Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
How to upload from specific input file?
  • Example:
    I have 3 input files.
    <input type="file" name="photo1">
    <input type="file" name="photo2">
    <input type="file" name="avatar">

    I just want to accept file from input file name avatar and this input file can delete or add more but accept only from input file name "avatar".

    From the document. I see the upload class accept all of them or can only specify integer of uploaded files. None of examples show how to accept only from input file "name".

    Please show me how to accept only from specific input file "name" not integer number of all input.

    And more suggestion.
    The upload class should automatic validate extension with mime types that is already in core/config/mimes.php
    If i input ext_whitelist = array('jpg'); the upload class should auto get those extension to validate mime types.
  • FuelPHP\Upload cannot validate uploaded file's mime type, can only check allowed mime types.

    If i renamed image.png to image.jpg and allow ext (jpg, png) allow mimes (image/jpeg, image/png)
    then i uploaded image.jpg that renamed from image.png -> pingpong! upload success.

    but, i don't think it should success because real file mime types and upload file extension does not match!

    can't imagine if some hacker find the way to upload something more dangerous in allowed mime types that never match extension.

  • To start with your first post: I don't understand what you are trying to say.

    You include three file input fields in your form. So a user can upload three files. Nothing you can do about it, as soon as the user hits submit, $_FILES will contain 3 entries. Accepting them server side is outside the control of PHP.

    The Upload class can't smell that you only want one. It sees three uploaded files, it processes three uploaded files. It is entirely up to you (and your code) if you want to ignore them or not. Nobody stopping you from only saving one of the tree. And as far as I know, Upload::get_files("fieldname") should work without problems.

    Upload uses FileInfo to determine the mime type, unless that is not available (for example on Windows you need to manually install a DLL; some linux versions require a separate package; some crap hosters have removed it because they think it's more secure: see the docs), in which case it will default to "application/octet-stream".

    FileInfo uses the magic (or magic.mime) file to detect the correct mime-type based on the contents of the file. It is not fool-proof (a text file with GIF as first three letters returns "image/gif") but it does check the file. Since it doesn't happen in your case, I suggest your PHP installation is missing the FileInfo extension.

    As to your other remark: if you allow .png and .jpg, and you allow image/jpeg and image/png, and you create a png file called test.jpg, then yes, it validates.

    Why not? The extension of the file is valid, and the mime type is valid. It doesn't say anywhere that a file with a mime type image/jpeg should have a .jpg extension, and it shouldn't be. For your code, the filename is not relevant, the contents is. There is no relation between extension and mime-type, other than in your head (as in "it is easy for a human to read and see the type of file"). If you want this link, write a custom validation method and add it as a validation callback.
  • Question about accept only some input file name by 'field name' not integer. (Upload::save(1))

    Upload::get_files("fieldname") just show info of uploaded files. It cannot validate uploaded files.
    From your document:


    if (Upload::is_valid())
    {
        // save them according to the config
        Upload::save();

        // call a model method to update the database
        Model_Uploads::add(Upload::get_files());
    }

    Upload::get_files() cannot check, validate anything because it was called after Upload::process()
    The allowed list is in config inside Upload::process().

    Let say that i have 2 input files account_avatar and account_avatar2
    With this code "print_r(Upload::get_files('account_avatar')); and Upload::save();" as your document said it returns all fields not account_avatar field.
    It is not in any loop, just that code after Upload::process();
    And all files in both input field are uploaded and moved to /upload folder.
    I just want only a file from account_avatar field to move to /upload folder.

    What i want to do is... only input field name 'account_avatar' will be process by validate first (size, ext match mime type) and then move uploaded file to /upload folder.
    All other uploaded file just leave it, do nothing, not move to /upload folder, not process with move_uploaded_file().
    I can't find the way to do this with Fuelphp\Upload
  • HarroHarro
    Accepted Answer
    The v1 Upload class is a facade on the Fuel v2 package, which is object driven, and has a File object for each uploaded file.

    // get the instance
    $upload = \Upload::instance().

    // get all valid file objects
    $validfiles = $upload->getValidFiles();

    // get only the avatar file
    $avatar = $upload->getValidFiles('avatar');

    Every file object deals with a single uploaded file, from validation to saving, and can be accessed as an array (or iterated over) to get all file information stored in the object (and you can access the files properties directly, using $avatar->filename).

    To save it simply do

    if ($avatar->isValid())
    {
        if ($avatar->save())
        {
            // file saved
        }
        else
        {
            // save failed
            var_dump($avatar->getErrors());
        }
    }
    else
    {
        // validation failed
        var_dump($avatar->getErrors());
    }

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion