FileValidator - Code Metrics - Inspection of "Move uploaded files inside Request (#14801)" - yiisoft/yii2 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — 2.1 ( 885479...e0a7ba )

unknown

created 2017-09-14 10:53 UTC

FileValidator D

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	471
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	8

Test Coverage

Coverage

65%

Importance

Changes

Metric	Value
wmc	80
lcom	1
cbo	8
dl	0
loc	471
ccs	117
cts	180
cp	0.65
rs	4.8717
c	0
b	0
f	0

11 Methods

Rating	Name	Size	Complexity
A	buildMimeTypeRegexp()	4	1
F	init()	35	10
C	validateAttribute()	35	12
C	validateValue()	57	18
C	getSizeLimit()	22	9
A	isEmpty()	5	3
B	sizeToBytes()	16	7
B	validateExtension()	23	5
A	clientValidateAttribute()	6	1
C	getClientOptions()	67	9
B	validateMimeType()	16	5

How to fix Complexity

<?php
/**
 * @link http://www.yiiframework.com/
 * @copyright Copyright (c) 2008 Yii Software LLC
 * @license http://www.yiiframework.com/license/
 */

namespace yii\validators;

use Yii;
use yii\helpers\FileHelper;
use yii\helpers\Html;
use yii\helpers\Json;
use yii\web\JsExpression;
use yii\http\UploadedFile;

/**
 * FileValidator verifies if an attribute is receiving a valid uploaded file.
 *
 * Note that you should enable `fileinfo` PHP extension.
 *
 * @property int $sizeLimit The size limit for uploaded files. This property is read-only.
 *
 * @author Qiang Xue <[email protected]>
 * @since 2.0
 */
class FileValidator extends Validator
{
    /**
     * @var array|string a list of file name extensions that are allowed to be uploaded.
     * This can be either an array or a string consisting of file extension names
     * separated by space or comma (e.g. "gif, jpg").
     * Extension names are case-insensitive. Defaults to null, meaning all file name
     * extensions are allowed.
     * @see wrongExtension for the customized message for wrong file type.
     */
    public $extensions;
    /**
     * @var bool whether to check file type (extension) with mime-type. If extension produced by
     * file mime-type check differs from uploaded file extension, the file will be considered as invalid.
     */
    public $checkExtensionByMimeType = true;
    /**
     * @var array|string a list of file MIME types that are allowed to be uploaded.
     * This can be either an array or a string consisting of file MIME types
     * separated by space or comma (e.g. "text/plain, image/png").
     * The mask with the special character `*` can be used to match groups of mime types.
     * For example `image/*` will pass all mime types, that begin with `image/` (e.g. `image/jpeg`, `image/png`).
     * Mime type names are case-insensitive. Defaults to null, meaning all MIME types are allowed.
     * @see wrongMimeType for the customized message for wrong MIME type.
     */
    public $mimeTypes;
    /**
     * @var int the minimum number of bytes required for the uploaded file.
     * Defaults to null, meaning no limit.
     * @see tooSmall for the customized message for a file that is too small.
     */
    public $minSize;
    /**
     * @var int the maximum number of bytes required for the uploaded file.
     * Defaults to null, meaning no limit.
     * Note, the size limit is also affected by `upload_max_filesize` and `post_max_size` INI setting
     * and the 'MAX_FILE_SIZE' hidden field value. See [[getSizeLimit()]] for details.
     * @see http://php.net/manual/en/ini.core.php#ini.upload-max-filesize
     * @see http://php.net/post-max-size
     * @see getSizeLimit
     * @see tooBig for the customized message for a file that is too big.
     */
    public $maxSize;
    /**
     * @var int the maximum file count the given attribute can hold.
     * Defaults to 1, meaning single file upload. By defining a higher number,
     * multiple uploads become possible. Setting it to `0` means there is no limit on
     * the number of files that can be uploaded simultaneously.
     *
     * > Note: The maximum number of files allowed to be uploaded simultaneously is
     * also limited with PHP directive `max_file_uploads`, which defaults to 20.
     *
     * @see http://php.net/manual/en/ini.core.php#ini.max-file-uploads
     * @see tooMany for the customized message when too many files are uploaded.
     */
    public $maxFiles = 1;
    /**
     * @var string the error message used when a file is not uploaded correctly.
     */
    public $message;
    /**
     * @var string the error message used when no file is uploaded.
     * Note that this is the text of the validation error message. To make uploading files required,
     * you have to set [[skipOnEmpty]] to `false`.
     */
    public $uploadRequired;
    /**
     * @var string the error message used when the uploaded file is too large.
     * You may use the following tokens in the message:
     *
     * - {attribute}: the attribute name
     * - {file}: the uploaded file name
     * - {limit}: the maximum size allowed (see [[getSizeLimit()]])
     * - {formattedLimit}: the maximum size formatted
     *   with [[\yii\i18n\Formatter::asShortSize()|Formatter::asShortSize()]]
     */
    public $tooBig;
    /**
     * @var string the error message used when the uploaded file is too small.
     * You may use the following tokens in the message:
     *
     * - {attribute}: the attribute name
     * - {file}: the uploaded file name
     * - {limit}: the value of [[minSize]]
     * - {formattedLimit}: the value of [[minSize]] formatted
     *   with [[\yii\i18n\Formatter::asShortSize()|Formatter::asShortSize()]
     */
    public $tooSmall;
    /**
     * @var string the error message used if the count of multiple uploads exceeds limit.
     * You may use the following tokens in the message:
     *
     * - {attribute}: the attribute name
     * - {limit}: the value of [[maxFiles]]
     */
    public $tooMany;
    /**
     * @var string the error message used when the uploaded file has an extension name
     * that is not listed in [[extensions]]. You may use the following tokens in the message:
     *
     * - {attribute}: the attribute name
     * - {file}: the uploaded file name
     * - {extensions}: the list of the allowed extensions.
     */
    public $wrongExtension;
    /**
     * @var string the error message used when the file has an mime type
     * that is not allowed by [[mimeTypes]] property.
     * You may use the following tokens in the message:
     *
     * - {attribute}: the attribute name
     * - {file}: the uploaded file name
     * - {mimeTypes}: the value of [[mimeTypes]]
     */
    public $wrongMimeType;


    /**
     * @inheritdoc
     */
    public function init()
    {
        parent::init();
        if ($this->message === null) {
            $this->message = Yii::t('yii', 'File upload failed.');
        }
        if ($this->uploadRequired === null) {
            $this->uploadRequired = Yii::t('yii', 'Please upload a file.');
        }
        if ($this->tooMany === null) {
            $this->tooMany = Yii::t('yii', 'You can upload at most {limit, number} {limit, plural, one{file} other{files}}.');
        }
        if ($this->wrongExtension === null) {
            $this->wrongExtension = Yii::t('yii', 'Only files with these extensions are allowed: {extensions}.');
        }
        if ($this->tooBig === null) {
            $this->tooBig = Yii::t('yii', 'The file "{file}" is too big. Its size cannot exceed {formattedLimit}.');
        }
        if ($this->tooSmall === null) {
            $this->tooSmall = Yii::t('yii', 'The file "{file}" is too small. Its size cannot be smaller than {formattedLimit}.');
        }
        if (!is_array($this->extensions)) {
            $this->extensions = preg_split('/[\s,]+/', strtolower($this->extensions), -1, PREG_SPLIT_NO_EMPTY);
        } else {
            $this->extensions = array_map('strtolower', $this->extensions);
        }
        if ($this->wrongMimeType === null) {
            $this->wrongMimeType = Yii::t('yii', 'Only files with these MIME types are allowed: {mimeTypes}.');
        }
        if (!is_array($this->mimeTypes)) {
            $this->mimeTypes = preg_split('/[\s,]+/', strtolower($this->mimeTypes), -1, PREG_SPLIT_NO_EMPTY);
        } else {
            $this->mimeTypes = array_map('strtolower', $this->mimeTypes);
        }
    }

    /**
     * @inheritdoc
     */
    public function validateAttribute($model, $attribute)
    {
        if ($this->maxFiles != 1) {
            $files = $model->$attribute;
            if (!is_array($files)) {
                $this->addError($model, $attribute, $this->uploadRequired);

                return;
            }
            foreach ($files as $i => $file) {
                if (!$file instanceof UploadedFile || $file->error == UPLOAD_ERR_NO_FILE) {
                    unset($files[$i]);
                }
            }
            $model->$attribute = array_values($files);
            if (empty($files)) {
                $this->addError($model, $attribute, $this->uploadRequired);
            }
            if ($this->maxFiles && count($files) > $this->maxFiles) {
                $this->addError($model, $attribute, $this->tooMany, ['limit' => $this->maxFiles]);
            } else {
                foreach ($files as $file) {
                    $result = $this->validateValue($file);
                    if (!empty($result)) {
                        $this->addError($model, $attribute, $result[0], $result[1]);
                    }
                }
            }
        } else {
            $result = $this->validateValue($model->$attribute);
            if (!empty($result)) {
                $this->addError($model, $attribute, $result[0], $result[1]);
            }
        }
    }

    /**
     * @inheritdoc
     */
    protected function validateValue($value)
    {
        if (!$value instanceof UploadedFile || $value->getError() == UPLOAD_ERR_NO_FILE) {
            return [$this->uploadRequired, []];
        }

        switch ($value->error) {
            case UPLOAD_ERR_OK:
                if ($this->maxSize !== null && $value->size > $this->getSizeLimit()) {
                    return [
                        $this->tooBig,
                        [
                            'file' => $value->getClientFilename(),
                            'limit' => $this->getSizeLimit(),
                            'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
                        ],
                    ];
                } elseif ($this->minSize !== null && $value->size < $this->minSize) {
                    return [
                        $this->tooSmall,
                        [
                            'file' => $value->getClientFilename(),
                            'limit' => $this->minSize,
                            'formattedLimit' => Yii::$app->formatter->asShortSize($this->minSize),
                        ],
                    ];
                } elseif (!empty($this->extensions) && !$this->validateExtension($value)) {
                    return [$this->wrongExtension, ['file' => $value->getClientFilename(), 'extensions' => implode(', ', $this->extensions)]];
                } elseif (!empty($this->mimeTypes) && !$this->validateMimeType($value)) {
                    return [$this->wrongMimeType, ['file' => $value->getClientFilename(), 'mimeTypes' => implode(', ', $this->mimeTypes)]];
                }
                return null;
            case UPLOAD_ERR_INI_SIZE:
            case UPLOAD_ERR_FORM_SIZE:
                return [$this->tooBig, [
                    'file' => $value->getClientFilename(),
                    'limit' => $this->getSizeLimit(),
                    'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
                ]];
            case UPLOAD_ERR_PARTIAL:
                Yii::warning('File was only partially uploaded: ' . $value->getClientFilename(), __METHOD__);
                break;
            case UPLOAD_ERR_NO_TMP_DIR:
                Yii::warning('Missing the temporary folder to store the uploaded file: ' . $value->getClientFilename(), __METHOD__);
                break;
            case UPLOAD_ERR_CANT_WRITE:
                Yii::warning('Failed to write the uploaded file to disk: ' . $value->getClientFilename(), __METHOD__);
                break;
            case UPLOAD_ERR_EXTENSION:
                Yii::warning('File upload was stopped by some PHP extension: ' . $value->getClientFilename(), __METHOD__);
                break;
            default:
                break;
        }

        return [$this->message, []];
    }

    /**
     * Returns the maximum size allowed for uploaded files.
     * This is determined based on four factors:
     *
     * - 'upload_max_filesize' in php.ini
     * - 'post_max_size' in php.ini
     * - 'MAX_FILE_SIZE' hidden field
     * - [[maxSize]]
     *
     * @return int the size limit for uploaded files.
     */
    public function getSizeLimit()
    {
        // Get the lowest between post_max_size and upload_max_filesize, log a warning if the first is < than the latter
        $limit = $this->sizeToBytes(ini_get('upload_max_filesize'));
        $postLimit = $this->sizeToBytes(ini_get('post_max_size'));
        if ($postLimit > 0 && $postLimit < $limit) {
            Yii::warning('PHP.ini\'s \'post_max_size\' is less than \'upload_max_filesize\'.', __METHOD__);
            $limit = $postLimit;
        }
        if ($this->maxSize !== null && $limit > 0 && $this->maxSize < $limit) {
            $limit = $this->maxSize;
        }

        if (($request = Yii::$app->getRequest()) instanceof \yii\web\Request) {
            $maxFileSize = Yii::$app->getRequest()->getBodyParam('MAX_FILE_SIZE', 0);
            if ($maxFileSize > 0 && $maxFileSize < $limit) {
                $limit = (int)$maxFileSize;
            }
        }

        return $limit;
    }

    /**
     * @inheritdoc
     * @param bool $trim
     */
    public function isEmpty($value, $trim = false)

    {
        $value = is_array($value) ? reset($value) : $value;
        return !($value instanceof UploadedFile) || $value->error == UPLOAD_ERR_NO_FILE;
    }

    /**
     * Converts php.ini style size to bytes
     *
     * @param string $sizeStr $sizeStr
     * @return int
     */
    private function sizeToBytes($sizeStr)
    {
        switch (substr($sizeStr, -1)) {
            case 'M':
            case 'm':
                return (int) $sizeStr * 1048576;
            case 'K':
            case 'k':
                return (int) $sizeStr * 1024;
            case 'G':
            case 'g':
                return (int) $sizeStr * 1073741824;
            default:
                return (int) $sizeStr;
        }
    }

    /**
     * Checks if given uploaded file have correct type (extension) according current validator settings.
     * @param UploadedFile $file
     * @return bool
     */
    protected function validateExtension($file)
    {
        $extension = mb_strtolower($file->extension, 'UTF-8');

        if ($this->checkExtensionByMimeType) {
            $mimeType = FileHelper::getMimeType($file->tempFilename, null, false);
            if ($mimeType === null) {
                return false;
            }

            $extensionsByMimeType = FileHelper::getExtensionsByMimeType($mimeType);

            if (!in_array($extension, $extensionsByMimeType, true)) {
                return false;
            }
        }

        if (!in_array($extension, $this->extensions, true)) {
            return false;
        }

        return true;
    }

    /**
     * @inheritdoc
     */
    public function clientValidateAttribute($model, $attribute, $view)
    {
        ValidationAsset::register($view);
        $options = $this->getClientOptions($model, $attribute);
        return 'yii.validation.file(attribute, messages, ' . Json::encode($options) . ');';
    }

    /**
     * @inheritdoc
     */
    public function getClientOptions($model, $attribute)
    {
        $label = $model->getAttributeLabel($attribute);

        $options = [];
        if ($this->message !== null) {
            $options['message'] = $this->formatMessage($this->message, [
                'attribute' => $label,
            ]);
        }

        $options['skipOnEmpty'] = $this->skipOnEmpty;

        if (!$this->skipOnEmpty) {
            $options['uploadRequired'] = $this->formatMessage($this->uploadRequired, [
                'attribute' => $label,
            ]);
        }

        if ($this->mimeTypes !== null) {
            $mimeTypes = [];
            foreach ($this->mimeTypes as $mimeType) {
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
                $mimeTypes[] = new JsExpression(Html::escapeJsRegularExpression($this->buildMimeTypeRegexp($mimeType)));
            }
            $options['mimeTypes'] = $mimeTypes;
            $options['wrongMimeType'] = $this->formatMessage($this->wrongMimeType, [
                'attribute' => $label,
                'mimeTypes' => implode(', ', $this->mimeTypes),
            ]);
        }

        if ($this->extensions !== null) {
            $options['extensions'] = $this->extensions;
            $options['wrongExtension'] = $this->formatMessage($this->wrongExtension, [
                'attribute' => $label,
                'extensions' => implode(', ', $this->extensions),
            ]);
        }

        if ($this->minSize !== null) {
            $options['minSize'] = $this->minSize;
            $options['tooSmall'] = $this->formatMessage($this->tooSmall, [
                'attribute' => $label,
                'limit' => $this->minSize,
                'formattedLimit' => Yii::$app->formatter->asShortSize($this->minSize),
            ]);
        }

        if ($this->maxSize !== null) {
            $options['maxSize'] = $this->maxSize;
            $options['tooBig'] = $this->formatMessage($this->tooBig, [
                'attribute' => $label,
                'limit' => $this->getSizeLimit(),
                'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
            ]);
        }

        if ($this->maxFiles !== null) {
            $options['maxFiles'] = $this->maxFiles;
            $options['tooMany'] = $this->formatMessage($this->tooMany, [
                'attribute' => $label,
                'limit' => $this->maxFiles,
            ]);
        }

        return $options;
    }

    /**
     * Builds the RegExp from the $mask
     *
     * @param string $mask
     * @return string the regular expression
     * @see mimeTypes
     */
    private function buildMimeTypeRegexp($mask)
    {
        return '/^' . str_replace('\*', '.*', preg_quote($mask, '/')) . '$/';
    }

    /**
     * Checks the mimeType of the $file against the list in the [[mimeTypes]] property
     *
     * @param UploadedFile $file
     * @return bool whether the $file mimeType is allowed
     * @throws \yii\base\InvalidConfigException
     * @see mimeTypes
     * @since 2.0.8
     */
    protected function validateMimeType($file)
    {
        $fileMimeType = FileHelper::getMimeType($file->tempFilename);

        foreach ($this->mimeTypes as $mimeType) {
$collection = json_decode($data, true);
if ( ! is_array($collection)) {
    throw new \RuntimeException('$collection must be an array.');
}

foreach ($collection as $item) { /** ... */ }
            if ($mimeType === $fileMimeType) {
                return true;
            }

            if (strpos($mimeType, '*') !== false && preg_match($this->buildMimeTypeRegexp($mimeType), $fileMimeType)) {
                return true;
            }
        }

        return false;
    }
}


1		<?php
2		/**
3		* @link http://www.yiiframework.com/
4		* @copyright Copyright (c) 2008 Yii Software LLC
5		* @license http://www.yiiframework.com/license/
6		*/
7
8		namespace yii\validators;
9
10		use Yii;
11		use yii\helpers\FileHelper;
12		use yii\helpers\Html;
13		use yii\helpers\Json;
14		use yii\web\JsExpression;
15		use yii\http\UploadedFile;
16
17		/**
18		* FileValidator verifies if an attribute is receiving a valid uploaded file.
19		*
20		* Note that you should enable `fileinfo` PHP extension.
21		*
22		* @property int $sizeLimit The size limit for uploaded files. This property is read-only.
23		*
24		* @author Qiang Xue <[email protected]>
25		* @since 2.0
26		*/
27		class FileValidator extends Validator
28		{
29		/**
30		* @var array\|string a list of file name extensions that are allowed to be uploaded.
31		* This can be either an array or a string consisting of file extension names
32		* separated by space or comma (e.g. "gif, jpg").
33		* Extension names are case-insensitive. Defaults to null, meaning all file name
34		* extensions are allowed.
35		* @see wrongExtension for the customized message for wrong file type.
36		*/
37		public $extensions;
38		/**
39		* @var bool whether to check file type (extension) with mime-type. If extension produced by
40		* file mime-type check differs from uploaded file extension, the file will be considered as invalid.
41		*/
42		public $checkExtensionByMimeType = true;
43		/**
44		* @var array\|string a list of file MIME types that are allowed to be uploaded.
45		* This can be either an array or a string consisting of file MIME types
46		* separated by space or comma (e.g. "text/plain, image/png").
47		* The mask with the special character `*` can be used to match groups of mime types.
48		* For example `image/*` will pass all mime types, that begin with `image/` (e.g. `image/jpeg`, `image/png`).
49		* Mime type names are case-insensitive. Defaults to null, meaning all MIME types are allowed.
50		* @see wrongMimeType for the customized message for wrong MIME type.
51		*/
52		public $mimeTypes;
53		/**
54		* @var int the minimum number of bytes required for the uploaded file.
55		* Defaults to null, meaning no limit.
56		* @see tooSmall for the customized message for a file that is too small.
57		*/
58		public $minSize;
59		/**
60		* @var int the maximum number of bytes required for the uploaded file.
61		* Defaults to null, meaning no limit.
62		* Note, the size limit is also affected by `upload_max_filesize` and `post_max_size` INI setting
63		* and the 'MAX_FILE_SIZE' hidden field value. See [[getSizeLimit()]] for details.
64		* @see http://php.net/manual/en/ini.core.php#ini.upload-max-filesize
65		* @see http://php.net/post-max-size
66		* @see getSizeLimit
67		* @see tooBig for the customized message for a file that is too big.
68		*/
69		public $maxSize;
70		/**
71		* @var int the maximum file count the given attribute can hold.
72		* Defaults to 1, meaning single file upload. By defining a higher number,
73		* multiple uploads become possible. Setting it to `0` means there is no limit on
74		* the number of files that can be uploaded simultaneously.
75		*
76		* > Note: The maximum number of files allowed to be uploaded simultaneously is
77		* also limited with PHP directive `max_file_uploads`, which defaults to 20.
78		*
79		* @see http://php.net/manual/en/ini.core.php#ini.max-file-uploads
80		* @see tooMany for the customized message when too many files are uploaded.
81		*/
82		public $maxFiles = 1;
83		/**
84		* @var string the error message used when a file is not uploaded correctly.
85		*/
86		public $message;
87		/**
88		* @var string the error message used when no file is uploaded.
89		* Note that this is the text of the validation error message. To make uploading files required,
90		* you have to set [[skipOnEmpty]] to `false`.
91		*/
92		public $uploadRequired;
93		/**
94		* @var string the error message used when the uploaded file is too large.
95		* You may use the following tokens in the message:
96		*
97		* - {attribute}: the attribute name
98		* - {file}: the uploaded file name
99		* - {limit}: the maximum size allowed (see [[getSizeLimit()]])
100		* - {formattedLimit}: the maximum size formatted
101		* with [[\yii\i18n\Formatter::asShortSize()\|Formatter::asShortSize()]]
102		*/
103		public $tooBig;
104		/**
105		* @var string the error message used when the uploaded file is too small.
106		* You may use the following tokens in the message:
107		*
108		* - {attribute}: the attribute name
109		* - {file}: the uploaded file name
110		* - {limit}: the value of [[minSize]]
111		* - {formattedLimit}: the value of [[minSize]] formatted
112		* with [[\yii\i18n\Formatter::asShortSize()\|Formatter::asShortSize()]
113		*/
114		public $tooSmall;
115		/**
116		* @var string the error message used if the count of multiple uploads exceeds limit.
117		* You may use the following tokens in the message:
118		*
119		* - {attribute}: the attribute name
120		* - {limit}: the value of [[maxFiles]]
121		*/
122		public $tooMany;
123		/**
124		* @var string the error message used when the uploaded file has an extension name
125		* that is not listed in [[extensions]]. You may use the following tokens in the message:
126		*
127		* - {attribute}: the attribute name
128		* - {file}: the uploaded file name
129		* - {extensions}: the list of the allowed extensions.
130		*/
131		public $wrongExtension;
132		/**
133		* @var string the error message used when the file has an mime type
134		* that is not allowed by [[mimeTypes]] property.
135		* You may use the following tokens in the message:
136		*
137		* - {attribute}: the attribute name
138		* - {file}: the uploaded file name
139		* - {mimeTypes}: the value of [[mimeTypes]]
140		*/
141		public $wrongMimeType;
142
143
144		/**
145		* @inheritdoc
146		*/
147	23	public function init()
148		{
149	23	parent::init();
150	23	if ($this->message === null) {
151	23	$this->message = Yii::t('yii', 'File upload failed.');
152		}
153	23	if ($this->uploadRequired === null) {
154	23	$this->uploadRequired = Yii::t('yii', 'Please upload a file.');
155		}
156	23	if ($this->tooMany === null) {
157	23	$this->tooMany = Yii::t('yii', 'You can upload at most {limit, number} {limit, plural, one{file} other{files}}.');
158		}
159	23	if ($this->wrongExtension === null) {
160	23	$this->wrongExtension = Yii::t('yii', 'Only files with these extensions are allowed: {extensions}.');
161		}
162	23	if ($this->tooBig === null) {
163	23	$this->tooBig = Yii::t('yii', 'The file "{file}" is too big. Its size cannot exceed {formattedLimit}.');
164		}
165	23	if ($this->tooSmall === null) {
166	23	$this->tooSmall = Yii::t('yii', 'The file "{file}" is too small. Its size cannot be smaller than {formattedLimit}.');
167		}
168	23	if (!is_array($this->extensions)) {
169	22	$this->extensions = preg_split('/[\s,]+/', strtolower($this->extensions), -1, PREG_SPLIT_NO_EMPTY);
170		} else {
171	3	$this->extensions = array_map('strtolower', $this->extensions);
172		}
173	23	if ($this->wrongMimeType === null) {
174	23	$this->wrongMimeType = Yii::t('yii', 'Only files with these MIME types are allowed: {mimeTypes}.');
175		}
176	23	if (!is_array($this->mimeTypes)) {
177	23	$this->mimeTypes = preg_split('/[\s,]+/', strtolower($this->mimeTypes), -1, PREG_SPLIT_NO_EMPTY);
178		} else {
179	1	$this->mimeTypes = array_map('strtolower', $this->mimeTypes);
180		}
181	23	}
182
183		/**
184		* @inheritdoc
185		*/
186	7	public function validateAttribute($model, $attribute)
187		{
188	7	if ($this->maxFiles != 1) {
189	1	$files = $model->$attribute;
190	1	if (!is_array($files)) {
191	1	$this->addError($model, $attribute, $this->uploadRequired);
192
193	1	return;
194		}
195	1	foreach ($files as $i => $file) {
196	1	if (!$file instanceof UploadedFile \|\| $file->error == UPLOAD_ERR_NO_FILE) {
197	1	unset($files[$i]);
198		}
199		}
200	1	$model->$attribute = array_values($files);
201	1	if (empty($files)) {
202	1	$this->addError($model, $attribute, $this->uploadRequired);
203		}
204	1	if ($this->maxFiles && count($files) > $this->maxFiles) {
205	1	$this->addError($model, $attribute, $this->tooMany, ['limit' => $this->maxFiles]);
206		} else {
207	1	foreach ($files as $file) {
208	1	$result = $this->validateValue($file);
209	1	if (!empty($result)) {
210	1	$this->addError($model, $attribute, $result[0], $result[1]);
211		}
212		}
213		}
214		} else {
215	7	$result = $this->validateValue($model->$attribute);
216	7	if (!empty($result)) {
217	7	$this->addError($model, $attribute, $result[0], $result[1]);
218		}
219		}
220	7	}
221
222		/**
223		* @inheritdoc
224		*/
225	18	protected function validateValue($value)
226		{
227	18	if (!$value instanceof UploadedFile \|\| $value->getError() == UPLOAD_ERR_NO_FILE) {
228	1	return [$this->uploadRequired, []];
229		}
230
231	18	switch ($value->error) {
232	18	case UPLOAD_ERR_OK:
233	14	if ($this->maxSize !== null && $value->size > $this->getSizeLimit()) {
234		return [
235	1	$this->tooBig,
236		[
237	1	'file' => $value->getClientFilename(),
238	1	'limit' => $this->getSizeLimit(),
239	1	'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
240		],
241		];
242	14	} elseif ($this->minSize !== null && $value->size < $this->minSize) {
243		return [
244	1	$this->tooSmall,
245		[
246	1	'file' => $value->getClientFilename(),
247	1	'limit' => $this->minSize,
248	1	'formattedLimit' => Yii::$app->formatter->asShortSize($this->minSize),
249		],
250		];
251	14	} elseif (!empty($this->extensions) && !$this->validateExtension($value)) {
252	2	return [$this->wrongExtension, ['file' => $value->getClientFilename(), 'extensions' => implode(', ', $this->extensions)]];
253	14	} elseif (!empty($this->mimeTypes) && !$this->validateMimeType($value)) {
254	4	return [$this->wrongMimeType, ['file' => $value->getClientFilename(), 'mimeTypes' => implode(', ', $this->mimeTypes)]];
255		}
256	10	return null;
257	5	case UPLOAD_ERR_INI_SIZE:
258	5	case UPLOAD_ERR_FORM_SIZE:
259	1	return [$this->tooBig, [
260	1	'file' => $value->getClientFilename(),
261	1	'limit' => $this->getSizeLimit(),
262	1	'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
263		]];
264	5	case UPLOAD_ERR_PARTIAL:
265	2	Yii::warning('File was only partially uploaded: ' . $value->getClientFilename(), __METHOD__);
266	2	break;
267	3	case UPLOAD_ERR_NO_TMP_DIR:
268	1	Yii::warning('Missing the temporary folder to store the uploaded file: ' . $value->getClientFilename(), __METHOD__);
269	1	break;
270	2	case UPLOAD_ERR_CANT_WRITE:
271	1	Yii::warning('Failed to write the uploaded file to disk: ' . $value->getClientFilename(), __METHOD__);
272	1	break;
273	1	case UPLOAD_ERR_EXTENSION:
274	1	Yii::warning('File upload was stopped by some PHP extension: ' . $value->getClientFilename(), __METHOD__);
275	1	break;
276		default:
277		break;
278		}
279
280	5	return [$this->message, []];
281		}
282
283		/**
284		* Returns the maximum size allowed for uploaded files.
285		* This is determined based on four factors:
286		*
287		* - 'upload_max_filesize' in php.ini
288		* - 'post_max_size' in php.ini
289		* - 'MAX_FILE_SIZE' hidden field
290		* - [[maxSize]]
291		*
292		* @return int the size limit for uploaded files.
293		*/
294	2	public function getSizeLimit()
295		{
296		// Get the lowest between post_max_size and upload_max_filesize, log a warning if the first is < than the latter
297	2	$limit = $this->sizeToBytes(ini_get('upload_max_filesize'));
298	2	$postLimit = $this->sizeToBytes(ini_get('post_max_size'));
299	2	if ($postLimit > 0 && $postLimit < $limit) {
300		Yii::warning('PHP.ini\'s \'post_max_size\' is less than \'upload_max_filesize\'.', __METHOD__);
301		$limit = $postLimit;
302		}
303	2	if ($this->maxSize !== null && $limit > 0 && $this->maxSize < $limit) {
304	2	$limit = $this->maxSize;
305		}
306
307	2	if (($request = Yii::$app->getRequest()) instanceof \yii\web\Request) {
308	1	$maxFileSize = Yii::$app->getRequest()->getBodyParam('MAX_FILE_SIZE', 0);
309	1	if ($maxFileSize > 0 && $maxFileSize < $limit) {
310	1	$limit = (int)$maxFileSize;
311		}
312		}
313
314	2	return $limit;
315		}
316
317		/**
318		* @inheritdoc
319		* @param bool $trim
320		*/
321	1	public function isEmpty($value, $trim = false)
		0 ignored issues – show Unused Code introduced 2017-07-31 08:57 UTC by Report Bug Copy Issue Report The parameter `$trim` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
322		{
323	1	$value = is_array($value) ? reset($value) : $value;
324	1	return !($value instanceof UploadedFile) \|\| $value->error == UPLOAD_ERR_NO_FILE;
325		}
326
327		/**
328		* Converts php.ini style size to bytes
329		*
330		* @param string $sizeStr $sizeStr
331		* @return int
332		*/
333	2	private function sizeToBytes($sizeStr)
334		{
335	2	switch (substr($sizeStr, -1)) {
336	2	case 'M':
337		case 'm':
338	2	return (int) $sizeStr * 1048576;
339		case 'K':
340		case 'k':
341		return (int) $sizeStr * 1024;
342		case 'G':
343		case 'g':
344		return (int) $sizeStr * 1073741824;
345		default:
346		return (int) $sizeStr;
347		}
348		}
349
350		/**
351		* Checks if given uploaded file have correct type (extension) according current validator settings.
352		* @param UploadedFile $file
353		* @return bool
354		*/
355	2	protected function validateExtension($file)
356		{
357	2	$extension = mb_strtolower($file->extension, 'UTF-8');
358
359	2	if ($this->checkExtensionByMimeType) {
360		$mimeType = FileHelper::getMimeType($file->tempFilename, null, false);
361		if ($mimeType === null) {
362		return false;
363		}
364
365		$extensionsByMimeType = FileHelper::getExtensionsByMimeType($mimeType);
366
367		if (!in_array($extension, $extensionsByMimeType, true)) {
368		return false;
369		}
370		}
371
372	2	if (!in_array($extension, $this->extensions, true)) {
373	2	return false;
374		}
375
376	2	return true;
377		}
378
379		/**
380		* @inheritdoc
381		*/
382		public function clientValidateAttribute($model, $attribute, $view)
383		{
384		ValidationAsset::register($view);
385		$options = $this->getClientOptions($model, $attribute);
386		return 'yii.validation.file(attribute, messages, ' . Json::encode($options) . ');';
387		}
388
389		/**
390		* @inheritdoc
391		*/
392		public function getClientOptions($model, $attribute)
393		{
394		$label = $model->getAttributeLabel($attribute);
395
396		$options = [];
397		if ($this->message !== null) {
398		$options['message'] = $this->formatMessage($this->message, [
399		'attribute' => $label,
400		]);
401		}
402
403		$options['skipOnEmpty'] = $this->skipOnEmpty;
404
405		if (!$this->skipOnEmpty) {
406		$options['uploadRequired'] = $this->formatMessage($this->uploadRequired, [
407		'attribute' => $label,
408		]);
409		}
410
411		if ($this->mimeTypes !== null) {
412		$mimeTypes = [];
413		foreach ($this->mimeTypes as $mimeType) {
		0 ignored issues – show Bug introduced 2017-03-15 02:03 UTC by Report Bug Copy Issue Report The expression `$this->mimeTypes` of type `array\|string` is not guaranteed to be traversable. How about adding an additional type check? There are different options of fixing this problem. If you want to be on the safe side, you can add an additional type-check: $collection = json_decode($data, true); if ( ! is_array($collection)) { throw new \RuntimeException('$collection must be an array.'); } foreach ($collection as $item) { /** ... / } If you are sure that the expression is traversable, you might want to add a doc comment cast* to improve IDE auto-completion and static analysis: /** @var array $collection / $collection = json_decode($data, true); foreach ($collection as $item) { /* .. / } Mark the issue as a false-positive*: Just hover the remove button, in the top-right corner of this issue for more options. Loading history...
414		$mimeTypes[] = new JsExpression(Html::escapeJsRegularExpression($this->buildMimeTypeRegexp($mimeType)));
415		}
416		$options['mimeTypes'] = $mimeTypes;
417		$options['wrongMimeType'] = $this->formatMessage($this->wrongMimeType, [
418		'attribute' => $label,
419		'mimeTypes' => implode(', ', $this->mimeTypes),
420		]);
421		}
422
423		if ($this->extensions !== null) {
424		$options['extensions'] = $this->extensions;
425		$options['wrongExtension'] = $this->formatMessage($this->wrongExtension, [
426		'attribute' => $label,
427		'extensions' => implode(', ', $this->extensions),
428		]);
429		}
430
431		if ($this->minSize !== null) {
432		$options['minSize'] = $this->minSize;
433		$options['tooSmall'] = $this->formatMessage($this->tooSmall, [
434		'attribute' => $label,
435		'limit' => $this->minSize,
436		'formattedLimit' => Yii::$app->formatter->asShortSize($this->minSize),
437		]);
438		}
439
440		if ($this->maxSize !== null) {
441		$options['maxSize'] = $this->maxSize;
442		$options['tooBig'] = $this->formatMessage($this->tooBig, [
443		'attribute' => $label,
444		'limit' => $this->getSizeLimit(),
445		'formattedLimit' => Yii::$app->formatter->asShortSize($this->getSizeLimit()),
446		]);
447		}
448
449		if ($this->maxFiles !== null) {
450		$options['maxFiles'] = $this->maxFiles;
451		$options['tooMany'] = $this->formatMessage($this->tooMany, [
452		'attribute' => $label,
453		'limit' => $this->maxFiles,
454		]);
455		}
456
457		return $options;
458		}
459
460		/**
461		* Builds the RegExp from the $mask
462		*
463		* @param string $mask
464		* @return string the regular expression
465		* @see mimeTypes
466		*/
467	10	private function buildMimeTypeRegexp($mask)
468		{
469	10	return '/^' . str_replace('\', '.', preg_quote($mask, '/')) . '$/';
470		}
471
472		/**
473		* Checks the mimeType of the $file against the list in the [[mimeTypes]] property
474		*
475		* @param UploadedFile $file
476		* @return bool whether the $file mimeType is allowed
477		* @throws \yii\base\InvalidConfigException
478		* @see mimeTypes
479		* @since 2.0.8
480		*/
481	11	protected function validateMimeType($file)
482		{
483	11	$fileMimeType = FileHelper::getMimeType($file->tempFilename);
484
485	11	foreach ($this->mimeTypes as $mimeType) {
		0 ignored issues – show Bug introduced 2016-11-16 07:52 UTC by Report Bug Copy Issue Report The expression `$this->mimeTypes` of type `array\|string` is not guaranteed to be traversable. How about adding an additional type check? There are different options of fixing this problem. If you want to be on the safe side, you can add an additional type-check: $collection = json_decode($data, true); if ( ! is_array($collection)) { throw new \RuntimeException('$collection must be an array.'); } foreach ($collection as $item) { /** ... / } If you are sure that the expression is traversable, you might want to add a doc comment cast* to improve IDE auto-completion and static analysis: /** @var array $collection / $collection = json_decode($data, true); foreach ($collection as $item) { /* .. / } Mark the issue as a false-positive*: Just hover the remove button, in the top-right corner of this issue for more options. Loading history...
486	11	if ($mimeType === $fileMimeType) {
487		return true;
488		}
489
490	11	if (strpos($mimeType, '*') !== false && preg_match($this->buildMimeTypeRegexp($mimeType), $fileMimeType)) {
491	11	return true;
492		}
493		}
494
495	4	return false;
496		}
497		}
498

yiisoft / yii2

Push — 2.1 ( 885479...e0a7ba )

FileValidator D

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

11 Methods

How to fix Complexity

Complex Class

Duplication Side-by-Side

Filter issues like