Previous Next

Validators for Zend_File_Transfer

Zend_File_Transfer is delivered with several file related validators which should be used to increase security and prevent possible attacks. Note that the validators are only as good as you are using them. All validators which are provided with Zend_File_Transfer can be found in the Zend_Validator component and are named Zend_Validate_File_*. The following validators are actually available:

  • Count: This validator checks for the ammount of files. It provides a minimum and a maximum and will throw an error when any of these are crossed.

  • Extension: This validator checks the extension of files. It will throw an error when an given file has an undefined extension.

  • FilesSize: This validator checks the complete size of all validated files. It remembers internally the size of all checked files and throws an error when the sum of all files exceed the defined size. It does also provide a minimum and a maximum size.

  • Size: This validator is able to check files for it's filesize. It provides a minimum and a maximum size and will throw an error when any of these are crossed.

  • Upload: This validator is an internal one, which checks if a upload has produced a problem. You must not set it, as it's automatically set by Zend_File_Transfer itself. So you can forget this validator. You should only know that it exists.

Using validators with Zend_File_Transfer

The usage of validators is quite simple. There are several methods for adding and manipulating validators.

  • addValidator($validator, $options = null, $files = null): Adds the given validator to the validator stack (optionally only to the file(s) specified). $validator may be either an actual validator instance, or a short name specifying the validator type (e.g., 'Count').

  • addValidators(array $validators, $files = null): Adds the given validators to the stack of validators. Each entry may be either a validator type/options pair, or an array with the key 'validator' specifying the validator (all other options will be considered validator options for instantiation).

  • setValidators(array $validators, $files = null): Overwrites any existing validators with the validators specified. The validators should follow the syntax for addValidators().

  • hasValidator($name): Indicates if a validator has been registered.

  • getValidator($name): Returns a previously registered validator.

  • getValidators($files = null): Returns registered validators; if $files is passed, returns validators for that particular file or set of files.

  • removeValidator($name): Removes a previously registered validator.

  • clearValidators(): Clears all registered validators.

Example #1 Add validators to a file transfer

$upload = new Zend_File_Transfer();

// Set a filesize with 20000 bytes
$upload->addValidator('Size', 20000);

// Set a filesize with 20 bytes minimum and 20000 bytes maximum
$upload->addValidator('Size', array(20, 20000));

// Set a filesize with 20 bytes minimum and 20000 bytes maximum and a file count in one step 
$upload->setValidators(array(
    'Size'  => array(20, 20000), 
    'Count' => array(1, 3),
));

Example #2 Limit validators to single files

addValidator(), addValidators(), and setValidators() each accept a final $files argument. This argument can be used to specify a particular file or array of files on which to set the given validator.

$upload = new Zend_File_Transfer();

// Set a filesize with 20000 bytes and limits it only to 'file2'
$upload->addValidator('Size', 20000, 'file2');

Generally you should simply use the addValidators() method, which can be called multiple times.

Example #3 Add multiple validators

Often it's simpler just to call addValidator() multiple times. One call for each validator. This also increases the readability and makes your code more maintainable. As all methods provide a fluent interface you can couple the calls as shown below:

$upload = new Zend_File_Transfer();

// Set a filesize with 20000 bytes
$upload->addValidator('Size', 20000)
       ->addValidator('Count', 2)
       ->addValidator('Filessize', 25000);

Note:

Note that even though setting the same validator multiple times is allowed, doing so can lead to issues when using different options for the same validator.

Count validator

The Count validator checks for the number of files which are provided. It supports the following options:

  • Min: Sets the minimum number of files to transfer.

    Note:

    Beware: When using this option you must give the minimum number of files when calling this validator the first time; otherwise you will get an error in return.

    With this option you can define the minimum number of files you expect to receive.

  • Max: Set the maximum number of files to transfer.

    With this option you can limit the number of files which are accepted but also detect a possible attack when more files are given than defined in your form.

You can initiate this validator with both options. The first option is min, the second option is max. When only one option is given it is used as max. But you can also use the methods setMin() and setMax() to set both options afterwards and getMin() and getMax() to retrieve the actual set values.

Example #4 Using the Count validator

$upload = new Zend_File_Transfer();

// Limit the amount of files to maximum 2
$upload->addValidator('Count', 2);

// Limit the amount of files to maximum 5 and expects minimum 1 file to be returned
$upload->addValidator('Count', array(1, 5);

Note:

Note that this validator stores the number of checked files internally. The file which exceeds the maximum will be returned as error.

Extension validator

The Extension validator checks the file extension of files which are provided. It supports the following options:

  • Extension: Checks if the given file uses this file extension.

This validator accepts multiple extensions either as a comma-delimited string, or as an array. You may also use the methods setExtension(), addExtension(), and getExtension() to set and retrieve extensions.

Example #5 Using the Extension validator

$upload = new Zend_File_Transfer();

// Limit the extensions to jpg and png files
$upload->addValidator('Extension', 'jpg,png');

// Limit the extensions to jpg and png files but use array notation
$upload->addValidator('Extension', array('jpg', 'png'));

Note:

Note that this validator just checks the file extension. It does not check the actual file MIME type.

FilesSize validator

The FilesSize validator checks for the aggregate size of all transferred files. It supports the following options:

  • Min: Sets the minimum aggregate filesize.

    With this option you can define the minimum aggregate filesize of files you expect to transfer.

  • Max: Sets the maximum aggregate filesize.

    With this option you can limit the aggregate filesize of all files which are transferred, but not the filesize of individual files.

You can initiate this validator with both options. The first option is min, the second option is max. When only one option is given it is used as max. But you can also use the methods setMin() and setMax() to set both options afterwards and getMin() and getMax() to receive the actual set values.

The size itself is also accepted in SI notation as done by most operating systems. Instead of 20000 bytes you can just give 20kB. All units are converted by using 1024 as base value. The following Units are accepted: kB, MB, GB, TB, PB and EB. As mentioned you have to note that 1kB is equal to 1024 bytes.

Example #6 Using the FilesSize validator

$upload = new Zend_File_Transfer();

// Limit the size of all given files to 40000 bytes
$upload->addValidator('FilesSize', 40000);

// Limit the size of all given files to maximum 4MB and mimimum 10kB
$upload->setValidator('FilesSize', array('10kB', '4MB');

Note:

Note that this validator stores the filesize of checked files internally. The file which exceeds the size will be returned as error.

Size validator

The Size validator checks for the size of a single file. It supports the following options:

  • Min: Set the minimum filesize.

    With this option you can define the minimum filesize for an individual file you expect to transfer.

  • Max: Set the maximum filesize.

    With this option you can limit the filesize of a single file you tranfer.

You can initiate this validator with both options. The first option is min, the second option is max. When only one option is given it is used as max. But you can also use the methods setMin() and setMax() to set both options afterwards and getMin() and getMax() to receive the actual set values.

The size itself is also accepted in SI notation as done by most operating systems. Instead of 20000 bytes you can just give 20kB. All units are conterted by using 1024 as base value. The following Units are accepted: kB, MB, GB, TB, PB and EB. As mentioned you have to note that 1kB is equal to 1024 bytes.

Example #7 Using the Size validator

$upload = new Zend_File_Transfer();

// Limit the size of a file to 40000 bytes
$upload->addValidator('Size', 40000);

// Limit the size a given file to maximum 4MB and mimimum 10kB and limits this
// validator to the file "uploadfile"
$upload->addValidator('Size', array('10kB', '4MB', 'uploadfile');
Previous Next
Introduction to Zend Framework
概要
インストール
Zend_Acl
導入
アクセス制御の洗練
高度な使用法
Zend_Auth
導入
データベースのテーブルでの認証
ダイジェスト認証
HTTP 認証アダプタ
LDAP 認証
Open ID 認証
Zend_Cache
導入
キャッシュの仕組み
Zend_Cache のフロントエンド
Zend_Cache のバックエンド
Zend_Captcha
Introduction
Captcha Operation
Captcha Adapters
Zend_Config
導入
動作原理
Zend_Config_Ini
Zend_Config_Xml
Zend_Console_Getopt
Getopt について
Getopt の規則の宣言
オプションおよび引数の取得
Zend_Console_Getopt の設定
Zend_Controller
Zend_Controller クイックスタート
Zend_Controller の基本
フロントコントローラ
リクエストオブジェクト
標準のルータ: Zend_Controller_Router_Rewrite
ディスパッチャ
アクションコントローラ
アクションヘルパー
レスポンスオブジェクト
プラグイン
モジュラーディレクトリ構造の規約の使用
MVC での例外
以前のバージョンからの移行
Zend_Currency
Zend_Currency について
通貨の操作方法
以前のバージョンからの移行
Zend_Date
導入
動作原理
基本メソッド
Zend_Date API の概要
日付の作成
日付関数全般用の定数
動作例
Zend_Db
Zend_Db_Adapter
Zend_Db_Statement
Zend_Db_Profiler
Zend_Db_Select
Zend_Db_Table
Zend_Db_Table_Row
Zend_Db_Table_Rowset
導入
Zend_Debug
変数の出力
Zend_Dojo
Introduction
Zend_Dojo_Data: dojo.data Envelopes
Dojo View Helpers
Dojo Form Elements and Decorators
Zend_Dom
導入
Zend_Dom_Query
Zend_Exception
例外の使用法
Zend_Feed
導入
フィードの読み込み
ウェブページからのフィードの取得
RSS フィードの使用
Atom フィードの使用
単一の Atom エントリの処理
フィードおよびエントリの構造の変更
独自のフィードクラスおよびエントリクラス
Zend_File
Zend_File_Transfer
Validators for Zend_File_Transfer
Zend_Filter
導入
標準のフィルタクラス群
フィルタチェイン
フィルタの書き方
Zend_Filter_Input
Zend_Filter_Inflector
Zend_Form
Zend_Form
Zend_Form クイックスタート
Zend_Form_Element を用いたフォーム要素の作成
Zend_Form によるフォームの作成
Zend_Form_Decorator による独自のフォームマークアップの作成
Zend Framework に同梱されている標準のフォーム要素
Zend Framework に同梱されている標準のデコレータ
Zend_Form の国際化
Zend_Form の高度な使用法
Zend_Gdata
Gdata について
AuthSub による認証
ClientLogin による認証
Google Calendar の使用法
Google Documents List Data API の使用法
Google Spreadsheets の使用法
Google Apps Provisioning の使用法
Google Base の使用法
YouTube Data API の使用法
Picasa Web Albums の使用法
Gdata の例外処理
Zend_Http
Zend_Http_Client - 導入
Zend_Http_Client - 高度な使用法
Zend_Http_Client - 接続アダプタ
Zend_Http_Cookie および Zend_Http_CookieJar
Zend_Http_Response
Zend_InfoCard
導入
Zend_Json
導入
基本的な使用法
JSON オブジェクト
XML から JSON への変換
Zend_Json_Server - JSON-RPC server
Zend_Layout
導入
Zend_Layout クイックスタート
Zend_Layout の設定オプション
Zend_Layout の高度な使用法
Zend_Ldap
導入
Zend_Loader
ファイルやクラスの動的な読み込み
プラグインのロード
Zend_Locale
導入
Zend_Locale の使用法
正規化および地域化
日付および時刻の扱い
ロケールがサポートする言語
ロケールがサポートする地域
Zend_Log
概要
ライター
フォーマッタ
フィルタ
Zend_Mail
導入
SMTP 経由での送信
SMTP 接続による複数のメールの送信
異なる転送手段の使用
HTML メール
ファイルの添付
受信者の追加
MIME バウンダリの制御
追加のヘッダ
文字セット
エンコーディング
SMTP 認証
セキュアな SMTP トランスポート
メールメッセージの読み込み
Zend_Measure
導入
計測値の作成
計測値の出力
計測値の操作
計測値の型
Zend_Memory
概要
メモリマネージャ
メモリオブジェクト
Zend_Mime
Zend_Mime
Zend_Mime_Message
Zend_Mime_Part
Zend_OpenId
導入
Zend_OpenId_Consumer の基本
Zend_OpenId_Provider
Zend_Paginator
Introduction
Usage
Configuration
Advanced usage
Zend_Pdf
導入
PDF ドキュメントの作成および読み込み
PDF ドキュメントへの変更内容の保存
ドキュメントのページ
描画
ドキュメントの情報およびメタデータ
Zend_Pdf モジュールの使用例
Zend_Registry
レジストリの使用法
Zend_Rest
導入
Zend_Rest_Client
Zend_Rest_Server
Zend_Search_Lucene
概要
インデックスの構築
インデックスの検索
クエリ言語
クエリ作成用の API
文字セット
拡張性
Java Lucene との相互運用
応用
ベストプラクティス
Zend_Server
導入
Zend_Server_Reflection
Zend_Service
導入
Zend_Service_Akismet
Zend_Service_Amazon
Zend_Service_Audioscrobbler
Zend_Service_Delicious
Zend_Service_Flickr
Zend_Service_Nirvanix
Zend_Service_ReCaptcha
Zend_Service_Simpy
導入
Zend_Service_StrikeIron
Zend_Service_StrikeIron: バンドルされているサービス
Zend_Service_StrikeIron: 応用編
Zend_Service_Technorati
Zend_Service_Yahoo
Zend_Session
導入
基本的な使用法
高度な使用法
グローバルセッションの管理
Zend_Session_SaveHandler_DbTable
Zend_Soap
Zend_Soap_Server
Zend_Soap_Client
WSDL Accessor
AutoDiscovery. Introduction
Class autodiscovering.
Functions autodiscovering.
Autodiscovering. Datatypes.
Zend_Test
Introduction
Zend_Test_PHPUnit
Zend_Text
Zend_Text_Figlet
Zend_TimeSync
導入
Zend_TimeSync の動作
Zend_Translate
導入
Zend_Translate のアダプタ
翻訳アダプタの使用法
Zend_Uri
Zend_Uri
Zend_Validate
導入
標準のバリデーションクラス群
バリデータチェイン
バリデータの書き方
Zend_Version
Zend Framework のバージョンの取得
Zend_View
導入
コントローラスクリプト
ビュースクリプト
ビューヘルパー
Zend_View_Abstract
Zend_Wildfire
Zend_Wildfire
Zend_XmlRpc
導入
Zend_XmlRpc_Client
Zend_XmlRpc_Server
Zend Framework のシステム要件
PHP のバージョン
PHP の拡張モジュール
Zend Framework のコンポーネント
Zend Framework の依存性
Zend Framework PHP 標準コーディング規約
概要
PHP ファイルの書式
命名規約
コーディングスタイル
著作権に関する情報