Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
nepster-web2014-04-29 21:06:22
Yii
nepster-web, 2014-04-29 21:06:22

How to properly upload and process images in Yii2?

view

<?php $form = ActiveForm::begin([
                'options' => ['enctype'=>'multipart/form-data']
        ]); ?>

    <?=$form->field($model, 'image')->fileInput() ?>
    
    <?=Html::submitButton('Update') ?>
    <?php ActiveForm::end(); ?>

Validation in the model:
public $image;
    
    public function rules()
    {
        return [        
            [['image'], 'image',  'types' => 'png,jpg', 'skipOnEmpty' => false],
        ];
    }

Controller
{
        $dir = Yii::getAlias('@frontend/../web/uploads/test/');
        $uploaded = false;
        $model = new Test();
        
        if ($model->load($_POST)) {
            //$file = UploadedFile::getInstances($model, 'image');
            $file = UploadedFile::getInstance($model, 'image');
            
            $model->image = $file;
            
            if ($model->validate()) {
                $uploaded = $file->saveAs( $dir . $model->image->name );
            }
        }
        
        return $this->render('test',[
             'model' => $model,
             'uploaded' => $uploaded,
             'dir' => $dir,
           ]);
  }

So, everything works, everything loads perfectly. And in doing so, there were 3 questions and one big problem:
1) Is there such a validator for multiple images? For example, I want to upload 10 images, will I need to run each one through $model->validate() , assigning values ​​to image , or is it possible to do something simpler?
2) Is the boxed image validator safe? That is, will images with malicious code inside (all sorts of evals, etc.) be able to get through?
3) How to make transliteration from Russian characters to foreign ones, is there a filter out of the box?
And the big problem:
For example, I want to upload an image, create a small copy and apply a watermark.
I connected the imagine pluginand added a test case from the documentation:
if ($model->validate()) {
                $uploaded = $file->saveAs( $dir . $model->image->name );
                Image::thumbnail($dir.$model->image->name, 120, 120)->save($dir.'thumb-test-image.jpg', ['quality' => 50]);
            }

Imagine my surprise when this thing lays down the Apache. At the same time, there are no logs in php and yii2, only Apache logs, and even those are incomprehensible:
[Mon Apr 28 20:07:27.348978 2014] [mpm_winnt:notice] [pid 5284:tid 336] AH00428: Parent: child process 1304 exited with status 3221226519 -- Restarting.
[Mon Apr 28 20:07:27.533998 2014] [bw:notice] [pid 5284:tid 336] mod_bw : Memory Allocated 0 bytes (each conf takes 40 bytes)
[Mon Apr 28 20:07:27.533998 2014] [bw:notice] [pid 5284:tid 336] mod_bw : Version 0.92 - Initialized [0 Confs]
[Mon Apr 28 20:07:27.533998 2014] [bw:notice] [pid 5284:tid 336] mod_bw : Supported resolution for Timers [ Min: 1 Max: 1000000 ]
[Mon Apr 28 20:07:27.533998 2014] [bw:notice] [pid 5284:tid 336] mod_bw : Enabling High resolution timers [ 1 ms ]
[Mon Apr 28 20:07:28.969246 2014] [ssl:warn] [pid 5284:tid 336] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Mon Apr 28 20:07:38.281074 2014] [ssl:warn] [pid 1892:tid 356] AH01909: RSA certificate configured for test.ru:443 does NOT include an ID which matches the server name
[Mon Apr 28 20:07:38.282074 2014] [ssl:warn] [pid 1892:tid 356] AH01909: RSA certificate configured for tdd.com:443 does NOT include an ID which matches the server name
...
[Mon Apr 28 20:07:38.292076 2014] [ssl:warn] [pid 1892:tid 356] AH01909: RSA certificate configured for default:443 does NOT include an ID which matches the server name
[Mon Apr 28 20:07:38.292076 2014] [ssl:warn] [pid 1892:tid 356] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Mon Apr 28 20:07:38.389088 2014] [bw:notice] [pid 1892:tid 356] mod_bw : Memory Allocated 0 bytes (each conf takes 40 bytes)
[Mon Apr 28 20:07:38.389088 2014] [bw:notice] [pid 1892:tid 356] mod_bw : Version 0.92 - Initialized [0 Confs]
[Mon Apr 28 20:07:38.389088 2014] [bw:notice] [pid 1892:tid 356] mod_bw : Supported resolution for Timers [ Min: 1 Max: 1000000 ]
[Mon Apr 28 20:07:38.390088 2014] [bw:notice] [pid 1892:tid 356] mod_bw : Enabling High resolution timers [ 1 ms ]
[Mon Apr 28 20:07:38.905153 2014] [ssl:warn] [pid 1892:tid 356] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Mon Apr 28 20:07:38.905153 2014] [ssl:warn] [pid 1892:tid 356] AH01909: RSA certificate configured for test.ru:443 does NOT include an ID which matches the server name
[Mon Apr 28 20:07:38.906153 2014] [ssl:warn] [pid 1892:tid 356] AH01909: RSA certificate configured for tdd.com:443 does NOT include an ID which matches the server name
...
[Mon Apr 28 20:07:38.914155 2014] [ssl:warn] [pid 1892:tid 356] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Mon Apr 28 20:07:39.417240 2014] [mpm_winnt:notice] [pid 1892:tid 356] AH00354: Child: Starting 32 worker threads.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

[[+comments_count]] answer(s)
Report
V
vyachin, 2015-04-07
@nepster-web

1. You can check several files like this www.yiiframework.com/doc-2.0/guide-input-file-uplo... file validator can check an array of files, and since the image validator is based on it https://github.com/ yiisoft/yii2/blob/master/framew...
then it can
2. The Image validator just gets the image metrics https://github.com/yiisoft/yii2/blob/master/framew... and compares them with those you specified in the validation settings. You can create a valid image with malicious code. This is potentially a security hole. You can protect yourself by "rebuilding" the image for specific sizes, for nginx read here habrahabr.ru/post/94435 or you can implement something similar in php with caching, but of course it will work slower.
3. Yes, here is an example of using https://github.com/yiisoft/yii2/blob/master/framew...
The answer to your main question is the amount of memory that the extension responsible for working with images eats. GD needs less, but ImageMagic doesn't eat much at all.

Report
S
Superwow3D, 2015-03-01
@Superwow3D

Used your instructions when downloading. My validator was swearing at 'types' , I had to replace it with mimeTypes.

Report
A
Andrey K, 2016-09-28
@kuftachev

Firstly, putting the save logic in the controller is no longer correct in principle!
Second, why boolean $uploaded?

Similar questions
S
schwabsergey2017-08-26 14:34:27
Is it possible to get access to youtube channels after account blocking? 2Reply
R
Roman2015-08-31 13:21:21
Change site routing in yii2? 1Reply
S
Stepan2015-09-01 16:55:17
How to implement factories in Yii2 and what are they for? 1Reply
T
tincap2015-09-02 11:36:48
Why doesn't the model see the GET parameter? 2Reply
T
tincap2015-09-02 11:58:18
How to prohibit adding GET parameters to existing ones? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question