No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

UploadedFile.php 10.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\HttpFoundation\File;
  11. use Symfony\Component\HttpFoundation\File\Exception\CannotWriteFileException;
  12. use Symfony\Component\HttpFoundation\File\Exception\ExtensionFileException;
  13. use Symfony\Component\HttpFoundation\File\Exception\FileException;
  14. use Symfony\Component\HttpFoundation\File\Exception\FileNotFoundException;
  15. use Symfony\Component\HttpFoundation\File\Exception\FormSizeFileException;
  16. use Symfony\Component\HttpFoundation\File\Exception\IniSizeFileException;
  17. use Symfony\Component\HttpFoundation\File\Exception\NoFileException;
  18. use Symfony\Component\HttpFoundation\File\Exception\NoTmpDirFileException;
  19. use Symfony\Component\HttpFoundation\File\Exception\PartialFileException;
  20. use Symfony\Component\Mime\MimeTypes;
  21. /**
  22. * A file uploaded through a form.
  23. *
  24. * @author Bernhard Schussek <bschussek@gmail.com>
  25. * @author Florian Eckerstorfer <florian@eckerstorfer.org>
  26. * @author Fabien Potencier <fabien@symfony.com>
  27. */
  28. class UploadedFile extends File
  29. {
  30. private $test;
  31. private $originalName;
  32. private $mimeType;
  33. private $error;
  34. /**
  35. * Accepts the information of the uploaded file as provided by the PHP global $_FILES.
  36. *
  37. * The file object is only created when the uploaded file is valid (i.e. when the
  38. * isValid() method returns true). Otherwise the only methods that could be called
  39. * on an UploadedFile instance are:
  40. *
  41. * * getClientOriginalName,
  42. * * getClientMimeType,
  43. * * isValid,
  44. * * getError.
  45. *
  46. * Calling any other method on an non-valid instance will cause an unpredictable result.
  47. *
  48. * @param string $path The full temporary path to the file
  49. * @param string $originalName The original file name of the uploaded file
  50. * @param string|null $mimeType The type of the file as provided by PHP; null defaults to application/octet-stream
  51. * @param int|null $error The error constant of the upload (one of PHP's UPLOAD_ERR_XXX constants); null defaults to UPLOAD_ERR_OK
  52. * @param bool $test Whether the test mode is active
  53. * Local files are used in test mode hence the code should not enforce HTTP uploads
  54. *
  55. * @throws FileException If file_uploads is disabled
  56. * @throws FileNotFoundException If the file does not exist
  57. */
  58. public function __construct(string $path, string $originalName, ?string $mimeType = null, ?int $error = null, bool $test = false)
  59. {
  60. $this->originalName = $this->getName($originalName);
  61. $this->mimeType = $mimeType ?: 'application/octet-stream';
  62. $this->error = $error ?: \UPLOAD_ERR_OK;
  63. $this->test = $test;
  64. parent::__construct($path, \UPLOAD_ERR_OK === $this->error);
  65. }
  66. /**
  67. * Returns the original file name.
  68. *
  69. * It is extracted from the request from which the file has been uploaded.
  70. * This should not be considered as a safe value to use for a file name on your servers.
  71. *
  72. * @return string
  73. */
  74. public function getClientOriginalName()
  75. {
  76. return $this->originalName;
  77. }
  78. /**
  79. * Returns the original file extension.
  80. *
  81. * It is extracted from the original file name that was uploaded.
  82. * This should not be considered as a safe value to use for a file name on your servers.
  83. *
  84. * @return string
  85. */
  86. public function getClientOriginalExtension()
  87. {
  88. return pathinfo($this->originalName, \PATHINFO_EXTENSION);
  89. }
  90. /**
  91. * Returns the file mime type.
  92. *
  93. * The client mime type is extracted from the request from which the file
  94. * was uploaded, so it should not be considered as a safe value.
  95. *
  96. * For a trusted mime type, use getMimeType() instead (which guesses the mime
  97. * type based on the file content).
  98. *
  99. * @return string
  100. *
  101. * @see getMimeType()
  102. */
  103. public function getClientMimeType()
  104. {
  105. return $this->mimeType;
  106. }
  107. /**
  108. * Returns the extension based on the client mime type.
  109. *
  110. * If the mime type is unknown, returns null.
  111. *
  112. * This method uses the mime type as guessed by getClientMimeType()
  113. * to guess the file extension. As such, the extension returned
  114. * by this method cannot be trusted.
  115. *
  116. * For a trusted extension, use guessExtension() instead (which guesses
  117. * the extension based on the guessed mime type for the file).
  118. *
  119. * @return string|null
  120. *
  121. * @see guessExtension()
  122. * @see getClientMimeType()
  123. */
  124. public function guessClientExtension()
  125. {
  126. if (!class_exists(MimeTypes::class)) {
  127. throw new \LogicException('You cannot guess the extension as the Mime component is not installed. Try running "composer require symfony/mime".');
  128. }
  129. return MimeTypes::getDefault()->getExtensions($this->getClientMimeType())[0] ?? null;
  130. }
  131. /**
  132. * Returns the upload error.
  133. *
  134. * If the upload was successful, the constant UPLOAD_ERR_OK is returned.
  135. * Otherwise one of the other UPLOAD_ERR_XXX constants is returned.
  136. *
  137. * @return int
  138. */
  139. public function getError()
  140. {
  141. return $this->error;
  142. }
  143. /**
  144. * Returns whether the file has been uploaded with HTTP and no error occurred.
  145. *
  146. * @return bool
  147. */
  148. public function isValid()
  149. {
  150. $isOk = \UPLOAD_ERR_OK === $this->error;
  151. return $this->test ? $isOk : $isOk && is_uploaded_file($this->getPathname());
  152. }
  153. /**
  154. * Moves the file to a new location.
  155. *
  156. * @return File
  157. *
  158. * @throws FileException if, for any reason, the file could not have been moved
  159. */
  160. public function move(string $directory, ?string $name = null)
  161. {
  162. if ($this->isValid()) {
  163. if ($this->test) {
  164. return parent::move($directory, $name);
  165. }
  166. $target = $this->getTargetFile($directory, $name);
  167. set_error_handler(function ($type, $msg) use (&$error) { $error = $msg; });
  168. try {
  169. $moved = move_uploaded_file($this->getPathname(), $target);
  170. } finally {
  171. restore_error_handler();
  172. }
  173. if (!$moved) {
  174. throw new FileException(sprintf('Could not move the file "%s" to "%s" (%s).', $this->getPathname(), $target, strip_tags($error)));
  175. }
  176. @chmod($target, 0666 & ~umask());
  177. return $target;
  178. }
  179. switch ($this->error) {
  180. case \UPLOAD_ERR_INI_SIZE:
  181. throw new IniSizeFileException($this->getErrorMessage());
  182. case \UPLOAD_ERR_FORM_SIZE:
  183. throw new FormSizeFileException($this->getErrorMessage());
  184. case \UPLOAD_ERR_PARTIAL:
  185. throw new PartialFileException($this->getErrorMessage());
  186. case \UPLOAD_ERR_NO_FILE:
  187. throw new NoFileException($this->getErrorMessage());
  188. case \UPLOAD_ERR_CANT_WRITE:
  189. throw new CannotWriteFileException($this->getErrorMessage());
  190. case \UPLOAD_ERR_NO_TMP_DIR:
  191. throw new NoTmpDirFileException($this->getErrorMessage());
  192. case \UPLOAD_ERR_EXTENSION:
  193. throw new ExtensionFileException($this->getErrorMessage());
  194. }
  195. throw new FileException($this->getErrorMessage());
  196. }
  197. /**
  198. * Returns the maximum size of an uploaded file as configured in php.ini.
  199. *
  200. * @return int|float The maximum size of an uploaded file in bytes (returns float if size > PHP_INT_MAX)
  201. */
  202. public static function getMaxFilesize()
  203. {
  204. $sizePostMax = self::parseFilesize(\ini_get('post_max_size'));
  205. $sizeUploadMax = self::parseFilesize(\ini_get('upload_max_filesize'));
  206. return min($sizePostMax ?: \PHP_INT_MAX, $sizeUploadMax ?: \PHP_INT_MAX);
  207. }
  208. /**
  209. * Returns the given size from an ini value in bytes.
  210. *
  211. * @return int|float Returns float if size > PHP_INT_MAX
  212. */
  213. private static function parseFilesize(string $size)
  214. {
  215. if ('' === $size) {
  216. return 0;
  217. }
  218. $size = strtolower($size);
  219. $max = ltrim($size, '+');
  220. if (str_starts_with($max, '0x')) {
  221. $max = \intval($max, 16);
  222. } elseif (str_starts_with($max, '0')) {
  223. $max = \intval($max, 8);
  224. } else {
  225. $max = (int) $max;
  226. }
  227. switch (substr($size, -1)) {
  228. case 't': $max *= 1024;
  229. // no break
  230. case 'g': $max *= 1024;
  231. // no break
  232. case 'm': $max *= 1024;
  233. // no break
  234. case 'k': $max *= 1024;
  235. }
  236. return $max;
  237. }
  238. /**
  239. * Returns an informative upload error message.
  240. *
  241. * @return string
  242. */
  243. public function getErrorMessage()
  244. {
  245. static $errors = [
  246. \UPLOAD_ERR_INI_SIZE => 'The file "%s" exceeds your upload_max_filesize ini directive (limit is %d KiB).',
  247. \UPLOAD_ERR_FORM_SIZE => 'The file "%s" exceeds the upload limit defined in your form.',
  248. \UPLOAD_ERR_PARTIAL => 'The file "%s" was only partially uploaded.',
  249. \UPLOAD_ERR_NO_FILE => 'No file was uploaded.',
  250. \UPLOAD_ERR_CANT_WRITE => 'The file "%s" could not be written on disk.',
  251. \UPLOAD_ERR_NO_TMP_DIR => 'File could not be uploaded: missing temporary directory.',
  252. \UPLOAD_ERR_EXTENSION => 'File upload was stopped by a PHP extension.',
  253. ];
  254. $errorCode = $this->error;
  255. $maxFilesize = \UPLOAD_ERR_INI_SIZE === $errorCode ? self::getMaxFilesize() / 1024 : 0;
  256. $message = $errors[$errorCode] ?? 'The file "%s" was not uploaded due to an unknown error.';
  257. return sprintf($message, $this->getClientOriginalName(), $maxFilesize);
  258. }
  259. }