detect mimetypes on server-side instead of relying on mimetype reported by client (Issue #202)
This commit is contained in:
coderkun
parent
6f416a54f7
commit
d18d0f1192
3 changed files with 34 additions and 4 deletions
|
|
@ -107,6 +107,34 @@
|
|||
return mail($to, $subject, $message, $header);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Detect Mimetype of a file.
|
||||
*
|
||||
* @param string $filename Name of file to detect Mimetype of
|
||||
* @param string $defaultMimetype Default Mimetype to use
|
||||
* @return string Detected Mimetype of file
|
||||
*/
|
||||
public static function getMimetype($filename, $defaultMimetype=null)
|
||||
{
|
||||
$mimetype = (!is_null($defaultMimetype)) ? $defaultMimetype : 'application/octet-stream';
|
||||
// Use Fileinfo
|
||||
if(class_exists('\finfo'))
|
||||
{
|
||||
$finfo = new \finfo(FILEINFO_MIME_TYPE);
|
||||
if(!is_null($finfo)) {
|
||||
$mimetype = $finfo->file($filename);
|
||||
}
|
||||
}
|
||||
// Use deprecated mime_content_type()
|
||||
elseif(function_exists('mime_content_type')) {
|
||||
$mimetype = mime_content_type($filename);
|
||||
}
|
||||
|
||||
|
||||
return $mimetype;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -153,14 +153,15 @@
|
|||
|
||||
// Check mimetype
|
||||
$mediaMimetype = null;
|
||||
$file['mimetype'] = \hhu\z\Utils::getMimetype($file['tmp_name']);
|
||||
foreach($mimetypes as &$mimetype) {
|
||||
if($mimetype['mimetype'] == $file['type']) {
|
||||
if($mimetype['mimetype'] == $file['mimetype']) {
|
||||
$mediaMimetype = $mimetype;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if(is_null($mediaMimetype)) {
|
||||
$validation = $this->Validation->addValidationResult($validation, 'media', 'mimetype', $file['type']);
|
||||
$validation = $this->Validation->addValidationResult($validation, 'media', 'mimetype', $file['mimetype']);
|
||||
}
|
||||
elseif($file['size'] > $mediaMimetype['size']) {
|
||||
$validation = $this->Validation->addValidationResult($validation, 'media', 'size', $mediaMimetype['size']);
|
||||
|
|
|
|||
|
|
@ -56,15 +56,16 @@
|
|||
// Check mimetype
|
||||
$mimetypes = $this->Submit->getAllowedMimetypes($seminary['id']);
|
||||
$answerMimetype = null;
|
||||
$answer['mimetype'] = \hhu\z\Utils::getMimetype($answer['tmp_name']);
|
||||
foreach($mimetypes as &$mimetype) {
|
||||
if($mimetype['mimetype'] == $answer['type']) {
|
||||
if($mimetype['mimetype'] == $answer['mimetype']) {
|
||||
$answerMimetype = $mimetype;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if(is_null($answerMimetype)) {
|
||||
throw new \hhu\z\exceptions\SubmissionNotValidException(
|
||||
new \hhu\z\exceptions\WrongFiletypeException($answer['type'])
|
||||
new \hhu\z\exceptions\WrongFiletypeException($answer['mimetype'])
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue