Skip to content

[FEATURE] Provide validators for PSR-7 UploadedFile objects in Extbase #984

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
TYPO3IncTeam opened this issue Aug 6, 2024 · 0 comments
Open

[FEATURE] Provide validators for PSR-7 UploadedFile objects in Extbase #984

TYPO3IncTeam opened this issue Aug 6, 2024 · 0 comments
Labels
13.3

Comments

@TYPO3IncTeam
Copy link
Collaborator

ℹ️ View this commit on Github
👥 Authored by Torben Hansen [email protected]
✔️ Merged by Benni Mack [email protected]

Commit message

[FEATURE] Provide validators for PSR-7 UploadedFile objects in Extbase

When working with PSR-7 UploadedFile objects, it is crucial to validate
the uploaded file against common validation rules.

This change introduces 4 new validators to Extbase for validating PSR-7
UploadedFile objects or an ObjectStorage containing
UploadedFile objects:

  • FileNameValidator: Prevents uploading of files with PHP executable
    extensions.
  • FileSizeValidator: Validates file size against given minimum and
    maximum limits.
  • MimeTypeValidator: Validates file MIME types and optionally checks
    file extensions.
  • ImageDimensionsValidator: Validates image dimensions with options
    for width, height, and range limits.

Extension authors can use the new validators to handle file uploads
in extbase context (e.g. UploadedFile property in DTO).

Resolves: #104526
Releases: main
Change-Id: Ic4c3cf579b0b2bd7af50be0684d541745307774e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/85485
Tested-by: core-ci [email protected]
Reviewed-by: Christian Kuhn [email protected]
Reviewed-by: Daniel Goerz [email protected]
Tested-by: Christian Kuhn [email protected]
Tested-by: Benni Mack [email protected]
Reviewed-by: Benni Mack [email protected]

➕ Added files

13.3/Feature-104526-ProvideValidatorsForPSR-7UploadedFileObjectsInExtbase.rst 
.. include:: /Includes.rst.txt

.. _feature-104526-1722603089:

===============================================================================
Feature: #104526 - Provide validators for PSR-7 UploadedFile objects in Extbase
===============================================================================

See :issue:`104526`

Description
===========

4 new extbase validators have been added to allow common validation tasks of a
PSR-7 :php:`UploadedFile` object or an :php:`ObjectStorage` containing PSR-7
:php:`UploadedFile` objects.

Note, that the new validators can only be applied to the TYPO3 implementation
of the PSR-7 :php:`UploadedFileInterface` because they validate the uploaded
files before it has been moved.

Custom implementations of the :php:`UploadedFileInterface` must continue to
implement their own validators.

FileNameValidator
-----------------

This validator ensures, that files with PHP executable file extensions can not
be uploaded. The validator has no options.

FileSizeValidator
-----------------

This validator can be used to validate an uploaded file against a given minimum
and maximum file size.

Validator options:

* :php:`minimum` - The minimum size as string (e.g. 100K)
* :php:`maximum` - The maximum size as string (e.g. 100K)

MimeTypeValidator
-----------------

This validator can be used to validate an uploaded file against a given set
of accepted MIME types. The validator additionally verifies, that the given
file extension of the uploaded file matches allowed file extensions for the
detected mime type.

Validator options:

* :php:`allowedMimeTypes` - An array of allowed MIME types
* :php:`ignoreFileExtensionCheck` - If set to "true", it is checked, the file
  extension check is disabled

ImageDimensionsValidator
------------------------

This validator can be used to validate an uploaded image for given image
dimensions. The validator must only be used, when it is ensured, that the
uploaded file is an image (e.g. by validating the MIME type).

Validator options:

* :php:`width` - Fixed width of the image as integer
* :php:`height` - Fixed height of the image as integer
* :php:`minWidth` - Minimum width of the image as integer. Default is `0`
* :php:`maxWidth` - Maximum width of the image as integer. Default is `PHP_INT_MAX`
* :php:`minHeight` - Minimum height of the image as integer. Default is `0`
* :php:`maxHeight` - Maximum height of the image as integer. Default is `PHP_INT_MAX`


Impact
======

TYPO3 extension autors can now use the new validators to validate a given
:php:`UploadedFile` object.

.. index:: Backend, ext:extbase
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
13.3
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@TYPO3IncTeam