lifetype-1.2/class/data/validator/uploadvalidator.class.php

00001 <?php
00002 
00003         lt_include( PLOG_CLASS_PATH."class/data/validator/validator.class.php" );
00004         lt_include( PLOG_CLASS_PATH."class/config/config.class.php" );
00005     lt_include( PLOG_CLASS_PATH."class/misc/glob.class.php" );  
00006 
00007         define( "UPLOAD_MAX_SIZE", 2000000 );
00008 
00009     define( "UPLOAD_VALIDATOR_ERROR_UPLOAD_TOO_BIG", -1 );
00010     define( "UPLOAD_VALIDATOR_ERROR_FORBIDDEN_EXTENSION", -2 );
00011     define( "UPLOAD_VALIDATOR_ERROR_NOT_WHITELISTED_EXTENSION", -10 );
00012 
00026         class UploadValidator extends Validator 
00027         {
00028 
00032         function UploadValidator()
00033         {
00034                 $this->Validator();
00035         }
00036 
00046         function validate( $upload )
00047         {
00048                 $config =& Config::getConfig();
00049 
00050             $forbiddenFilesStr = $config->getValue( "upload_forbidden_files" );
00051             $allowedFilesStr = $config->getValue( "upload_allowed_files" );
00052             $maxUploadSize     = $config->getValue( "maximum_file_upload_size" );
00053                         
00054                         // check if we received an object of the right type, or else just quit
00055                         if( $upload == null ) {
00056                                 return false;
00057                         }
00058 
00059             // first of all, check the size
00060             if( $maxUploadSize != 0 && $upload->getSize() > $maxUploadSize ) {
00061                 return UPLOAD_VALIDATOR_ERROR_UPLOAD_TOO_BIG;
00062             }
00063 
00064                         if( $allowedFilesStr != "" )
00065                                 $result = $this->validateWhitelist( $upload, $allowedFilesStr );
00066                         elseif( $forbiddenFilesStr != "" )
00067                                 $result = $this->validateBlacklist( $upload, $forbiddenFilesStr );
00068                         else
00069                                 $result = true;
00070                                 
00071                         return( $result );
00072         }
00073 
00079                 function validateBlacklist( $upload, $forbiddenFilesStr )
00080                 {
00081             // check if the filename extension is forbidden or not
00082             $fileName = basename($upload->getFileName());
00083             foreach( explode( " ", $forbiddenFilesStr ) as $file ) {
00084                 if( Glob::fnmatch( $file, $fileName )) {
00085                         return UPLOAD_VALIDATOR_ERROR_FORBIDDEN_EXTENSION;
00086                 }
00087             }
00088 
00089                 return true;                    
00090                 }
00091                 
00097                 function validateWhitelist( $upload, $allowedFilesStr )
00098                 {
00099             // check if the filename extension is one of the allowed ones or not
00100             $fileName = basename($upload->getFileName());
00101             foreach( explode( " ", $allowedFilesStr ) as $file ) {
00102                 if( Glob::fnmatch( $file, $fileName )) {
00103 //                                      print("it's a valid file!");
00104                         return true;
00105                 }
00106             }
00107 
00108                 return UPLOAD_VALIDATOR_ERROR_NOT_WHITELISTED_EXTENSION;                        
00109                 }
00110     }
00111 ?>