0

I've been researching Laminas documentation for their FIleInput class and i haven't found a decent explanation of what those filters and validators actually do.

I'm building a community website and planning to let users upload files and i want to apply security checks on those uploaded files, i've researched a lot about this and i'm planning to do the Image security checks that i found in a lot of threads in StackOverflow (here and here), but i want to do some other checking/validating for non-image uploaded files.

So can Laminas\InputFilter\FileInput actually do that? or what does it do exactly?

Fadi Obaji
  • 1,454
  • 4
  • 27
  • 57

1 Answers1

0

You can ensure that user is sending a proper file image with the below:

    public function addInputFilter()
    {
        $inputFilter = new InputFilter\InputFilter();

        // File Input
        $fileInput = new InputFilter\FileInput('image-file');
        $fileInput->setRequired(true);

        // Define validators and filters as if only one file was being uploaded.
        // All files will be run through the same validators and filters
        // automatically.
        $fileInput->getValidatorChain()
            ->attachByName('filesize',      ['max' => 204800])
            ->attachByName('filemimetype',  ['mimeType' => 'image/png,image/x-png'])
            ->attachByName('fileimagesize', ['maxWidth' => 100, 'maxHeight' => 100]);

        // All files will be renamed, e.g.:
        //   ./data/tmpuploads/avatar_4b3403665fea6.png,
        //   ./data/tmpuploads/avatar_5c45147660fb7.png
        $fileInput->getFilterChain()->attachByName(
            'filerenameupload',
            [
                'target'    => './data/tmpuploads/avatar.png',
                'randomize' => true,
            ]
        );
        $inputFilter->add($fileInput);

        $this->setInputFilter($inputFilter);
    }

A list of Input Filters is here:

  • Count
  • crc32
  • ExcludeExtension
  • ExcludeMimeType
  • Exists
  • Extension
  • FilesSize
  • Hash
  • ImageSize
  • IsCompressed
  • IsImage
  • Md5
  • MimeType
  • NotExists
  • Sha1
  • Size
  • Upload
  • UploadFile
  • WordCount

Docs: https://docs.laminas.dev/laminas-validator/validators/file/intro/

divix
  • 1,265
  • 13
  • 27