Is there any way to check if the image code inside it is valid because
some crackers(hackers) can change the extension and play with image info using some applications to trick the website that the type is image while it's not
so is there any way to check if content is an image code ?
Or is there anyway to check against this type of attacks ?
For Multiple Images
$validatedData = $request->validate([
'images' => 'required',
'images.*' => 'image|mimes:jpeg,png,jpg,gif,svg|max:2048'
]);
Single Image Validation
$validatedData = $request->validate([
'image' => 'required',
'image' => 'image|mimes:jpeg,png,jpg,gif,svg|max:2048'
]);
Related
My database fields looks like this(keep in mind that i'm using a laravel migration as an example):
$table->id();
$table->string('name');
$table->string('genre');
$table->longText('image')->nullable();
$table->timestamps();
When the user store something, i run this command in my controller file(The 'image' field is optional, that's why it is not present in validate():
public function store(Request $request){
$formFields = $request->validate([
'name' => ['required', Rule::unique('game', 'name')],
'genre' => 'required',
'submitGame' => 'required'
]);
//unset($formFields['submitGame']);
//game image
if($request->hasFile('image')){
$image = $request->file('image')->store('gamePoster', 'public');
}
$insert = [
'name' => $formFields['name'],
'genre' => $formFields['genre'],
'image' => $image
];
//storing in database
Game::create($insert);
The image is being uploaded to my folder succesfully, the problem is that somehow the 'image' field does'nt go to the database.
it is really confusing, since the command
$image = $request->file('image')->store('gamePoster', 'public');
actually returns a string, i already checked it multiple times. The $image variable(unless the user did not upload any file at all) is never empty.
can someone help me with image display in laravel blade?
So this is full image URL after upload
http://webshop.local/uploads/products/1592949903recommend.png
It is supposed to be uploaded to
public/uploads/products
folder.
Here is part of code where I create product (ProductsController):
public function store(Request $request)
{
$this->validate($request, [
'title' => 'required',
'price' => 'required',
'description' => 'required',
'productImage' => 'required|image'
]);
$productImage = $request->productImage;
$productImage_new_name = time() . $productImage->getClientOriginalName();
$productImage->move('uploads/products' . $productImage_new_name);
Product::create([
'title' => $request->title,
'productImage' => '/uploads/products/' . $productImage_new_name,
'price' => $request->price,
'description' => $request->description
]);
return redirect()->route('products.index');
}
Also here is blade display:
<th><img src="{{ $product->productImage }}" alt="{{ $product->title }} image"></th>
And this is getting me right link because of:
public function getProductImageAttribute($productImage){
return asset($productImage);
}
in product model.
EDIT
When I upload new image it does not go into folder instead it just create new folder with the name of the image and inside it is file with name phpSOMETHING_RANDOM_HERE.tmp
If anyone else faces this problem please check this part of your code.
$productImage = $request->productImage;
$productImage_new_name = time() . $productImage->getClientOriginalName();
$productImage->move('uploads/products', $productImage_new_name);
Specifically this line:
$productImage->move('uploads/products', $productImage_new_name);
The whole time I had dot between path and variable for the name of an uploaded file.
So to fix this problem just change dot for coma.
Instead of
$productImage->move('uploads/products' . $productImage_new_name);
You need
$productImage->move('uploads/products', $productImage_new_name);
In your store method
$path = $request->productImage->store('uploads/products');
// OR if you need to give it name
$path = $request->productImage->storeAs('uploads/products', 'filename.jpg');
You can 'productImage' => $path, while creating product.
I have store pdf in storage folder with this code
$request->validate([
'title' => 'required|unique:sliders|max:255',
'sub_title' => 'required',
'file' => 'required',
]);
$image = $request->hasFile('file') ? Storage::disk('public')->put('sliders', $request->file('file')) : null;
$slider = new Slider([
'title' => $request->get('title'),
'sub_title' => $request->get('sub_title'),
'image' => $image
]);
$slider->save();
Now how can i show the pdf in browser when click link?
use <iframe> to show pdf in browser . Make sure your path was correct.
<iframe src="file.pdf" style="width:600px; height:500px;" frameborder="0"></iframe>
Create a function for generating pdf link from storage and create the route for it, the code should like this :
public function displayPDF()
{
$filepath = 'path_to_pdf.pdf';
return response()->file(storage_path($file_path));
}
ref : https://laravel.com/docs/5.7/responses#file-responses
In my form, I asked for an image to upload. Then I already validated it and it works. But the file is not stored in the uploads folder.
Here's a snippet of my ProductController:
public function store(Request $request)
{
// Validate fields
$this->validate($request, [
'product_name' => 'required',
'product_price' => 'required',
'product_desc' => 'required',
'product_img' => 'image|required'
]);
// Upload image
if($request->hasFile('image')) {
app()->make('path.public/uploads');
$image = $request->image;
$image->move('uploads', $image->getClientOriginalName());
}
/*// Save the data into database
Product::create([
'name' => $request->product_name,
'price' => $request->product_price,
'description' => $request->product_desc,
'image' => $request->image->getClientOriginalName()
]);
// Echo a session message
$request->session()->flash('msg', 'Your product has been added');
// Redirect to view page
return redirect('/products');*/
}
I already tried looking at other possible solutions but the other questions were already at storing the image in the database. I also tried checking if uploads was a directory and existed, and it is.
Can anyone please help? Thanks.
Try this: official documentation: This is how it should look in your controller:
if($request->hasFile('image')) {
$request->file('image')->store('uplodads/', 'public');
}
This would store the image in /storage/app/public/uploads by default. You can also change the public path in /config/filesystems.php. You can then access the file (if you linked the storage) with asset('storage/uploads'.$img_name).
app()->make('path.public/uploads');
I've already solved it. The variable was wrong all along. Instead of it being product_img, I placed image.
Here's the updated code:
// Validate fields
$this->validate($request, [
'product_name' => 'required',
'product_price' => 'required',
'product_desc' => 'required',
'product_img' => 'image|required'
]);
// Upload image
if($request->hasFile('product_img')) {
$image = $request->product_img;
$image->move('uploads', $image->getClientOriginalName());
}
I am having issues with the file type image validation in Laravel 4. The image validation works if the file mime type is other than application/pdf. Please see the code below:
Controller:
$rules = array(
'title' => 'required|min:3',
'content' => 'required|min:3',
'navigation_title' => 'required|min:3',
'image' => 'image'
);
$validator = Validator::make(Input::all(), $rules);
The view form has enctype="multipart/form-data". The validation works fine if I try to upload txt file, HTML file etc. but validator passes if I upload a PDF file. Do I need to add a mime type validation as well?