FileNameValidator

Read onlyYes

Ensures that any filename that an editor chooses for naming (or uses for uploading a file) is valid, meaning that no invalid characters (null-bytes) are added, or that the file does not contain an invalid file extension.

Table of Contents

Constants

DEFAULT_FILE_DENY_PATTERN  = '\.(php[3-8]?|phpsh|phtml|pht|phar|shtml|cgi)(\..*)?$|\.pl$|^\.htaccess$'

Methods

customFileDenyPatternConfigured()  : bool
Find out if there is a custom file deny pattern configured.
isValid()  : bool
Verifies the input filename against the 'fileDenyPattern'
missingImportantPatterns()  : bool
Checks if the given file deny pattern does not have parts that the default pattern should recommend. Used in status overview.
getCurrentFileDenyPattern()  : string

Constants

DEFAULT_FILE_DENY_PATTERN

public mixed DEFAULT_FILE_DENY_PATTERN = '\.(php[3-8]?|phpsh|phtml|pht|phar|shtml|cgi)(\..*)?$|\.pl$|^\.htaccess$'

Methods

customFileDenyPatternConfigured()

Find out if there is a custom file deny pattern configured.

public customFileDenyPatternConfigured() : bool
Return values
bool

isValid()

Verifies the input filename against the 'fileDenyPattern'

public isValid(string $fileName) : bool

Filenames are not allowed to contain control characters. Therefore we always filter on [[:cntrl:]].

Parameters
$fileName : string

File path to evaluate

Return values
bool

Returns TRUE if the file name is OK.

missingImportantPatterns()

Checks if the given file deny pattern does not have parts that the default pattern should recommend. Used in status overview.

public missingImportantPatterns() : bool
Return values
bool

getCurrentFileDenyPattern()

protected getCurrentFileDenyPattern() : string
Return values
string 

        

        
    




    

    

                            

            

                            
    

        On this page

        
    


            

                    

        

    

        

            
Search results