Previous Next

Validators for Zend_File_Transfer

Zend_File_Transfer is delivered with several file related validators which should be used to increase security and prevent possible attacks. Note that the validators are only as good as you are using them. All validators which are provided with Zend_File_Transfer can be found in the Zend_Validator component and are named Zend_Validate_File_*. The following validators are actually available:

  • Count: This validator checks for the ammount of files. It provides a minimum and a maximum and will throw an error when any of these are crossed.

  • Extension: This validator checks the extension of files. It will throw an error when an given file has an undefined extension.

  • FilesSize: This validator checks the complete size of all validated files. It remembers internally the size of all checked files and throws an error when the sum of all files exceed the defined size. It does also provide a minimum and a maximum size.

  • Size: This validator is able to check files for it's filesize. It provides a minimum and a maximum size and will throw an error when any of these are crossed.

  • Upload: This validator is an internal one, which checks if a upload has produced a problem. You must not set it, as it's automatically set by Zend_File_Transfer itself. So you can forget this validator. You should only know that it exists.

Using validators with Zend_File_Transfer

The usage of validators is quite simple. There are several methods for adding and manipulating validators.

  • addValidator($validator, $options = null, $files = null): Adds the given validator to the validator stack (optionally only to the file(s) specified). $validator may be either an actual validator instance, or a short name specifying the validator type (e.g., 'Count').

  • addValidators(array $validators, $files = null): Adds the given validators to the stack of validators. Each entry may be either a validator type/options pair, or an array with the key 'validator' specifying the validator (all other options will be considered validator options for instantiation).

  • setValidators(array $validators, $files = null): Overwrites any existing validators with the validators specified. The validators should follow the syntax for addValidators().

  • hasValidator($name): Indicates if a validator has been registered.

  • getValidator($name): Returns a previously registered validator.

  • getValidators($files = null): Returns registered validators; if $files is passed, returns validators for that particular file or set of files.

  • removeValidator($name): Removes a previously registered validator.

  • clearValidators(): Clears all registered validators.

Example #1 Add validators to a file transfer

$upload = new Zend_File_Transfer();

// Set a filesize with 20000 bytes
$upload->addValidator('Size', 20000);

// Set a filesize with 20 bytes minimum and 20000 bytes maximum
$upload->addValidator('Size', array(20, 20000));

// Set a filesize with 20 bytes minimum and 20000 bytes maximum and a file count in one step 
$upload->setValidators(array(
    'Size'  => array(20, 20000), 
    'Count' => array(1, 3),
));

Example #2 Limit validators to single files

addValidator(), addValidators(), and setValidators() each accept a final $files argument. This argument can be used to specify a particular file or array of files on which to set the given validator.

$upload = new Zend_File_Transfer();

// Set a filesize with 20000 bytes and limits it only to 'file2'
$upload->addValidator('Size', 20000, 'file2');

Generally you should simply use the addValidators() method, which can be called multiple times.

Example #3 Add multiple validators

Often it's simpler just to call addValidator() multiple times. One call for each validator. This also increases the readability and makes your code more maintainable. As all methods provide a fluent interface you can couple the calls as shown below:

$upload = new Zend_File_Transfer();

// Set a filesize with 20000 bytes
$upload->addValidator('Size', 20000)
       ->addValidator('Count', 2)
       ->addValidator('Filessize', 25000);

Note:

Note that even though setting the same validator multiple times is allowed, doing so can lead to issues when using different options for the same validator.

Count validator

The Count validator checks for the number of files which are provided. It supports the following options:

  • Min: Sets the minimum number of files to transfer.

    Note:

    Beware: When using this option you must give the minimum number of files when calling this validator the first time; otherwise you will get an error in return.

    With this option you can define the minimum number of files you expect to receive.

  • Max: Set the maximum number of files to transfer.

    With this option you can limit the number of files which are accepted but also detect a possible attack when more files are given than defined in your form.

You can initiate this validator with both options. The first option is min, the second option is max. When only one option is given it is used as max. But you can also use the methods setMin() and setMax() to set both options afterwards and getMin() and getMax() to retrieve the actual set values.

Example #4 Using the Count validator

$upload = new Zend_File_Transfer();

// Limit the amount of files to maximum 2
$upload->addValidator('Count', 2);

// Limit the amount of files to maximum 5 and expects minimum 1 file to be returned
$upload->addValidator('Count', array(1, 5);

Note:

Note that this validator stores the number of checked files internally. The file which exceeds the maximum will be returned as error.

Extension validator

The Extension validator checks the file extension of files which are provided. It supports the following options:

  • Extension: Checks if the given file uses this file extension.

This validator accepts multiple extensions either as a comma-delimited string, or as an array. You may also use the methods setExtension(), addExtension(), and getExtension() to set and retrieve extensions.

Example #5 Using the Extension validator

$upload = new Zend_File_Transfer();

// Limit the extensions to jpg and png files
$upload->addValidator('Extension', 'jpg,png');

// Limit the extensions to jpg and png files but use array notation
$upload->addValidator('Extension', array('jpg', 'png'));

Note:

Note that this validator just checks the file extension. It does not check the actual file MIME type.

FilesSize validator

The FilesSize validator checks for the aggregate size of all transferred files. It supports the following options:

  • Min: Sets the minimum aggregate filesize.

    With this option you can define the minimum aggregate filesize of files you expect to transfer.

  • Max: Sets the maximum aggregate filesize.

    With this option you can limit the aggregate filesize of all files which are transferred, but not the filesize of individual files.

You can initiate this validator with both options. The first option is min, the second option is max. When only one option is given it is used as max. But you can also use the methods setMin() and setMax() to set both options afterwards and getMin() and getMax() to receive the actual set values.

The size itself is also accepted in SI notation as done by most operating systems. Instead of 20000 bytes you can just give 20kB. All units are converted by using 1024 as base value. The following Units are accepted: kB, MB, GB, TB, PB and EB. As mentioned you have to note that 1kB is equal to 1024 bytes.

Example #6 Using the FilesSize validator

$upload = new Zend_File_Transfer();

// Limit the size of all given files to 40000 bytes
$upload->addValidator('FilesSize', 40000);

// Limit the size of all given files to maximum 4MB and mimimum 10kB
$upload->setValidator('FilesSize', array('10kB', '4MB');

Note:

Note that this validator stores the filesize of checked files internally. The file which exceeds the size will be returned as error.

Size validator

The Size validator checks for the size of a single file. It supports the following options:

  • Min: Set the minimum filesize.

    With this option you can define the minimum filesize for an individual file you expect to transfer.

  • Max: Set the maximum filesize.

    With this option you can limit the filesize of a single file you tranfer.

You can initiate this validator with both options. The first option is min, the second option is max. When only one option is given it is used as max. But you can also use the methods setMin() and setMax() to set both options afterwards and getMin() and getMax() to receive the actual set values.

The size itself is also accepted in SI notation as done by most operating systems. Instead of 20000 bytes you can just give 20kB. All units are conterted by using 1024 as base value. The following Units are accepted: kB, MB, GB, TB, PB and EB. As mentioned you have to note that 1kB is equal to 1024 bytes.

Example #7 Using the Size validator

$upload = new Zend_File_Transfer();

// Limit the size of a file to 40000 bytes
$upload->addValidator('Size', 40000);

// Limit the size a given file to maximum 4MB and mimimum 10kB and limits this
// validator to the file "uploadfile"
$upload->addValidator('Size', array('10kB', '4MB', 'uploadfile');
Previous Next
Introduction to Zend Framework
Overview
Installation
Zend_Acl
Introduction
Refining Access Controls
Advanced Use
Zend_Auth
Introduction
Database Table Authentication
Digest Authentication
HTTP Authentication Adapter
LDAP Authentication
Open ID Authentication
Zend_Cache
Introduction
The theory of caching
Zend_Cache frontends
Zend_Cache backends
Zend_Captcha
Introduction
Captcha Operation
Captcha Adapters
Zend_Config
Introduction
Theory of Operation
Zend_Config_Ini
Zend_Config_Xml
Zend_Console_Getopt
Introduction to Getopt
Declaring Getopt Rules
Fetching Options and Arguments
Configuring Zend_Console_Getopt
Zend_Controller
Zend_Controller Quick Start
Zend_Controller Basics
The Front Controller
The Request Object
The Standard Router: Zend_Controller_Router_Rewrite
The Dispatcher
Action Controllers
Action Helpers
The Response Object
Plugins
Using a Conventional Modular Directory Structure
MVC Exceptions
Migrating from Previous Versions
Zend_Currency
Introduction to Zend_Currency
How to work with currencies
Migrating from Previous Versions
Zend_Date
Introduction
Theory of Operation
Basic Methods
Zend_Date API Overview
Creation of dates
Constants for General Date Functions
Working examples
Zend_Db
Zend_Db_Adapter
Zend_Db_Statement
Zend_Db_Profiler
Zend_Db_Select
Zend_Db_Table
Zend_Db_Table_Row
Zend_Db_Table_Rowset
Zend_Db_Table Relationships
Zend_Debug
Dumping Variables
Zend_Dojo
Introduction
Zend_Dojo_Data: dojo.data Envelopes
Dojo View Helpers
Dojo Form Elements and Decorators
Zend_Dom
Introduction
Zend_Dom_Query
Zend_Exception
Using Exceptions
Zend_Feed
Introduction
Importing Feeds
Retrieving Feeds from Web Pages
Consuming an RSS Feed
Consuming an Atom Feed
Consuming a Single Atom Entry
Modifying Feed and Entry structures
Custom Feed and Entry Classes
Zend_File
Zend_File_Transfer
Validators for Zend_File_Transfer
Zend_Filter
Introduction
Standard Filter Classes
Filter Chains
Writing Filters
Zend_Filter_Input
Zend_Filter_Inflector
Zend_Form
Zend_Form
Zend_Form Quick Start
Creating Form Elements Using Zend_Form_Element
Creating Forms Using Zend_Form
Creating Custom Form Markup Using Zend_Form_Decorator
Standard Form Elements Shipped With Zend Framework
Standard Form Decorators Shipped With Zend Framework
Internationalization of Zend_Form
Advanced Zend_Form Usage
Zend_Gdata
Introduction to Gdata
Authenticating with AuthSub
Authenticating with ClientLogin
Using Google Calendar
Using Google Documents List Data API
Using Google Spreadsheets
Using Google Apps Provisioning
Using Google Base
Using the YouTube Data API
Using Picasa Web Albums
Catching Gdata Exceptions
Zend_Http
Zend_Http_Client - Introduction
Zend_Http_Client - Advanced Usage
Zend_Http_Client - Connection Adapters
Zend_Http_Cookie and Zend_Http_CookieJar
Zend_Http_Response
Zend_InfoCard
Introduction
Zend_Json
Introduction
Basic Usage
JSON Objects
XML to JSON conversion
Zend_Json_Server - JSON-RPC server
Zend_Layout
Introduction
Zend_Layout Quick Start
Zend_Layout Configuration Options
Zend_Layout Advanced Usage
Zend_Ldap
Introduction
Zend_Loader
Loading Files and Classes Dynamically
Loading Plugins
Zend_Locale
Introduction
Using Zend_Locale
Normalization and Localization
Working with Dates and Times
Supported Languages for Locales
Supported Regions for Locales
Zend_Log
Overview
Writers
Formatters
Filters
Zend_Mail
Introduction
Sending via SMTP
Sending Multiple Mails per SMTP Connection
Using Different Transports
HTML E-Mail
Attachments
Adding Recipients
Controlling the MIME Boundary
Additional Headers
Character Sets
Encoding
SMTP Authentication
Securing SMTP Transport
Reading Mail Messages
Zend_Measure
Introduction
Creation of Measurements
Outputting measurements
Manipulating Measurements
Types of measurements
Zend_Memory
Overview
Memory Manager
Memory Objects
Zend_Mime
Zend_Mime
Zend_Mime_Message
Zend_Mime_Part
Zend_OpenId
Introduction
Zend_OpenId_Consumer Basics
Zend_OpenId_Provider
Zend_Paginator
Introduction
Usage
Configuration
Advanced usage
Zend_Pdf
Introduction.
Creating and loading PDF documents.
Save changes to the PDF document.
Document pages.
Drawing.
Document Info and Metadata.
Zend_Pdf module usage example.
Zend_Registry
Using the Registry
Zend_Rest
Introduction
Zend_Rest_Client
Zend_Rest_Server
Zend_Search_Lucene
Overview
Building Indexes
Searching an Index
Query Language
Query Construction API
Character Set
Extensibility
Interoperating with Java Lucene
Advanced
Best Practices
Zend_Server
Introduction
Zend_Server_Reflection
Zend_Service
Introduction
Zend_Service_Akismet
Zend_Service_Amazon
Zend_Service_Audioscrobbler
Zend_Service_Delicious
Zend_Service_Flickr
Zend_Service_Nirvanix
Zend_Service_ReCaptcha
Zend_Service_Simpy
Introduction
Zend_Service_StrikeIron
Zend_Service_StrikeIron: Bundled Services
Zend_Service_StrikeIron: Advanced Uses
Zend_Service_Technorati
Zend_Service_Yahoo
Zend_Session
Introduction
Basic Usage
Advanced Usage
Global Session Management
Zend_Session_SaveHandler_DbTable
Zend_Soap
Zend_Soap_Server
Zend_Soap_Client
WSDL Accessor
AutoDiscovery. Introduction
Class autodiscovering.
Functions autodiscovering.
Autodiscovering. Datatypes.
Zend_Test
Introduction
Zend_Test_PHPUnit
Zend_Text
Zend_Text_Figlet
Zend_TimeSync
Introduction
Working with Zend_TimeSync
Zend_Translate
Introduction
Adapters for Zend_Translate
Using Translation Adapters
Zend_Uri
Zend_Uri
Zend_Validate
Introduction
Standard Validation Classes
Validator Chains
Writing Validators
Zend_Version
Reading the Zend Framework Version
Zend_View
Introduction
Controller Scripts
View Scripts
View Helpers
Zend_View_Abstract
Zend_Wildfire
Zend_Wildfire
Zend_XmlRpc
Introduction
Zend_XmlRpc_Client
Zend_XmlRpc_Server
Zend Framework Requirements
PHP Version
PHP Extensions
Zend Framework Components
Zend Framework Dependencies
Zend Framework Coding Standard for PHP
Overview
PHP File Formatting
Naming Conventions
Coding Style
Copyright Information