cabillier's avatar

How Can I Create Custom Validation Rules

I want to allow the user to upload a file with the following file extensions only jpg, jpeg, png, bmp, pdf, doc, docx,

I know we can use mimes:jpg,jpeg,png,bmp

but not it will not allow doc and docx...

is there any way I can do something like this 'extention:jpg, jpeg, png, bmp, pdf, doc,docx' ?

Please help.. thank you.

0 likes
3 replies
Glutnix's avatar
Glutnix
Best Answer
Level 4

Extension checking is one way to go about checking if a file is of a particular format, but if that's all you've got, there's nothing preventing someone renaming a JPG to a DOCX and uploading it.

The mime checker (I assume) actually looks at the contents of the file and says 'that's a image/jpg', completely ignoring the filename and extension.

I don't know of any way in PHP to fingerprint if a file is a DOCX or PDF or not. Anyone?

1 like
juandmegon's avatar

You can use a request and it allow you to define the rules:

You can use for example:

'image' => 'required|image|max:20000'

It validates if it is an image

Based on this list: http://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types

For the documents you should use doc or dot and pdf, additionally try to use the MIME type, instead of the extension: application/pdf, application/msword

Please check this good resource: https://goo.gl/jE4sOF

Let me know if it works.

1 like
Glutnix's avatar

additionally try to use the MIME type, instead of the extension: application/pdf, application/msword

Remember you can't always trust the mime type sent by the user's browser in $_FILES. I remember way back in IE's history it didn't know the mime types for images properly. Also, like anything sent to a webserver, it can be spoofed, thus cannot be trusted.

2 likes

Please or to participate in this conversation.