diff --git a/core/lib/Thelia/Controller/Admin/FileController.php b/core/lib/Thelia/Controller/Admin/FileController.php index 1b2e3b21b..e0f469173 100755 --- a/core/lib/Thelia/Controller/Admin/FileController.php +++ b/core/lib/Thelia/Controller/Admin/FileController.php @@ -28,6 +28,9 @@ use Symfony\Component\HttpFoundation\File\UploadedFile; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Routing\Router; +use Symfony\Component\Validator\Constraints\Image; +use Symfony\Component\Validator\Constraints\ImageValidator; +use Symfony\Component\Validator\Exception\ConstraintDefinitionException; use Thelia\Core\Event\ImageCreateOrUpdateEvent; use Thelia\Core\Event\ImagesCreateOrUpdateEvent; use Thelia\Core\Event\ImageDeleteEvent; @@ -35,6 +38,10 @@ use Thelia\Core\Event\TheliaEvents; use Thelia\Core\Translation\Translator; use Thelia\Form\Exception\FormValidationException; use Thelia\Log\Tlog; +use Thelia\Model\CategoryImage; +use Thelia\Model\ContentImage; +use Thelia\Model\FolderImage; +use Thelia\Model\ProductImage; use Thelia\Tools\FileManager; use Thelia\Tools\Rest\ResponseRest; @@ -87,6 +94,30 @@ class FileController extends BaseAdminController $fileBeingUploaded = $this->getRequest()->files->get('file'); $fileManager = new FileManager($this->container); + + // Validate if file is too big + if ($fileBeingUploaded->getError() == 1) { + $message = $this->getTranslator() + ->trans( + 'File is too heavy, please retry with a file having a size less than %size%.', + array('%size%' => ini_get('post_max_size')), + 'image' + ); + + return new ResponseRest($message, 'text', 403); + } + // Validate if it is a image or file + if (!$fileManager->isImage($fileBeingUploaded->getMimeType())) { + $message = $this->getTranslator() + ->trans( + 'You can only upload images (.png, .jpg, .jpeg, .gif)', + array(), + 'image' + ); + + return new ResponseRest($message, 'text', 415); + } + $parentModel = $fileManager->getParentImageModel($parentType, $parentId); $imageModel = $fileManager->getImageModel($parentType); @@ -165,7 +196,9 @@ class FileController extends BaseAdminController */ public function viewImageAction($imageId, $parentType) { - if (null !== $response = $this->checkAuth('admin.image.view')) return $response; + if (null !== $response = $this->checkAuth('admin.image.view')) { + return $response; + } try { $fileManager = new FileManager($this->container); $image = $fileManager->getImageModelQuery($parentType)->findPk($imageId); @@ -191,7 +224,9 @@ class FileController extends BaseAdminController */ public function updateImageAction($imageId, $parentType) { - if (null !== $response = $this->checkAuth('admin.image.update')) return $response; + if (null !== $response = $this->checkAuth('admin.image.update')) { + return $response; + } $message = false; @@ -201,7 +236,7 @@ class FileController extends BaseAdminController try { $image = $fileManager->getImageModelQuery($parentType)->findPk($imageId); $oldImage = clone $image; - if(null === $image) { + if (null === $image) { throw new \InvalidArgumentException(sprintf('%d image id does not exists', $imageId)); } @@ -212,7 +247,7 @@ class FileController extends BaseAdminController $files = $this->getRequest()->files; $fileForm = $files->get($imageModification->getName()); - if(isset($fileForm['file'])) { + if (isset($fileForm['file'])) { $event->setUploadedFile($fileForm['file']); } @@ -220,9 +255,9 @@ class FileController extends BaseAdminController $imageUpdated = $event->getModelImage(); - $this->adminLogAppend(sprintf('Image with Ref %s (ID %d) modified', $imageUpdated->getTitle() , $imageUpdated->getId())); + $this->adminLogAppend(sprintf('Image with Ref %s (ID %d) modified', $imageUpdated->getTitle(), $imageUpdated->getId())); - if($this->getRequest()->get('save_mode') == 'close') { + if ($this->getRequest()->get('save_mode') == 'close') { $this->redirectToRoute('admin.images'); } else { $this->redirectSuccess($imageModification); @@ -243,8 +278,7 @@ class FileController extends BaseAdminController $this->getParserContext() ->addForm($imageModification) - ->setGeneralError($message) - ; + ->setGeneralError($message); } return $this->render('image-edit', array( @@ -334,9 +368,9 @@ class FileController extends BaseAdminController /** * Create Event instance * - * @param string $parentType Parent Type owning images being saved - * @param \Thelia\Model\CategoryImage|\Thelia\Model\ProductImage|\Thelia\Model\ContentImage|\Thelia\Model\FolderImage $model Image model - * @param array $data Post data + * @param string $parentType Parent Type owning images being saved + * @param CategoryImage|ProductImage|ContentImage|FolderImage $model Image model + * @param array $data Post data * * @return ImageCreateOrUpdateEvent */ diff --git a/core/lib/Thelia/Tools/FileManager.php b/core/lib/Thelia/Tools/FileManager.php index 6b37bfb30..e72aa2dfa 100644 --- a/core/lib/Thelia/Tools/FileManager.php +++ b/core/lib/Thelia/Tools/FileManager.php @@ -450,4 +450,24 @@ class FileManager ); return $fileName; } + + /** + * Check if a file is an image + * Check based on mime type + * + * @param string $mimeType File mime type + * + * @return bool + */ + public function isImage($mimeType) + { + $isValid = false; + + $allowedType = array('image/jpeg' , 'image/png' ,'image/gif'); + if (in_array($mimeType, $allowedType)) { + $isValid = true; + } + + return $isValid; + } } \ No newline at end of file diff --git a/core/lib/Thelia/Tools/Rest/ResponseRest.php b/core/lib/Thelia/Tools/Rest/ResponseRest.php index 75d511d78..0c9186436 100644 --- a/core/lib/Thelia/Tools/Rest/ResponseRest.php +++ b/core/lib/Thelia/Tools/Rest/ResponseRest.php @@ -26,7 +26,7 @@ class ResponseRest extends Response * Constructor. * * @param array $data Array to be serialized - * @param string $format serialization format, xml or json available + * @param string $format serialization format, text, xml or json available * @param integer $status The response status code * @param array $headers An array of response headers * @@ -38,14 +38,22 @@ class ResponseRest extends Response { parent::__construct('', $status, $headers); - $this->format = $format; - $serializer = $this->getSerializer(); + if ($format == 'text') { + if (isset($data)) { + $this->setContent($data); + } - if (isset($data)) { - $this->setContent($serializer->serialize($data, $this->format)); + $this->headers->set('Content-Type', 'text/plain'); + } else { + $this->format = $format; + $serializer = $this->getSerializer(); + + if (isset($data)) { + $this->setContent($serializer->serialize($data, $this->format)); + } + + $this->headers->set('Content-Type', 'application/' . $this->format); } - - $this->headers->set('Content-Type', 'application/' . $this->format); } /** diff --git a/templates/admin/default/assets/js/image-upload.js b/templates/admin/default/assets/js/image-upload.js index 92d2a651b..06398b5bc 100644 --- a/templates/admin/default/assets/js/image-upload.js +++ b/templates/admin/default/assets/js/image-upload.js @@ -8,11 +8,17 @@ $(function($){ var imageDropzone = new Dropzone("#images-dropzone", { dictDefaultMessage : $('.btn-browse').html(), uploadMultiple: false, - maxFilesize: 8 + maxFilesize: 8, + accept: function(file, done) { + if (file.name == "justinbieber.jpg") { + + done("Naha, you don't."); + } + else { done(); } + } }); imageDropzone.on("success", function(file) { - $(".image-manager .dz-file-preview").remove(); imageDropzone.removeFile(file); $.imageUploadManager.updateImageListAjax(); $.imageUploadManager.onClickDeleteImage();