stackoom
  简体   繁体   中英

Upload Files Security in Laravel 5.1

 原文  2016-01-04 07:19:08       php/ mysql/ database/ laravel-5.1

Question

I'm not good in Laravel 5.1. I need your help guys...

Why does it upload other files that are not on the list in my Requests File? I want to upload just the rules function on my Request File .

Here's my new update Controller 

public function store(UploadFiles $filename) {

    $input = Input::all();
    $rules = array('filename' => 'mimes:pdf,doc,jpeg,png,docx');
    $validator = Validator::make($input, $rules);

    if($validator->fails()) {
        $messages = $validator->messages();
        print_r($messages);
    } else {
        $file = $filename->file('filefield');
        $extension = $file->getClientOriginalExtension();
        $entry = new Fileentry();
        $entry->mime = $file->getClientMimeType();
        $entry->original_filename = $file->getClientOriginalName();
        $entry->filename = $file->getFilename().'.'.$extension;
        $entry->description = Request::input('description');
        Storage::disk('local')->put($file->getFilename().'.'.$extension, File::get($file));
        $entry->user_id = Auth::user()->id;
        return redirect('upload');
    }    
}

My Requests: UploadFiles.php 

public function authorize() {
    return true;
}

/**
 * Get the validation rules that apply to the request.
 *
 * @return array
 */
public function rules() {
    return ['filename' => 'mimes:pdf,doc,jpeg,png,docx'];
}

This is my index.blade.php 

<form action="{{route('addentry', [])}}" method="post" enctype="multipart/form-data">
    <input type="hidden" name="_token" value="{!! csrf_token() !!}">
    <input type="file" name="filefield" required>
    <br>

    Description <br>
    <div class="form-group">
       <input type="textarea" name="description"><br>
    </div>
    <input type="submit">
</form>

2 answers

solution1
 1 ACCPTED  2016-01-04 07:37:36

You should pass your rules arr to validator.

Your code should be something like this : 

$input = Input::all();
$rules = array('filename' => 'mimes:pdf,doc,jpeg,png,docx');
$validator = Validator::make($input, $rules);

if ($validator->fails()) {
    $messages = $validator->messages();
    print_r($messages);
} else {
    //your upload code here
}

solution2
 1  2016-01-04 08:08:23

Try this:

In your controller, where you're uploading: Add use App\\Http\\Requests\\UploadFilesValidationRequest; and in your controller, implement Dependency Injection, like: 

public function store(UploadFilesValidationRequest $uploadValidator, UploadFiles $filename){

}

OR 

$imageValidator = new UploadFilesValidationRequest;
$imageValidation = Validator::make($fileData,$imageValidator->rules());

if ($imageValidation->fails()){
    dd($imageValidation->messages())
}

See, if that works.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Laravel 5.1 Upload Files Security How to upload big files via Storage-ftp in Laravel 5.1 Security For URL'S Laravel 5.1 Url and Form security in Laravel 5.1 Upload Multiple Images in Laravel 5.1 Image upload not working in laravel 5.1 Laravel 5.1 file upload validation Upload Video and Thumbnail in Laravel 5.1 Laravel 5.1 file upload error Laravel 5.1 form - 'files' => true
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM