File Upload Validation

Hi

I'm using phalcon version 2.1 I think $form->isValid($this->request->getPost()) === true don't check file input validations, am i right? If it's true, how can i check uploaded filesize or mime type?

$this->request->getUploadedFiles() ?



2.1k

$this->request->getUploadedFiles() ?

i checked both of them! but non of them works!! :(

this is not phalcon flavoured method, but I've used it with success

```php

public function uploadFichierAction()
{
    $fichierSauv = 0;
    if ($this->request->isPost()) {
            $typeOk = true;
            if (isset($_FILES["FileInput"]) && $_FILES["FileInput"]["error"] == UPLOAD_ERR_OK) {
                $publicDirectory = 'uploads' . DIRECTORY_SEPARATOR;
                $privateDirectory = '..' . DIRECTORY_SEPARATOR . 'app' . DIRECTORY_SEPARATOR . 'uploads' . DIRECTORY_SEPARATOR;
                if ($_FILES["FileInput"]["size"] > 5242880000) {
                    $errMessage = "too large!";
                } else {
                    switch (strtolower($_FILES['FileInput']['type'])) {
                        case 'image/png':
                        case 'image/gif':
                        case 'image/jpeg':
                        case 'image/pjpeg':
                        case 'text/plain':
                        case 'text/html':
                        case 'application/x-zip-compressed':
                        case 'application/pdf':
                        case 'application/msword':
                        case 'application/vnd.ms-excel':
                        case 'video/mp4':
                        case 'image/vnd.adobe.photoshop':
                            break;
                        default:
                            $typeOk = false;
                            $errMessage = = "file type not supported!"; // error

                    }
                    if ($typeOk == true) {
                        $dateCreation = date("Y-m-d");
                        $taille = $_FILES['FileInput']['size'];
                        $nomFichier = $_FILES['FileInput']['name'];
                       $path_parts = pathinfo($_FILES['FileInput']['name']);
                       $extension = $path_parts['extension'];
                        $fileName = $nomFichier . "." . $extension;
                       move_uploaded_file($_FILES['FileInput']['tmp_name'], $publicDirectory . $nomFichier));
                       ....

```



2.1k
edited Jul '16

so the problem is unsolved epidemy! :(

even i wrote my custom validation, but validation not fired! i'm confused!

edited Jul '16

does you try as suggested by the doc

    public function uploadAction()
        {
            // Check if the user has uploaded files
            if ($this->request->hasFiles()) {

                // Print the real file names and sizes
                foreach ($this->request->getUploadedFiles() as $file) {

                    // Print file details
                    echo $file->getName(), " ", $file->getSize(), "\n";

                    // Move the file into the application
                    $file->moveTo('files/' . $file->getName());
                }
            }
        }

..doing your validations tasks inside the foreach loop?

as I remember, I've used the method given in previous post after not having any success with phalcon native one, but it was two years ago..



2.1k

does you try as suggested by the doc

```php

public function uploadAction() { // Check if the user has uploaded files if ($this->request->hasFiles()) {

           // Print the real file names and sizes
         foreach ($this->request->getUploadedFiles() as $file) {

             // Print file details
             echo $file->getName(), " ", $file->getSize(), "\n";

             // Move the file into the application
             $file->moveTo('files/' . $file->getName());
         }
     }
 }

```

..doing your validations tasks inside the foreach loop?

as I remember, I've used the method given in previous post after not having any success with phalcon native one, but it was two years ago..

ya! it works! but I want " form element validation ", this is not validation. this done in controller level.