首页 发现 帮助
注册 登录
chengwenliang
/
newsupernova
2
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: c9405dd336
分支列表 标签列表
newsupernova
/
vendor
/
magento
/
framework
/
Api
/
ImageContentValidator.php

ImageContentValidator.php 2.5 KB
文件历史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 
  1. <?php
    2. 

  2. /**
    3. 

  3.  *
    4. 

  4.  * Copyright © Magento, Inc. All rights reserved.
    5. 

  5.  * See COPYING.txt for license details.
    6. 

  6.  */
    7. 

  7. 

  8. namespace Magento\Framework\Api;
    9. 

  9. 

  10. use Magento\Framework\Api\Data\ImageContentInterface;
    11. 

  11. use Magento\Framework\Exception\InputException;
    12. 

  12. use Magento\Framework\Phrase;
    13. 

  13. 

  14. /**
    15. 

  15.  * Class for Image content validation
    16. 

  16.  */
    17. 

  17. class ImageContentValidator implements ImageContentValidatorInterface
    18. 

  18. {
    19. 

  19.     /**
    20. 

  20.      * @var array
    21. 

  21.      */
    22. 

  22.     private $defaultMimeTypes = [
    23. 

  23.         'image/jpg',
    24. 

  24.         'image/jpeg',
    25. 

  25.         'image/gif',
    26. 

  26.         'image/png',
    27. 

  27.     ];
    28. 

  28. 

  29.     /**
    30. 

  30.      * @var array
    31. 

  31.      */
    32. 

  32.     private $allowedMimeTypes;
    33. 

  33. 

  34.     /**
    35. 

  35.      * @param array $allowedMimeTypes
    36. 

  36.      */
    37. 

  37.     public function __construct(
    38. 

  38.         array $allowedMimeTypes = []
    39. 

  39.     ) {
    40. 

  40.         $this->allowedMimeTypes = array_merge($this->defaultMimeTypes, $allowedMimeTypes);
    41. 

  41.     }
    42. 

  42. 

  43.     /**
    44. 

  44.      * Check if gallery entry content is valid
    45. 

  45.      *
    46. 

  46.      * @param ImageContentInterface $imageContent
    47. 

  47.      * @return bool
    48. 

  48.      * @throws InputException
    49. 

  49.      */
    50. 

  50.     public function isValid(ImageContentInterface $imageContent)
    51. 

  51.     {
    52. 

  52.         $fileContent = @base64_decode($imageContent->getBase64EncodedData(), true);
    53. 

  53.         if (empty($fileContent)) {
    54. 

  54.             throw new InputException(new Phrase('The image content must be valid base64 encoded data.'));
    55. 

  55.         }
    56. 

  56.         $imageProperties = @getimagesizefromstring($fileContent);
    57. 

  57.         if (empty($imageProperties)) {
    58. 

  58.             throw new InputException(new Phrase('The image content must be valid base64 encoded data.'));
    59. 

  59.         }
    60. 

  60.         $sourceMimeType = $imageProperties['mime'];
    61. 

  61.         if ($sourceMimeType != $imageContent->getType() || !$this->isMimeTypeValid($sourceMimeType)) {
    62. 

  62.             throw new InputException(new Phrase('The image MIME type is not valid or not supported.'));
    63. 

  63.         }
    64. 

  64.         if (!$this->isNameValid($imageContent->getName())) {
    65. 

  65.             throw new InputException(new Phrase('Provided image name contains forbidden characters.'));
    66. 

  66.         }
    67. 

  67.         return true;
    68. 

  68.     }
    69. 

  69. 

  70.     /**
    71. 

  71.      * Check if given mime type is valid
    72. 

  72.      *
    73. 

  73.      * @param string $mimeType
    74. 

  74.      * @return bool
    75. 

  75.      */
    76. 

  76.     protected function isMimeTypeValid($mimeType)
    77. 

  77.     {
    78. 

  78.         return in_array($mimeType, $this->allowedMimeTypes);
    79. 

  79.     }
    80. 

  80. 

  81.     /**
    82. 

  82.      * Check if given filename is valid
    83. 

  83.      *
    84. 

  84.      * @param string $name
    85. 

  85.      * @return bool
    86. 

  86.      */
    87. 

  87.     protected function isNameValid($name)
    88. 

  88.     {
    89. 

  89.         // Cannot contain \ / : * ? " < > |
    90. 

  90.         if (!preg_match('/^[^\\/?*:";<>()|{}\\\\]+$/', $name)) {
    91. 

  91.             return false;
    92. 

  92.         }
    93. 

  93.         return true;
    94. 

  94.     }
    95. 

  95. }
    96.