }

    /**
     * @inheritdoc
     */
    public function clientValidateAttribute($model, $attribute, $view)
    {
        ValidationAsset::register($view);
        $options = $this->getClientOptions($model, $attribute);
        return 'yii.validation.file(attribute, messages, ' . Json::encode($options) . ');';
    }

    /**
     * @inheritdoc
     */
    public function getClientOptions($model, $attribute)
    {
        $label = $model->getAttributeLabel($attribute);

        $options = [];
        if ($this->message !== null) {
            $options['message'] = $this->formatMessage($this->message, [
                'attribute' => $label,
            ]);
        }

        $options['skipOnEmpty'] = $this->skipOnEmpty;

        if (!$this->skipOnEmpty) {
            $options['uploadRequired'] = $this->formatMessage($this->uploadRequired, [
                'attribute' => $label,
            ]);
        }

        if ($this->mimeTypes !== null) {
            $mimeTypes = [];
            foreach ($this->mimeTypes as $mimeType) {
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
                $mimeTypes[] = new JsExpression(Html::escapeJsRegularExpression($this->buildMimeTypeRegexp($mimeType)));
            }
            $options['mimeTypes'] = $mimeTypes;
            $options['wrongMimeType'] = $this->formatMessage($this->wrongMimeType, [
                'attribute' => $label,
                'mimeTypes' => implode(', ', $this->mimeTypes),
            ]);
        }

        if ($this->extensions !== null) {
            $options['extensions'] = $this->extensions;
            $options['wrongExtension'] = $this->formatMessage($this->wrongExtension, [
                'attribute' => $label,
                'extensions' => implode(', ', $this->extensions),
            ]);
        }

        if ($this->minSize !== null) {
            $options['minSize'] = $this->minSize;
            $options['tooSmall'] = $this->formatMessage($this->tooSmall, [
                'attribute' => $label,
                'limit' => $this->minSize,
                'formattedLimit' => Yii::$app->formatter->asShortSize($this->minSize),
            ]);
        }

        if ($this->maxSize !== null) {
            $options['maxSize'] = $this->maxSize;
            $options['tooBig'] = $this->formatMessage($this->tooBig, [
                'attribute' => $label,
                'limit' => $this->getSizeLimit(),
                'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
            ]);
        }

        if ($this->maxFiles !== null) {
            $options['maxFiles'] = $this->maxFiles;
            $options['tooMany'] = $this->formatMessage($this->tooMany, [
                'attribute' => $label,
                'limit' => $this->maxFiles,
            ]);
        }

        return $options;
    }

    /**
     * Builds the RegExp from the $mask
     *
     * @param string $mask
     * @return string the regular expression
     * @see mimeTypes
     */
    private function buildMimeTypeRegexp($mask)
    {
        return '/^' . str_replace('\*', '.*', preg_quote($mask, '/')) . '$/';
    }

    /**
     * Checks the mimeType of the $file against the list in the [[mimeTypes]] property
     *
     * @param UploadedFile $file
     * @return bool whether the $file mimeType is allowed
     * @throws \yii\base\InvalidConfigException
     * @see mimeTypes
     * @since 2.0.8
     */
    protected function validateMimeType($file)
    {
        $fileMimeType = FileHelper::getMimeType($file->tempFilename);

        foreach ($this->mimeTypes as $mimeType) {
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
            if ($mimeType === $fileMimeType) {
                return true;
            }

            if (strpos($mimeType, '*') !== false && preg_match($this->buildMimeTypeRegexp($mimeType), $fileMimeType)) {
                return true;
            }
        }

        return false;
    }
}


1		<?php
2		/**
3		* @link http://www.yiiframework.com/
4		* @copyright Copyright (c) 2008 Yii Software LLC
5		* @license http://www.yiiframework.com/license/
6		*/
7
8		namespace yii\validators;
9
10		use Yii;
11		use yii\helpers\FileHelper;
12		use yii\helpers\Html;
13		use yii\helpers\Json;
14		use yii\web\JsExpression;
15		use yii\http\UploadedFile;
16
17		/**
18		* FileValidator verifies if an attribute is receiving a valid uploaded file.
19		*
20		* Note that you should enable `fileinfo` PHP extension.
21		*
22		* @property int $sizeLimit The size limit for uploaded files. This property is read-only.
23		*
24		* @author Qiang Xue <[email protected]>
25		* @since 2.0
26		*/
27		class FileValidator extends Validator
28		{
29		/**
30		* @var array\|string a list of file name extensions that are allowed to be uploaded.
31		* This can be either an array or a string consisting of file extension names
32		* separated by space or comma (e.g. "gif, jpg").
33		* Extension names are case-insensitive. Defaults to null, meaning all file name
34		* extensions are allowed.
35		* @see wrongExtension for the customized message for wrong file type.
36		*/
37		public $extensions;
38		/**
39		* @var bool whether to check file type (extension) with mime-type. If extension produced by
40		* file mime-type check differs from uploaded file extension, the file will be considered as invalid.
41		*/
42		public $checkExtensionByMimeType = true;
43		/**
44		* @var array\|string a list of file MIME types that are allowed to be uploaded.
45		* This can be either an array or a string consisting of file MIME types
46		* separated by space or comma (e.g. "text/plain, image/png").
47		* The mask with the special character `*` can be used to match groups of mime types.
48		* For example `image/*` will pass all mime types, that begin with `image/` (e.g. `image/jpeg`, `image/png`).
49		* Mime type names are case-insensitive. Defaults to null, meaning all MIME types are allowed.
50		* @see wrongMimeType for the customized message for wrong MIME type.
51		*/
52		public $mimeTypes;
53		/**
54		* @var int the minimum number of bytes required for the uploaded file.
55		* Defaults to null, meaning no limit.
56		* @see tooSmall for the customized message for a file that is too small.
57		*/
58		public $minSize;
59		/**
60		* @var int the maximum number of bytes required for the uploaded file.
61		* Defaults to null, meaning no limit.
62		* Note, the size limit is also affected by `upload_max_filesize` and `post_max_size` INI setting
63		* and the 'MAX_FILE_SIZE' hidden field value. See [[getSizeLimit()]] for details.
64		* @see http://php.net/manual/en/ini.core.php#ini.upload-max-filesize
65		* @see http://php.net/post-max-size
66		* @see getSizeLimit
67		* @see tooBig for the customized message for a file that is too big.
68		*/
69		public $maxSize;
70		/**
71		* @var int the maximum file count the given attribute can hold.
72		* Defaults to 1, meaning single file upload. By defining a higher number,
73		* multiple uploads become possible. Setting it to `0` means there is no limit on
74		* the number of files that can be uploaded simultaneously.
75		*
76		* > Note: The maximum number of files allowed to be uploaded simultaneously is
77		* also limited with PHP directive `max_file_uploads`, which defaults to 20.
78		*
79		* @see http://php.net/manual/en/ini.core.php#ini.max-file-uploads
80		* @see tooMany for the customized message when too many files are uploaded.
81		*/
82		public $maxFiles = 1;
83		/**
84		* @var string the error message used when a file is not uploaded correctly.
85		*/
86		public $message;
87		/**
88		* @var string the error message used when no file is uploaded.
89		* Note that this is the text of the validation error message. To make uploading files required,
90		* you have to set [[skipOnEmpty]] to `false`.
91		*/
92		public $uploadRequired;
93		/**
94		* @var string the error message used when the uploaded file is too large.
95		* You may use the following tokens in the message:
96		*
97		* - {attribute}: the attribute name
98		* - {file}: the uploaded file name
99		* - {limit}: the maximum size allowed (see [[getSizeLimit()]])
100		* - {formattedLimit}: the maximum size formatted
101		* with [[\yii\i18n\Formatter::asShortSize()\|Formatter::asShortSize()]]
102		*/
103		public $tooBig;
104		/**
105		* @var string the error message used when the uploaded file is too small.
106		* You may use the following tokens in the message:
107		*
108		* - {attribute}: the attribute name
109		* - {file}: the uploaded file name
110		* - {limit}: the value of [[minSize]]
111		* - {formattedLimit}: the value of [[minSize]] formatted
112		* with [[\yii\i18n\Formatter::asShortSize()\|Formatter::asShortSize()]
113		*/
114		public $tooSmall;
115		/**
116		* @var string the error message used if the count of multiple uploads exceeds limit.
117		* You may use the following tokens in the message:
118		*
119		* - {attribute}: the attribute name
120		* - {limit}: the value of [[maxFiles]]
121		*/
122		public $tooMany;
123		/**
124		* @var string the error message used when the uploaded file has an extension name
125		* that is not listed in [[extensions]]. You may use the following tokens in the message:
126		*
127		* - {attribute}: the attribute name
128		* - {file}: the uploaded file name
129		* - {extensions}: the list of the allowed extensions.
130		*/
131		public $wrongExtension;
132		/**
133		* @var string the error message used when the file has an mime type
134		* that is not allowed by [[mimeTypes]] property.
135		* You may use the following tokens in the message:
136		*
137		* - {attribute}: the attribute name
138		* - {file}: the uploaded file name
139		* - {mimeTypes}: the value of [[mimeTypes]]
140		*/
141		public $wrongMimeType;
142
143
144		/**
145		* @inheritdoc
146		*/
147	22	public function init()
148		{
149	22	parent::init();
150	22	if ($this->message === null) {
151	22	$this->message = Yii::t('yii', 'File upload failed.');
152		}
153	22	if ($this->uploadRequired === null) {
154	22	$this->uploadRequired = Yii::t('yii', 'Please upload a file.');
155		}
156	22	if ($this->tooMany === null) {
157	22	$this->tooMany = Yii::t('yii', 'You can upload at most {limit, number} {limit, plural, one{file} other{files}}.');
158		}
159	22	if ($this->wrongExtension === null) {
160	22	$this->wrongExtension = Yii::t('yii', 'Only files with these extensions are allowed: {extensions}.');
161		}
162	22	if ($this->tooBig === null) {
163	22	$this->tooBig = Yii::t('yii', 'The file "{file}" is too big. Its size cannot exceed {formattedLimit}.');
164		}
165	22	if ($this->tooSmall === null) {
166	22	$this->tooSmall = Yii::t('yii', 'The file "{file}" is too small. Its size cannot be smaller than {formattedLimit}.');
167		}
168	22	if (!is_array($this->extensions)) {
169	21	$this->extensions = preg_split('/[\s,]+/', strtolower($this->extensions), -1, PREG_SPLIT_NO_EMPTY);
170		} else {
171	3	$this->extensions = array_map('strtolower', $this->extensions);
172		}
173	22	if ($this->wrongMimeType === null) {
174	22	$this->wrongMimeType = Yii::t('yii', 'Only files with these MIME types are allowed: {mimeTypes}.');
175		}
176	22	if (!is_array($this->mimeTypes)) {
177	22	$this->mimeTypes = preg_split('/[\s,]+/', strtolower($this->mimeTypes), -1, PREG_SPLIT_NO_EMPTY);
178		} else {
179	1	$this->mimeTypes = array_map('strtolower', $this->mimeTypes);
180		}
181	22	}
182
183		/**
184		* @inheritdoc
185		*/
186	7	public function validateAttribute($model, $attribute)
187		{
188	7	if ($this->maxFiles != 1) {
189	1	$files = $model->$attribute;
190	1	if (!is_array($files)) {
191	1	$this->addError($model, $attribute, $this->uploadRequired);
192
193	1	return;
194		}
195	1	foreach ($files as $i => $file) {
196	1	if (!$file instanceof UploadedFile \|\| $file->error == UPLOAD_ERR_NO_FILE) {
197	1	unset($files[$i]);
198		}
199		}
200	1	$model->$attribute = array_values($files);
201	1	if (empty($files)) {
202	1	$this->addError($model, $attribute, $this->uploadRequired);
203		}
204	1	if ($this->maxFiles && count($files) > $this->maxFiles) {
205	1	$this->addError($model, $attribute, $this->tooMany, ['limit' => $this->maxFiles]);
206		} else {
207	1	foreach ($files as $file) {
208	1	$result = $this->validateValue($file);
209	1	if (!empty($result)) {
210	1	$this->addError($model, $attribute, $result[0], $result[1]);
211		}
212		}
213		}
214		} else {
215	7	$result = $this->validateValue($model->$attribute);
216	7	if (!empty($result)) {
217	7	$this->addError($model, $attribute, $result[0], $result[1]);
218		}
219		}
220	7	}
221
222		/**
223		* @inheritdoc
224		*/
225	18	protected function validateValue($value)
226		{
227	18	if (!$value instanceof UploadedFile \|\| $value->getError() == UPLOAD_ERR_NO_FILE) {
228	1	return [$this->uploadRequired, []];
229		}
230
231	18	switch ($value->error) {
232	18	case UPLOAD_ERR_OK:
233	14	if ($this->maxSize !== null && $value->size > $this->getSizeLimit()) {
234		return [
235		$this->tooBig,
236		[
237		'file' => $value->getClientFilename(),
238		'limit' => $this->getSizeLimit(),
239		'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
240		],
241		];
242	14	} elseif ($this->minSize !== null && $value->size < $this->minSize) {
243		return [
244		$this->tooSmall,
245		[
246		'file' => $value->getClientFilename(),
247		'limit' => $this->minSize,
248		'formattedLimit' => Yii::$app->formatter->asShortSize($this->minSize),
249		],
250		];
251	14	} elseif (!empty($this->extensions) && !$this->validateExtension($value)) {
252	2	return [$this->wrongExtension, ['file' => $value->getClientFilename(), 'extensions' => implode(', ', $this->extensions)]];
253	14	} elseif (!empty($this->mimeTypes) && !$this->validateMimeType($value)) {
254	4	return [$this->wrongMimeType, ['file' => $value->getClientFilename(), 'mimeTypes' => implode(', ', $this->mimeTypes)]];
255		}
256	10	return null;
257	4	case UPLOAD_ERR_INI_SIZE:
258	4	case UPLOAD_ERR_FORM_SIZE:
259		return [$this->tooBig, [
260		'file' => $value->getClientFilename(),
261		'limit' => $this->getSizeLimit(),
262		'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
263		]];
264	4	case UPLOAD_ERR_PARTIAL:
265	1	Yii::warning('File was only partially uploaded: ' . $value->getClientFilename(), __METHOD__);
266	1	break;
267	3	case UPLOAD_ERR_NO_TMP_DIR:
268	1	Yii::warning('Missing the temporary folder to store the uploaded file: ' . $value->getClientFilename(), __METHOD__);
269	1	break;
270	2	case UPLOAD_ERR_CANT_WRITE:
271	1	Yii::warning('Failed to write the uploaded file to disk: ' . $value->getClientFilename(), __METHOD__);
272	1	break;
273	1	case UPLOAD_ERR_EXTENSION:
274	1	Yii::warning('File upload was stopped by some PHP extension: ' . $value->getClientFilename(), __METHOD__);
275	1	break;
276		default:
277		break;
278		}
279
280	4	return [$this->message, []];
281		}
282
283		/**
284		* Returns the maximum size allowed for uploaded files.
285		* This is determined based on four factors:
286		*
287		* - 'upload_max_filesize' in php.ini
288		* - 'post_max_size' in php.ini
289		* - 'MAX_FILE_SIZE' hidden field
290		* - [[maxSize]]
291		*
292		* @return int the size limit for uploaded files.
293		*/
294	1	public function getSizeLimit()
295		{
296		// Get the lowest between post_max_size and upload_max_filesize, log a warning if the first is < than the latter
297	1	$limit = $this->sizeToBytes(ini_get('upload_max_filesize'));
298	1	$postLimit = $this->sizeToBytes(ini_get('post_max_size'));
299	1	if ($postLimit > 0 && $postLimit < $limit) {
300		Yii::warning('PHP.ini\'s \'post_max_size\' is less than \'upload_max_filesize\'.', __METHOD__);
301		$limit = $postLimit;
302		}
303	1	if ($this->maxSize !== null && $limit > 0 && $this->maxSize < $limit) {
304	1	$limit = $this->maxSize;
305		}
306
307	1	$maxFileSize = Yii::$app->getRequest()->getBodyParam('MAX_FILE_SIZE', 0);
308		if ($maxFileSize > 0 && $maxFileSize < $limit) {
309		$limit = (int)$maxFileSize;
310		}
311
312		return $limit;
313		}
314
315		/**
316		* @inheritdoc
317		* @param bool $trim
318		*/
319	1	public function isEmpty($value, $trim = false)
		0 ignored issues – show Unused Code introduced 2017-07-31 08:57 UTC by Report Bug Copy Issue Report The parameter `$trim` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
320		{
321	1	$value = is_array($value) ? reset($value) : $value;
322	1	return !($value instanceof UploadedFile) \|\| $value->error == UPLOAD_ERR_NO_FILE;
323		}
324
325		/**
326		* Converts php.ini style size to bytes
327		*
328		* @param string $sizeStr $sizeStr
329		* @return int
330		*/
331	1	private function sizeToBytes($sizeStr)
332		{
333	1	switch (substr($sizeStr, -1)) {
334	1	case 'M':
335		case 'm':
336	1	return (int) $sizeStr * 1048576;
337		case 'K':
338		case 'k':
339		return (int) $sizeStr * 1024;
340		case 'G':
341		case 'g':
342		return (int) $sizeStr * 1073741824;
343		default:
344		return (int) $sizeStr;
345		}
346		}
347
348		/**
349		* Checks if given uploaded file have correct type (extension) according current validator settings.
350		* @param UploadedFile $file
351		* @return bool
352		*/
353	2	protected function validateExtension($file)
354		{
355	2	$extension = mb_strtolower($file->extension, 'UTF-8');
356
357	2	if ($this->checkExtensionByMimeType) {
358		$mimeType = FileHelper::getMimeType($file->tempFilename, null, false);
359		if ($mimeType === null) {
360		return false;
361		}
362
363		$extensionsByMimeType = FileHelper::getExtensionsByMimeType($mimeType);
364
365		if (!in_array($extension, $extensionsByMimeType, true)) {
366		return false;
367		}
368		}
369
370	2	if (!in_array($extension, $this->extensions, true)) {
371	2	return false;
372		}
373
374	2	return true;
375		}
376
377		/**
378		* @inheritdoc
379		*/
380		public function clientValidateAttribute($model, $attribute, $view)
381		{
382		ValidationAsset::register($view);
383		$options = $this->getClientOptions($model, $attribute);
384		return 'yii.validation.file(attribute, messages, ' . Json::encode($options) . ');';
385		}
386
387		/**
388		* @inheritdoc
389		*/
390		public function getClientOptions($model, $attribute)
391		{
392		$label = $model->getAttributeLabel($attribute);
393
394		$options = [];
395		if ($this->message !== null) {
396		$options['message'] = $this->formatMessage($this->message, [
397		'attribute' => $label,
398		]);
399		}
400
401		$options['skipOnEmpty'] = $this->skipOnEmpty;
402
403		if (!$this->skipOnEmpty) {
404		$options['uploadRequired'] = $this->formatMessage($this->uploadRequired, [
405		'attribute' => $label,
406		]);
407		}
408
409		if ($this->mimeTypes !== null) {
410		$mimeTypes = [];
411		foreach ($this->mimeTypes as $mimeType) {
		0 ignored issues – show Bug introduced 2017-03-15 02:03 UTC by Report Bug Copy Issue Report The expression `$this->mimeTypes` of type `array\|string` is not guaranteed to be traversable. How about adding an additional type check? There are different options of fixing this problem. If you want to be on the safe side, you can add an additional type-check: $collection = json_decode($data, true); if ( ! is_array($collection)) { throw new \RuntimeException('$collection must be an array.'); } foreach ($collection as $item) { /** ... / } If you are sure that the expression is traversable, you might want to add a doc comment cast* to improve IDE auto-completion and static analysis: /** @var array $collection / $collection = json_decode($data, true); foreach ($collection as $item) { /* .. / } Mark the issue as a false-positive*: Just hover the remove button, in the top-right corner of this issue for more options. Loading history...
412		$mimeTypes[] = new JsExpression(Html::escapeJsRegularExpression($this->buildMimeTypeRegexp($mimeType)));
413		}
414		$options['mimeTypes'] = $mimeTypes;
415		$options['wrongMimeType'] = $this->formatMessage($this->wrongMimeType, [
416		'attribute' => $label,
417		'mimeTypes' => implode(', ', $this->mimeTypes),
418		]);
419		}
420
421		if ($this->extensions !== null) {
422		$options['extensions'] = $this->extensions;
423		$options['wrongExtension'] = $this->formatMessage($this->wrongExtension, [
424		'attribute' => $label,
425		'extensions' => implode(', ', $this->extensions),
426		]);
427		}
428
429		if ($this->minSize !== null) {
430		$options['minSize'] = $this->minSize;
431		$options['tooSmall'] = $this->formatMessage($this->tooSmall, [
432		'attribute' => $label,
433		'limit' => $this->minSize,
434		'formattedLimit' => Yii::$app->formatter->asShortSize($this->minSize),
435		]);
436		}
437
438		if ($this->maxSize !== null) {
439		$options['maxSize'] = $this->maxSize;
440		$options['tooBig'] = $this->formatMessage($this->tooBig, [
441		'attribute' => $label,
442		'limit' => $this->getSizeLimit(),
443		'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
444		]);
445		}
446
447		if ($this->maxFiles !== null) {
448		$options['maxFiles'] = $this->maxFiles;
449		$options['tooMany'] = $this->formatMessage($this->tooMany, [
450		'attribute' => $label,
451		'limit' => $this->maxFiles,
452		]);
453		}
454
455		return $options;
456		}
457
458		/**
459		* Builds the RegExp from the $mask
460		*
461		* @param string $mask
462		* @return string the regular expression
463		* @see mimeTypes
464		*/
465	10	private function buildMimeTypeRegexp($mask)
466		{
467	10	return '/^' . str_replace('\', '.', preg_quote($mask, '/')) . '$/';
468		}
469
470		/**
471		* Checks the mimeType of the $file against the list in the [[mimeTypes]] property
472		*
473		* @param UploadedFile $file
474		* @return bool whether the $file mimeType is allowed
475		* @throws \yii\base\InvalidConfigException
476		* @see mimeTypes
477		* @since 2.0.8
478		*/
479	11	protected function validateMimeType($file)
480		{
481	11	$fileMimeType = FileHelper::getMimeType($file->tempFilename);
482
483	11	foreach ($this->mimeTypes as $mimeType) {
		0 ignored issues – show Bug introduced 2016-11-16 07:52 UTC by Report Bug Copy Issue Report The expression `$this->mimeTypes` of type `array\|string` is not guaranteed to be traversable. How about adding an additional type check? There are different options of fixing this problem. If you want to be on the safe side, you can add an additional type-check: $collection = json_decode($data, true); if ( ! is_array($collection)) { throw new \RuntimeException('$collection must be an array.'); } foreach ($collection as $item) { /** ... / } If you are sure that the expression is traversable, you might want to add a doc comment cast* to improve IDE auto-completion and static analysis: /** @var array $collection / $collection = json_decode($data, true); foreach ($collection as $item) { /* .. / } Mark the issue as a false-positive*: Just hover the remove button, in the top-right corner of this issue for more options. Loading history...
484	11	if ($mimeType === $fileMimeType) {
485		return true;
486		}
487
488	11	if (strpos($mimeType, '*') !== false && preg_match($this->buildMimeTypeRegexp($mimeType), $fileMimeType)) {
489	11	return true;
490		}
491		}
492
493	4	return false;
494		}
495		}
496

yiisoft / yii2

Push — 2.1 ( 3c16fa...722022 )

FileValidator C

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

11 Methods

How to fix Complexity

Complex Class

Duplication Side-by-Side

Filter issues like