FileNameValidator
Ensures that any filename that an editor chooses for naming (or uses for uploading a file) is valid, meaning that no invalid characters (null-bytes) are added, or that the file does not contain an invalid file extension.
Table of Contents
Constants
- DEFAULT_FILE_DENY_PATTERN = '\.(php[3-8]?|phpsh|phtml|pht|phar|shtml|cgi)(\..*)?$|\.pl$|^\.htaccess$'
- Previously this was used within SystemEnvironmentBuilder
Properties
- $fileDenyPattern : string
Methods
- __construct() : mixed
- customFileDenyPatternConfigured() : bool
- Find out if there is a custom file deny pattern configured.
- isValid() : bool
- Verifies the input filename against the 'fileDenyPattern'
- missingImportantPatterns() : bool
- Checks if the given file deny pattern does not have parts that the default pattern should recommend. Used in status overview.
Constants
DEFAULT_FILE_DENY_PATTERN
Previously this was used within SystemEnvironmentBuilder
public
mixed
DEFAULT_FILE_DENY_PATTERN
= '\.(php[3-8]?|phpsh|phtml|pht|phar|shtml|cgi)(\..*)?$|\.pl$|^\.htaccess$'
Properties
$fileDenyPattern
protected
string
$fileDenyPattern
Methods
__construct()
public
__construct([string|null $fileDenyPattern = null ]) : mixed
Parameters
- $fileDenyPattern : string|null = null
customFileDenyPatternConfigured()
Find out if there is a custom file deny pattern configured.
public
customFileDenyPatternConfigured() : bool
Return values
boolisValid()
Verifies the input filename against the 'fileDenyPattern'
public
isValid(string $fileName) : bool
Filenames are not allowed to contain control characters. Therefore we always filter on [[:cntrl:]].
Parameters
- $fileName : string
-
File path to evaluate
Return values
bool —Returns TRUE if the file name is OK.
missingImportantPatterns()
Checks if the given file deny pattern does not have parts that the default pattern should recommend. Used in status overview.
public
missingImportantPatterns() : bool