diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[HttpFoundation] Sanitize uploaded file original name

Browse Source
This commit is contained in:
Victor Berchet 2011-04-29 19:26:59 +02:00
parent f8cc8a7deb
commit dccac192d6
2 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Symfony/Component/HttpFoundation/File/UploadedFile.php
View File

@ -82,7 +82,7 @@ class UploadedFile extends File
} }
$this->path = realpath($path); $this->path = realpath($path);
$this->originalName = $originalName; $this->originalName = basename($originalName);
$this->mimeType = $mimeType ?: 'application/octet-stream'; $this->mimeType = $mimeType ?: 'application/octet-stream';
$this->size = $size; $this->size = $size;
$this->error = $error ?: UPLOAD_ERR_OK; $this->error = $error ?: UPLOAD_ERR_OK;

15
tests/Symfony/Tests/Component/HttpFoundation/File/UploadedFileTest.php
View File

@ -77,6 +77,19 @@ class UploadedFileTest extends \PHPUnit_Framework_TestCase
null null
); );
$this->assertEquals('test.gif', $file->getName()); $this->assertEquals('original.gif', $file->getOriginalName());
} }
public function testGetOriginalNameSanitizeFilename()
{
$file = new UploadedFile(
__DIR__.'/Fixtures/test.gif',
'../../original.gif',
'image/gif',
filesize(__DIR__.'/Fixtures/test.gif'),
null
);
$this->assertEquals('original.gif', $file->getOriginalName());
}
} }