‪TYPO3CMS  ‪main
TYPO3\CMS\Core\Resource\Security\FileNameValidator Class Reference

Public Member Functions

 __construct (?string $fileDenyPattern=null)
bool isValid (string $fileName)
 customFileDenyPatternConfigured ()
 missingImportantPatterns ()

Public Attributes

const DEFAULT_FILE_DENY_PATTERN = '\\.(php[3-8]?|phpsh|phtml|pht|phar|shtml|cgi)(\\..*)?$|\\.pl$|^\\.htaccess$'

Protected Attributes

string $fileDenyPattern

Detailed Description

Ensures that any filename that an editor chooses for naming (or uses for uploading a file) is valid, meaning that no invalid characters (null-bytes) are added, or that the file does not contain an invalid file extension.

Definition at line 24 of file FileNameValidator.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Resource\Security\FileNameValidator::__construct ( ?string  $fileDenyPattern = null)

Member Function Documentation

◆ customFileDenyPatternConfigured()

TYPO3\CMS\Core\Resource\Security\FileNameValidator::customFileDenyPatternConfigured ( )

Find out if there is a custom file deny pattern configured.

Definition at line 67 of file FileNameValidator.php.

References TYPO3\CMS\Core\Resource\Security\FileNameValidator\DEFAULT_FILE_DENY_PATTERN.

◆ isValid()

bool TYPO3\CMS\Core\Resource\Security\FileNameValidator::isValid ( string  $fileName)

Verifies the input filename against the 'fileDenyPattern'

Filenames are not allowed to contain control characters. Therefore we always filter on [[:cntrl:]].

string$fileNameFile path to evaluate
‪bool Returns TRUE if the file name is OK.

Definition at line 55 of file FileNameValidator.php.

◆ missingImportantPatterns()

TYPO3\CMS\Core\Resource\Security\FileNameValidator::missingImportantPatterns ( )

Checks if the given file deny pattern does not have parts that the default pattern should recommend. Used in status overview.

Definition at line 76 of file FileNameValidator.php.

Member Data Documentation

◆ $fileDenyPattern

string TYPO3\CMS\Core\Resource\Security\FileNameValidator::$fileDenyPattern