Menu
I have a file upload function in my Symfony2 project and I would like to validate that the uploaded file is a .tex file format => LaTex file.
For text/html, I am using:
$metadata->addPropertyConstraint('file', new Assert\File(array(
'maxSize' => '100000k',
'mimeTypes' => array("text/html"),
'mimeTypesMessage' => 'Please upload a valid HTM/HTML File',
)));
I am trying:
$metadata->addPropertyConstraint('file', new Assert\File(array(
'maxSize' => '100000k',
'mimeTypes' => array(
'text/html',
'application/x-tex',
'application/x-latex'
),
'mimeTypesMessage' => 'Please upload a valid HTM/HTML/TEX File',
)));
But as soon as I am uploading a .tex file, I am getting the message:
Please upload a valid HTM/HTML/TEX File.
How can I add Tex file also here? Thank you.
719
In Symfony applications, uploaded files are objects of the UploadedFile class. This class provides methods for the most common operations when dealing with uploaded files; A well-known security best practice is to never trust the input provided by users.
You can also validate all the classes stored in a given directory: The Symfony validator is a powerful tool that can be leveraged to guarantee that the data of any object is "valid". The power behind validation lies in "constraints", which are rules that you can apply to properties or getter methods of your object.
Symfony's validator uses PHP reflection, as well as "getter" methods, to get the value of any property, so they can be public, private or protected (see Validation ). Next, to actually validate an Author object, use the validate () method on the validator service (which implements ValidatorInterface ).
You must check what is the content of the file. As mentioned by David Beauchemin, you can produce Latex files inside Stata using the texdoc module/command. You may check many websites and slides explaining how to produce latex content using that module. Once you have a file in Latex, you may "import" that file using \input.
I think that the same principles of image validation can be applied here. It's unreliable to trust mime-type since user could plant php executable within image/jpeg.
For the images this can be verified by using getimagesize() function. As for the LaTeX you would need some 3rd-party lib what will try to open uploaded file and throw the exception on error (invalid file format, invalid expression, etc...).
Maybe this one: PHPLatex?
Also, which mime-type did you get when you tried uploading file? (@Ahmed's idea)
183
Unless the submitting client 'knows' that tex files are registered as application/x-tex I believe that the client won't sent then as such.
Can you search for the \documentclass directive within the stream?
Alternatively if you are in control of the client machines, e.g. at work or university, can you get the mime types registered on them?
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
