Versions
Look up a class, method, property or event

CFileValidator

Package system.validators
Inheritance class CFileValidator » CValidator » CComponent
Since 1.0
Source Code framework/validators/CFileValidator.php
CFileValidator verifies if an attribute is receiving a valid uploaded file.

It uses the model class and attribute name to retrieve the information about the uploaded file. It then checks if a file is uploaded successfully, if the file size is within the limit and if the file type is allowed.

This validator will attempt to fetch uploaded data if attribute is not previously set. Please note that this cannot be done if input is tabular:
 foreach($models as $i=>$model)
    $model->attribute = CUploadedFile::getInstance($model, "[$i]attribute");
Please note that you must use CUploadedFile::getInstances for multiple file uploads.

When using CFileValidator with an active record, the following code is often used:
 $model->attribute = CUploadedFile::getInstance($model, "attribute");
 if($model->save())
 {
    // single upload
    $model->attribute->saveAs($path);
    // multiple upload
    foreach($model->attribute as $file)
       $file->saveAs($path);
 }


You can use CFileValidator to validate the file attribute.

In addition to the message property for setting a custom error message, CFileValidator has a few custom error messages you can set that correspond to different validation scenarios. When the file is too large, you may use the tooLarge property to define a custom error message. Similarly for tooSmall, wrongType and tooMany. The messages may contain additional placeholders that will be replaced with the actual content. In addition to the "{attribute}" placeholder, recognized by all validators (see CValidator), CFileValidator allows for the following placeholders to be specified:
  • {file}: replaced with the name of the file.
  • {limit}: when using tooLarge, replaced with maxSize; when using tooSmall, replaced with minSize; and when using tooMany replaced with maxFiles.
  • {extensions}: when using wrongType, it will be replaced with the allowed extensions.

Public Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
allowEmpty boolean whether the attribute requires a file to be uploaded or not. CFileValidator
attributes array list of attributes to be validated. CValidator
builtInValidators array list of built-in validators (name=>class) CValidator
enableClientValidation boolean whether to perform client-side validation. CValidator
except array list of scenarios that the validator should not be applied to. CValidator
maxFiles integer the maximum file count the given attribute can hold. CFileValidator
maxSize integer the maximum number of bytes required for the uploaded file. CFileValidator
message string the user-defined error message. CValidator
mimeTypes mixed a list of MIME-types of the file that are allowed to be uploaded. CFileValidator
minSize integer the minimum number of bytes required for the uploaded file. CFileValidator
on array list of scenarios that the validator should be applied. CValidator
safe boolean whether attributes listed with this validator should be considered safe for massive assignment. CFileValidator
skipOnError boolean whether this validation rule should be skipped when there is already a validation error for the current attribute. CValidator
tooLarge string the error message used when the uploaded file is too large. CFileValidator
tooMany string the error message used if the count of multiple uploads exceeds limit. CFileValidator
tooSmall string the error message used when the uploaded file is too small. CFileValidator
types mixed a list of file name extensions that are allowed to be uploaded. CFileValidator
wrongMimeType string the error message used when the uploaded file has a MIME-type that is not listed among mimeTypes. CFileValidator
wrongType string the error message used when the uploaded file has an extension name that is not listed among types. CFileValidator

Protected Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
sizeLimit integer Returns the maximum size allowed for uploaded files. CFileValidator

Public Methods

Hide inherited methods

MethodDescriptionDefined By
__call() Calls the named method which is not a class method. CComponent
__get() Returns a property value, an event handler list or a behavior based on its name. CComponent
__isset() Checks if a property value is null. CComponent
__set() Sets value of a component property. CComponent
__unset() Sets a component property to be null. CComponent
applyTo() Returns a value indicating whether the validator applies to the specified scenario. CValidator
asa() Returns the named behavior object. CComponent
attachBehavior() Attaches a behavior to this component. CComponent
attachBehaviors() Attaches a list of behaviors to the component. CComponent
attachEventHandler() Attaches an event handler to an event. CComponent
canGetProperty() Determines whether a property can be read. CComponent
canSetProperty() Determines whether a property can be set. CComponent
clientValidateAttribute() Returns the JavaScript needed for performing client-side validation. CValidator
createValidator() Creates a validator object. CValidator
detachBehavior() Detaches a behavior from the component. CComponent
detachBehaviors() Detaches all behaviors from the component. CComponent
detachEventHandler() Detaches an existing event handler. CComponent
disableBehavior() Disables an attached behavior. CComponent
disableBehaviors() Disables all behaviors attached to this component. CComponent
enableBehavior() Enables an attached behavior. CComponent
enableBehaviors() Enables all behaviors attached to this component. CComponent
evaluateExpression() Evaluates a PHP expression or callback under the context of this component. CComponent
getEventHandlers() Returns the list of attached event handlers for an event. CComponent
hasEvent() Determines whether an event is defined. CComponent
hasEventHandler() Checks whether the named event has attached handlers. CComponent
hasProperty() Determines whether a property is defined. CComponent
raiseEvent() Raises an event. CComponent
sizeToBytes() Converts php.ini style size to bytes. Examples of size strings are: 150, 1g, 500k, 5M (size suffix CFileValidator
validate() Validates the specified object. CValidator

Protected Methods

Hide inherited methods

MethodDescriptionDefined By
addError() Adds an error about the specified attribute to the active record. CValidator
emptyAttribute() Raises an error to inform end user about blank attribute. CFileValidator
getSizeLimit() Returns the maximum size allowed for uploaded files. CFileValidator
isEmpty() Checks if the given value is empty. CValidator
validateAttribute() Set the attribute and then validates using validateFile. CFileValidator
validateFile() Internally validates a file object. CFileValidator

Property Details

allowEmpty property
public boolean $allowEmpty;

whether the attribute requires a file to be uploaded or not. Defaults to false, meaning a file is required to be uploaded.

maxFiles property
public integer $maxFiles;

the maximum file count the given attribute can hold. It defaults to 1, meaning single file upload. By defining a higher number, multiple uploads become possible.

maxSize property
public integer $maxSize;

the maximum number of bytes required for the uploaded file. Defaults to null, meaning no limit. Note, the size limit is also affected by 'upload_max_filesize' INI setting and the 'MAX_FILE_SIZE' hidden field value.

See Also

mimeTypes property (available since v1.1.11)
public mixed $mimeTypes;

a list of MIME-types of the file that are allowed to be uploaded. This can be either an array or a string consisting of MIME-types separated by space or comma (e.g. "image/gif, image/jpeg"). MIME-types are case-insensitive. Defaults to null, meaning all MIME-types are allowed. In order to use this property fileinfo PECL extension should be installed.

minSize property
public integer $minSize;

the minimum number of bytes required for the uploaded file. Defaults to null, meaning no limit.

See Also

safe property (available since v1.1.12)
public boolean $safe;

whether attributes listed with this validator should be considered safe for massive assignment. For this validator it defaults to false.

sizeLimit property read-only
protected integer getSizeLimit()

Returns the maximum size allowed for uploaded files. This is determined based on three factors:

  • 'upload_max_filesize' in php.ini
  • 'MAX_FILE_SIZE' hidden field
  • maxSize

tooLarge property
public string $tooLarge;

the error message used when the uploaded file is too large.

See Also

tooMany property
public string $tooMany;

the error message used if the count of multiple uploads exceeds limit.

tooSmall property
public string $tooSmall;

the error message used when the uploaded file is too small.

See Also

types property
public mixed $types;

a list of file name extensions that are allowed to be uploaded. This can be either an array or a string consisting of file extension names separated by space or comma (e.g. "gif, jpg"). Extension names are case-insensitive. Defaults to null, meaning all file name extensions are allowed.

wrongMimeType property (available since v1.1.11)
public string $wrongMimeType;

the error message used when the uploaded file has a MIME-type that is not listed among mimeTypes. In order to use this property fileinfo PECL extension should be installed.

wrongType property
public string $wrongType;

the error message used when the uploaded file has an extension name that is not listed among types.

Method Details

emptyAttribute() method
protected void emptyAttribute(CModel $object, string $attribute)
$object CModel the object being validated
$attribute string the attribute being validated
Source Code: framework/validators/CFileValidator.php#252 (show)
protected function emptyAttribute($object$attribute)
{
    if(!
$this->allowEmpty)
    {
        
$message=$this->message!==null?$this->message Yii::t('yii','{attribute} cannot be blank.');
        
$this->addError($object,$attribute,$message);
    }
}

Raises an error to inform end user about blank attribute.

getSizeLimit() method
protected integer getSizeLimit()
{return} integer the size limit for uploaded files.
Source Code: framework/validators/CFileValidator.php#272 (show)
protected function getSizeLimit()
{
    
$limit=ini_get('upload_max_filesize');
    
$limit=$this->sizeToBytes($limit);
    if(
$this->maxSize!==null && $limit>&& $this->maxSize<$limit)
        
$limit=$this->maxSize;
    if(isset(
$_POST['MAX_FILE_SIZE']) && $_POST['MAX_FILE_SIZE']>&& $_POST['MAX_FILE_SIZE']<$limit)
        
$limit=$_POST['MAX_FILE_SIZE'];
    return 
$limit;
}

Returns the maximum size allowed for uploaded files. This is determined based on three factors:

  • 'upload_max_filesize' in php.ini
  • 'MAX_FILE_SIZE' hidden field
  • maxSize

sizeToBytes() method (available since v1.1.11)
public integer sizeToBytes(string $sizeStr)
$sizeStr string the size string to convert.
{return} integer the byte count in the given size string.
Source Code: framework/validators/CFileValidator.php#294 (show)
public function sizeToBytes($sizeStr)
{
    
// get the latest character
    
switch (strtolower(substr($sizeStr, -1)))
    {
        case 
'm': return (int)$sizeStr 1048576// 1024 * 1024
        
case 'k': return (int)$sizeStr 1024// 1024
        
case 'g': return (int)$sizeStr 1073741824// 1024 * 1024 * 1024
        
default: return (int)$sizeStr// do nothing
    
}
}

Converts php.ini style size to bytes. Examples of size strings are: 150, 1g, 500k, 5M (size suffix is case insensitive). If you pass here the number with a fractional part, then everything after the decimal point will be ignored (php.ini values common behavior). For example 1.5G value would be treated as 1G and 1073741824 number will be returned as a result. This method is public (was private before) since 1.1.11.

validateAttribute() method
protected void validateAttribute(CModel $object, string $attribute)
$object CModel the object being validated
$attribute string the attribute being validated
Source Code: framework/validators/CFileValidator.php#146 (show)
protected function validateAttribute($object$attribute)
{
    if(
$this->maxFiles 1)
    {
        
$files=$object->$attribute;
        if(!
is_array($files) || !isset($files[0]) || !$files[0] instanceof CUploadedFile)
            
$files CUploadedFile::getInstances($object$attribute);
        if(array()===
$files)
            return 
$this->emptyAttribute($object$attribute);
        if(
count($files) > $this->maxFiles)
        {
            
$message=$this->tooMany!==null?$this->tooMany Yii::t('yii''{attribute} cannot accept more than {limit} files.');
            
$this->addError($object$attribute$message, array('{attribute}'=>$attribute'{limit}'=>$this->maxFiles));
        }
        else
            foreach(
$files as $file)
                
$this->validateFile($object$attribute$file);
    }
    else
    {
        
$file $object->$attribute;
        if(!
$file instanceof CUploadedFile)
        {
            
$file CUploadedFile::getInstance($object$attribute);
            if(
null===$file)
                return 
$this->emptyAttribute($object$attribute);
        }
        
$this->validateFile($object$attribute$file);
    }
}

Set the attribute and then validates using validateFile. If there is any error, the error message is added to the object.

validateFile() method
protected void validateFile(CModel $object, string $attribute, CUploadedFile $file)
$object CModel the object being validated
$attribute string the attribute being validated
$file CUploadedFile uploaded file passed to check against a set of rules
Source Code: framework/validators/CFileValidator.php#184 (show)
protected function validateFile($object$attribute$file)
{
    if(
null===$file || ($error=$file->getError())==UPLOAD_ERR_NO_FILE)
        return 
$this->emptyAttribute($object$attribute);
    elseif(
$error==UPLOAD_ERR_INI_SIZE || $error==UPLOAD_ERR_FORM_SIZE || $this->maxSize!==null && $file->getSize()>$this->maxSize)
    {
        
$message=$this->tooLarge!==null?$this->tooLarge Yii::t('yii','The file "{file}" is too large. Its size cannot exceed {limit} bytes.');
        
$this->addError($object,$attribute,$message,array('{file}'=>$file->getName(), '{limit}'=>$this->getSizeLimit()));
    }
    elseif(
$error==UPLOAD_ERR_PARTIAL)
        throw new 
CException(Yii::t('yii','The file "{file}" was only partially uploaded.',array('{file}'=>$file->getName())));
    elseif(
$error==UPLOAD_ERR_NO_TMP_DIR)
        throw new 
CException(Yii::t('yii','Missing the temporary folder to store the uploaded file "{file}".',array('{file}'=>$file->getName())));
    elseif(
$error==UPLOAD_ERR_CANT_WRITE)
        throw new 
CException(Yii::t('yii','Failed to write the uploaded file "{file}" to disk.',array('{file}'=>$file->getName())));
    elseif(
defined('UPLOAD_ERR_EXTENSION') && $error==UPLOAD_ERR_EXTENSION)  // available for PHP 5.2.0 or above
        
throw new CException(Yii::t('yii','A PHP extension stopped the file upload.'));

    if(
$this->minSize!==null && $file->getSize()<$this->minSize)
    {
        
$message=$this->tooSmall!==null?$this->tooSmall Yii::t('yii','The file "{file}" is too small. Its size cannot be smaller than {limit} bytes.');
        
$this->addError($object,$attribute,$message,array('{file}'=>$file->getName(), '{limit}'=>$this->minSize));
    }

    if(
$this->types!==null)
    {
        if(
is_string($this->types))
            
$types=preg_split('/[\s,]+/',strtolower($this->types),-1,PREG_SPLIT_NO_EMPTY);
        else
            
$types=$this->types;
        if(!
in_array(strtolower($file->getExtensionName()),$types))
        {
            
$message=$this->wrongType!==null?$this->wrongType Yii::t('yii','The file "{file}" cannot be uploaded. Only files with these extensions are allowed: {extensions}.');
            
$this->addError($object,$attribute,$message,array('{file}'=>$file->getName(), '{extensions}'=>implode(', ',$types)));
        }
    }

    if(
$this->mimeTypes!==null)
    {
        if(
function_exists('finfo_open'))
        {
            
$mimeType=false;
            if(
$info=finfo_open(defined('FILEINFO_MIME_TYPE') ? FILEINFO_MIME_TYPE FILEINFO_MIME))
                
$mimeType=finfo_file($info,$file->getTempName());
        }
        elseif(
function_exists('mime_content_type'))
            
$mimeType=mime_content_type($file->getTempName());
        else
            throw new 
CException(Yii::t('yii','In order to use MIME-type validation provided by CFileValidator fileinfo PECL extension should be installed.'));

        if(
is_string($this->mimeTypes))
            
$mimeTypes=preg_split('/[\s,]+/',strtolower($this->mimeTypes),-1,PREG_SPLIT_NO_EMPTY);
        else
            
$mimeTypes=$this->mimeTypes;

        if(
$mimeType===false || !in_array(strtolower($mimeType),$mimeTypes))
        {
            
$message=$this->wrongMimeType!==null?$this->wrongMimeType Yii::t('yii','The file "{file}" cannot be uploaded. Only files of these MIME-types are allowed: {mimeTypes}.');
            
$this->addError($object,$attribute,$message,array('{file}'=>$file->getName(), '{mimeTypes}'=>implode(', ',$mimeTypes)));
        }
    }
}

Internally validates a file object.

Total 3 comments

#4905 report it
yugene at 2011/08/27 02:05pm
multiple files validation

Add 'maxFiles', if you need validation to work properly for multifiles upload. For example,

array('image', 'file', 'types'=>'jpg,gif,png', 'maxSize'=>'204800', 'allowEmpty'=>true, 'maxFiles'=>4),
#3984 report it
zaccaria at 2011/05/25 03:35am
Multiple file upload validation

In case of multiple file upload you can validate with the following custom rule:

public function rules()
{
    return array(
        array('file', 'files', 'types'=>'pdf')
       );
}
 
public function files($attribute,$params)
{
    $validator= CValidator::createValidator('file', $this, $attribute, $params);
    foreach(CUploadedFile::getInstances($this,$attribute) as $file)
    {
        $this->$attribute= $file;
        $validator->validate($this, $attribute);
    }
}
#697 report it
mech7 at 2010/03/16 10:25pm
Validating files...

Mostly file will only need to be validated on insert not update.. it can be achieved with the following example:

public function rules() {
        // NOTE: you should only define rules for those attributes that
        // will receive user inputs.
        return array(
            array('title', 'required'),
            array('title', 'length', 'max'=>125),
            array('description', 'safe'),
            array('pdf', 'file','on'=>'insert',
                'types'=> 'pdf',
                'maxSize' => 1024 * 1024 * 10, // 10MB                
                'tooLarge' => 'The file was larger than 10MB. Please upload a smaller file.',                
            ),
            array('pdf', 'file','on'=>'update',
                'allowEmpty' => true,
                'types'=> 'pdf',
                'maxSize' => 1024 * 1024 * 10, // 10MB                
                'tooLarge' => 'The file was larger than 10MB. Please upload a smaller file.',                
            ),
        );
    }

With help from steffo.dietz :)

Leave a comment

Please to leave your comment.