1111use Magento \Framework \Api \Data \ImageContentInterface ;
1212use Magento \Framework \App \Filesystem \DirectoryList ;
1313use Magento \Framework \App \ObjectManager ;
14+ use Magento \Framework \Exception \LocalizedException ;
1415use Magento \Framework \File \UploaderFactory ;
1516use Magento \Framework \Filesystem ;
1617
@@ -111,6 +112,7 @@ public function extractValue(\Magento\Framework\App\RequestInterface $request)
111112 $ extend$ this _getRequestValue ($ request
112113
113114 $ attrCode$ this getAttribute ()->getAttributeCode ();
115+ // phpcs:ignore Magento2.Security.Superglobal
114116 if ($ this _requestScope || !isset ($ _FILES $ attrCode
115117 $ value
116118 if (strpos ($ this _requestScope , '/ ' ) !== false ) {
@@ -120,9 +122,10 @@ public function extractValue(\Magento\Framework\App\RequestInterface $request)
120122 $ mainScope$ this _requestScope ;
121123 $ scopes
122124 }
123-
125+ // phpcs:disable Magento2.Security.Superglobal
124126 if (!empty ($ _FILES $ mainScope
125127 foreach ($ _FILES $ mainScopeas $ fileKey$ scopeData
128+ // phpcs:enable Magento2.Security.Superglobal
126129 foreach ($ scopesas $ scopeName
127130 if (isset ($ scopeData$ scopeName
128131 $ scopeData$ scopeData$ scopeName
@@ -147,8 +150,10 @@ public function extractValue(\Magento\Framework\App\RequestInterface $request)
147150 $ value
148151 }
149152 } else {
153+ // phpcs:disable Magento2.Security.Superglobal
150154 if (isset ($ _FILES $ attrCode
151155 $ value$ _FILES $ attrCode
156+ // phpcs:enable Magento2.Security.Superglobal
152157 } else {
153158 $ value
154159 }
@@ -171,7 +176,7 @@ protected function _validateByRules($value)
171176 {
172177 $ label$ value'name ' ];
173178 $ rules$ this getAttribute ()->getValidationRules ();
174- $ extensionpathinfo ($ value'name ' ], PATHINFO_EXTENSION ) ;
179+ $ extension$ this -> fileProcessor -> getStat ($ value'name ' ])[ ' extension ' ] ;
175180 $ fileExtensionsgetArrayElementByName (
176181 $ rules
177182 'file_extensions '
@@ -219,12 +224,13 @@ protected function _validateByRules($value)
219224 */
220225 protected function _isUploadedFile ($ filename
221226 {
227+ // phpcs:ignore Magento2.Functions.DiscouragedFunction
222228 if (is_uploaded_file ($ filename
223229 return true ;
224230 }
225231
226232 // This case is required for file uploader UI component
227- $ temporaryFileTMP_DIR . '/ ' . pathinfo ($ filename'basename ' ];
233+ $ temporaryFileTMP_DIR . '/ ' . $ this -> fileProcessor -> getStat ($ filename'basename ' ];
228234 if ($ this fileProcessor ->isExist ($ temporaryFile
229235 return true ;
230236 }
@@ -343,16 +349,20 @@ protected function processInputFieldValue($value)
343349 }
344350
345351 if (!empty ($ value'tmp_name ' ])) {
352+ $ uploader$ this uploaderFactory ->create (['fileId ' => $ value
353+ $ fileExtension$ uploadergetFileExtension ();
354+ if (!$ this _fileValidator ->isValid ($ fileExtension
355+ throw new LocalizedException ($ this _fileValidator ->getMessages ()[$ fileExtension
356+ }
357+ $ uploadersetFilesDispersion (true );
358+ $ uploadersetFilenamesCaseSensitivity (false );
359+ $ uploadersetAllowRenameFiles (true );
346360 try {
347- $ uploader$ this uploaderFactory ->create (['fileId ' => $ value
348- $ uploadersetFilesDispersion (true );
349- $ uploadersetFilenamesCaseSensitivity (false );
350- $ uploadersetAllowRenameFiles (true );
351361 $ uploadersave ($ mediaDirgetAbsolutePath ($ this _entityTypeCode ), $ value'name ' ]);
352- $ result$ uploadergetUploadedFileName ();
353362 } catch (\Exception $ e
354363 $ this _logger ->critical ($ e
355364 }
365+ $ result$ uploadergetUploadedFileName ();
356366 }
357367
358368 return $ result
0 commit comments