The API of Zend_File_Transfer
has changed from time to time.
If you started to use Zend_File_Transfer
and it's subcomponents
in earlier versions follow the guidelines below to migrate your scripts to
use the new API.
For security reasons we had to turn off the default fallback mechanism of the
MimeType
, ExcludeMimeType
,
IsCompressed
and IsImage
validators.
This means, that if the fileInfo or
magicMime extensions can not be found, the validation will
always fail.
If you are in need of validation by using the HTTP fields which
are provided by the user then you can turn on this feature by using the
enableHeaderCheck()
method.
![]() |
Security hint |
---|---|
You should note that relying on the HTTP fields, which are provided by your user, is a security risk. They can easily be changed and could allow your user to provide a malcious file. |
Example 21.40. Allow the usage of the HTTP fields
// at initiation $valid = new Zend_File_Transfer_Adapter_Http(array('headerCheck' => true); // or afterwards $valid->enableHeaderCheck();
As noted by users, the validators from Zend_File_Transfer
do not work in conjunction with Zend_Config
due to the fact
that they have not used named arrays.
Therefor, all filters and validators for Zend_File_Transfer
have been reworked. While the old signatures continue to work,
they have been marked as deprecated, and will emit a PHP notice
asking you to fix them.
The following list shows you the changes you will have to do for proper usage of the parameters.
Old method API: Zend_Filter_File_Rename($oldfile, $newfile,
$overwrite)
New method API: Zend_Filter_File_Rename($options)
where $options accepts the following array keys:
source equals to $oldfile,
target equals to $newfile,
overwrite equals to $overwrite
Example 21.41. Changes for the rename filter from 1.6 to 1.7
// Example for 1.6 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addFilter('Rename', array('/path/to/oldfile', '/path/to/newfile', true)); // Same example for 1.7 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addFilter('Rename', array('source' => '/path/to/oldfile', 'target' => '/path/to/newfile', 'overwrite' => true));
Old method API: Zend_Validate_File_Count($min, $max)
New method API: Zend_Validate_File_Count($options)
where $options accepts the following array keys:
min equals to $min,
max equals to $max,
Example 21.42. Changes for the count validator from 1.6 to 1.7
// Example for 1.6 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('Count', array(2, 3)); // Same example for 1.7 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('Count', false, array('min' => 2, 'max' => 3));
Old method API: Zend_Validate_File_Extension($extension,
$case)
New method API:
Zend_Validate_File_Extension($options)
where $options
accepts the following array keys:
* equals to $extension and can have any other key,
case equals to $case,
Example 21.43. Changes for the extension validator from 1.6 to 1.7
// Example for 1.6 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('Extension', array('jpg,gif,bmp', true)); // Same example for 1.7 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('Extension', false, array('extension1' => 'jpg,gif,bmp', 'case' => true));
Old method API: Zend_Validate_File_FilesSize($min, $max,
$bytestring)
New method API:
Zend_Validate_File_FilesSize($options)
where $options
accepts the following array keys:
min equals to $min,
max equals to $max,
bytestring equals to $bytestring
Additionally, the useByteString()
method
signature has changed. It can only be used to test if the
validator is expecting to use byte strings in generated
messages. To set the value of the flag, use the
setUseByteString()
method.
Example 21.44. Changes for the filessize validator from 1.6 to 1.7
// Example for 1.6 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('FilesSize', array(100, 10000, true)); // Same example for 1.7 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('FilesSize', false, array('min' => 100, 'max' => 10000, 'bytestring' => true)); // Example for 1.6 $upload->useByteString(true); // set flag // Same example for 1.7 $upload->setUseByteSting(true); // set flag
Old method API: Zend_Validate_File_Hash($hash,
$algorithm)
New method API: Zend_Validate_File_Hash($options)
where $options accepts the following array keys:
* equals to $hash and can have any other key,
algorithm equals to $algorithm,
Example 21.45. Changes for the hash validator from 1.6 to 1.7
// Example for 1.6 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('Hash', array('12345', 'md5')); // Same example for 1.7 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('Hash', false, array('hash1' => '12345', 'algorithm' => 'md5'));
Old method API: Zend_Validate_File_ImageSize($minwidth,
$minheight, $maxwidth, $maxheight)
New method API:
Zend_Validate_File_FilesSize($options)
where $options
accepts the following array keys: minwidth equals to
$minwidth, maxwidth equals to $maxwidth,
minheight equals to $minheight,
maxheight equals to $maxheight,
Example 21.46. Changes for the imagesize validator from 1.6 to 1.7
// Example for 1.6 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('ImageSize', array(10, 10, 100, 100)); // Same example for 1.7 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('ImageSize', false, array('minwidth' => 10, 'minheight' => 10, 'maxwidth' => 100, 'maxheight' => 100));
Old method API: Zend_Validate_File_Size($min, $max,
$bytestring)
New method API: Zend_Validate_File_Size($options)
where $options accepts the following array keys:
min equals to $min,
max equals to $max,
bytestring equals to $bytestring
Example 21.47. Changes for the size validator from 1.6 to 1.7
// Example for 1.6 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('Size', array(100, 10000, true)); // Same example for 1.7 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('Size', false, array('min' => 100, 'max' => 10000, 'bytestring' => true));
As noted by users, the validators from Zend_File_Transfer
do not work the same way like the default ones from
Zend_Form
. Zend_Form
allows the usage
of a breakChainOnFailure
parameter which breaks the validation for all
further validators when an validation error has occurred.
So we added this parameter also to all existing validators from
Zend_File_Transfer
.
Old method API: addValidator($validator, $options, $files)
.
New method API: addValidator($validator, $breakChainOnFailure, $options,
$files)
.
To migrate your scripts to the new API, simply add a FALSE
after defining the wished validator.
Example 21.48. How to change your file validators from 1.6.1 to 1.6.2
// Example for 1.6.1 $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('FilesSize', array('1B', '100kB')); // Same example for 1.6.2 and newer // Note the added boolean false $upload = new Zend_File_Transfer_Adapter_Http(); $upload->addValidator('FilesSize', false, array('1B', '100kB'));