[eluser]Unknown[/eluser]
Hey Everyone,
I'm new here, so I hope I didn't post this incorrectly, I was looking for a way to simply share this idea/feature and the Wiki doesn't appear to be used much.
I did a search around to see if there was a simple way to use Codeigniters Upload library to allow for all file types *except* specified file types. To put it in other words, to disallow certain file types.
Well, surprisingly, this isn't possible in the current release of Codeigniter so I came up with a fairly simple modification which allows me to set what I call a 'non_allowed_types' section in the config for file uploads.
Hopefully this will be useful to someone else. I'm working on a system which allows for uploads of virtually all file types except high-risk files such as executables and php code (as an example).
I do realise that you could do just one big list of allowed file types, but for my system, that is literally every file type bar a few.
Here is an example of how it is used in my code ($directory is a pre-specified path):
Code:
$config['upload_path'] = $directory;
$config['allowed_types'] = '*'; // Allow all file types initially
$config['non_allowed_types'] = 'exe|php'; // Disallow specified file types
$config['overwrite'] = true;
$this->upload->initialize($config);
Attached is the final modified Upload.php file (as a .zip file for obvious reasons), but I'll give a quick rundown of how I did this. Everything below is done within the Upload.php file.
First off, everywhere 'allowed_types' exists, I duplicated this and renamed it to 'non_allowed_types' as I wanted the functionality to work in exactly the same manner from the config file.
Eg, inside the defaults array in the initialise function (things like this are done in a couple of spots throughout the file):
Code:
allowed_types' => "",
'non_allowed_types' => "",
The core of this method comes inside of the do_upload function, I replaced:
Code:
// Is the file type allowed to be uploaded?
if (!$this->is_allowed_filetype())
{
$this->set_error('upload_invalid_filetype');
return FALSE;
}
With:
Code:
// Is the file type allowed to be uploaded?
if (!$this->is_allowed_filetype() || $this->is_non_allowed_filetype())
{
$this->set_error('upload_invalid_filetype');
return FALSE;
}
So we are doing a check to see if the file type is either not in the allowed list, or is in the non-allowed list.
I then took the 'set_allowed_types' function and duplicated it, renaming it to 'set_non_allowed_types', just renaming the 'allowed_types' variable within it to 'non_allowed_types'.
The final step was to duplicate the 'is_allowed_filetype' method, renaming it to 'is_non_allowed_filetype' and renaming the 'allowed_types' variable within it to 'non_allowed_file_types' as I did above.
And there you have it, a simple to use non_allowed_types config ability for file uploading which sits nicely into the existing Codeigniter source.
I hope this helps at least one other person!
