File Validation

Even the webserver settings have to be tweaked to allow large image sizes. On Nginx the client_max_body_size sgould be set in the server block.

Hey Sridhar,

Yeah, usually webserver/PHP defaults are low, so you might want to tweak the config to allow large image sizes, thanks for this tip!

Cheers!

$builder ->add('name', FileType::class, [ 'label' => false, 'mapped' => false, 'required' => false, 'constraints' => [ new NotNull(), new Image([ 'maxSize' => '5M', ]) ] ]) ;

I use the image constraint, to do tests I try to send a .zip file with a size of 30Mo, the form submits and an unexpected behavior this product, no validation error is returned, and when I tries to trap the error in a condition like if($form->isSubmitted() && !$form->isValid())the browser seems to be looping.
ideas ?

Hey @Mlc

I think you need to set up your PHP.ini file to allow files bigger than 30M. Does it work with small files?

yes I have already configured to go up to 20M but what I mean is that no matter how much we put, if someone puts something bigger the case will never be managed finally?
Thanks for your feedback

In that case, you should get a server error you can "catch" and show a friendly message to the end user. Something odd it's happening in your app, it should not loop. What web server are you using? do you have xDebug enabled? Try disabling it

Hey @MolloKhan,

you saw just for xdebug, I disabled it and this time I got the error POST Content-Length of 30179164 bytes exceeds the limit of 10485760 bytes in Unknown on line 0 except that I didn't managed to catch it with symfony, it displays outside of the usual error context, so I put a limit of post_max_size=200M so that symfony can correctly catch the error, however I'm wondering always the question if ever someone exceeds this limit again ... Ahah :pray:

If you're using the File or Image Symfony constraint, it should catch any php-level errors, but you need to also configure your php.ini, configure both options post_max_size and upload_max_filesize, the latter must be a bit smaller

Hi !

I've made a form which is quite similar to the tutorial's one.
But when I want to edit an (Article-like) object which already has an image, I get a not-found error ('The file could not be found.').
I notice that inside the FileValidator, the $value variable is a string that contains only the raw file name (without any folder name).
I guess it don't find the file because it doesn't know where to search.
So my question is : why does it work in your tuto ???

Hey Vincent R.

You can find answer inside chapter 9 of this tutorial ;)

Cheers!

Hi Vladimir Sadicov
Thanks for your answer,

I read it again and again (and the chapter 10 as well), I compared my code and the tutorial's one... and I still can't find the bug !
To reach my edit form, I use a button in a page who displays the object details, and in this page I can see the corresponding image, so my getImagePath and getPublicPath functions, as well as my Twig extension (that are the same as the tutorial's) actually work.
The only difference is that my constant is not in the UploaderHelper class but in the object entity class... but I think it can't be the bug.

In the profiler, I have this error :
`The file could not be found. car Caused by:

Symfony\Component\Validator\ConstraintViolation {#12787 ▼
root: Symfony\Component\Form\Form {#13462 …}
path: "data.imageFilename"
value: "1136_img_9570-61e14ffeb166c.jpg"
}`

So the form seems not to detect the folder where my image is, whereas twig finds it.

Cheers !

Oh I think I got it. You are trying to save object with already uploaded file, the key moment here that you should skip file validation and changing if you haven't upload new file, that's why you got an error. You should have conditional constraints inside your FormType. If you have course code, check finish folder file`
src/Form/ArticleFormType.php`

Cheers

The more I'm searching, the more I think that the point is not validation : I get the same error if I try to upload a new file.
In my FormType, I've tried to force it to recognize the former image file by adding :

`if ($car->getImagePath()) {
$imagePath = $this->uploader->getPublicPath($car->getImagePath());
$fileTypeOptions['data'] = new UploadedFile($imagePath, $car->getImageFilename(), mime_content_type($imagePath));

    }`

There $imagePath is exactly the path I successfully use to display the image outside of the form :
<blockquote>/uploads/car_image/1136_img_9570-61e14ffeb166c.jpg</blockquote>

But then I get a new error :
<blockquote>mime_content_type(/uploads/car_image/1136_img_9570-61e14ffeb166c.jpg): failed to open stream: No such file or directory
</blockquote>
It doesn't make any sense for me : why does the same path work to display an image out of the form and not inside of it ?

Vincent R.

OK I fixed it.
The solution was in the symfony doc :

When creating a form to edit an already persisted item, the file form type still expects a File instance. As the persisted entity now contains only the relative file path, you first have to concatenate the configured upload path with the stored filename and create a new File class:

I think it could be useful to add this tip to the tutorial.

Thanks for having brainstormed with me !!!

Lets say I use a JS framework like AngularJS for the UI should I check for specific filetypes when the file is chosen (by checking the file extension) or is there a way Symfony can check the file type using guess extension and return a message once the file is uploaded?

Hey Sridhar,

You can specify what mime types are allowed with the Image constraint, look at: https://symfony.com/doc/cur... - i.e. by default all image types are allowed, but you can constraint to jpeg images only.

Cheers!

Hi,

I am using a similar approach in my controller

$violations = $validator->validate($uploadedFile, [
   new File(['maxSize' => '10M']),
]);
if ($violations->count() > 0) {
  return $this->json(['success' => false, 'violations' => $violations], Response::HTTP_NOT_ACCEPTABLE);
}

I upload a 15M file, the violation occurs, the response has the correct code however the body is empty.

If I set 'maxSize' => '1M' instead, the response body is properly set. My upload_max_filesize is 40M and post_max_size is 40M and the server I am using is apache.

Does this make sense? Any ideas?

Hey Dimitris T.

I see you are using NOT_ACCEPTABLE http response code, IIRC it's 406, I'm not sure but did you tried to sent 400 code? Probably browser ignores response body on 406 code

Cheers!

Yes, I tried 400 as well, unfortunately the problem is independent of the return code ...

Interesting! Does PHP configured as apache2 module? or you are using fastcgi interface, as an experiment, can you try same action but with symfony cli server? or native php php -S 127.0.0.1:8000 -t public

Cheers!

Hello team,
I'm working with symfony 4.4, I have a portofolioPage class that has 4 collections of a class Image in a relationship OneToMany

1)I have in my form a upload field with option multiple and was working fine until I added the constraint for maxsize in my formType and I'm getting an error "This value should be of type string".
this is in my Portofolio entity

`/**

 * @ORM\OneToMany(targetEntity="App\Entity\Image", mappedBy="natureGallery", cascade={"persist"})
 */
private $natureGallery;`

this in my image entity

` /**

 * @ORM\ManyToOne(targetEntity="App\Entity\PortofolioPage", inversedBy="natureGallery", cascade={"persist"})
 */
private $natureGallery;`

and my formType

`$imageConstraints = [

        new Image(['maxSize' => '5M'])
    ];
    $builder
        ->add('natureGallery', FileType::class, [
            'multiple' => true,
            'label' => 'form.natureGallery',
            'mapped' => false,
            'required' => false,
            'constraints' => $imageConstraints,
        ])`

2) My second problem is if the multiple option is removed ( just for checking purposes ) it stills only allow me to upload a max of 2M, in my php.ini i set it to upload_max_filesize = 50M and post_max_size = 50M, so i don't think is really checking my constraints.

Thanks for your time.

Ok, i get rid of the "This value should be of type string".
in my formType:
`'constraints' => new All([

                new Image([
                    'maxSize' => '5M'
                ])
            ]),`

but my validator checks 2 times and stills doesn't allow me to upload files more big than 2M.

Hey Ernest R.

If you still get error with 2M limit than you should check phpinfo() looks like your change in php.ini has no effect, it can be wrong php.ini file, some systems use different ini files depending on php working mode cli, fpm. The best way to check what you really have is to print phpinfo somewhere or look in the webdebug toolbar

Cheers

Ok I fixed, I had to modify the php.ini from the cli folder, which is the one symfony uses to start the server. Still doesn't allows me to upload a certain M in one push but... that will another day and right now for my project upload 20 images is enough.

Thanks Vladimir.

PD the phpinfo() show the php.ini config in my apache folder.

Hello. I set file validation maxSize = 5M in my form and I set upload_max_filesize = 5M and post_max_size = 8M in php.ini. However, I have the following issues:
- If the user tries to upload a file bigger then 8M, a php error appears instead of the form error.
- If the user tries to upload a really big file, my app tries to upload it anyway instead of trow the error and then it blows up.
Do you know if I need to do an extra configuration?

Hey Cesar

If the user tries to upload a file bigger then 8M, a php error appears instead of the form error.
That's because you set upload_max_filesize to 5M. Increase it to 8 and you should see your error form. Seems like when someone uploads a file bigger than your php/server settings it throws a very generic error at a higher level than the "form validations" layer

If the user tries to upload a really big file, my app tries to upload it anyway instead of trow the error and then it blows up.
Hmm, what you mean by "blows up" do you get an error? or it just crashes? I think that behavior is specific to your web server. Which web server are you using?

Cheers!

Hi! I'm passing already something to my form, I'm using a single entity for news which is very similar to another type of article so I have used in the db a flag, so I need to pass a HiddenValue to enable or not some form validation (correct me if there is a better way to do that), the problem is that part of the code:

/** @var Article|null $article */
$article = $options['data_class'];
$type = $options['type'];
$isEdit = $article && $article->getId();

I'm not able to extract $article because now is an array and no more a single object so I get:

Call to a member function getId() on array

How can I solve that?

Hey Gballocc7

Why you have to pass a hidden value? If you have a specific section for creating your articles, then, on your controller you can set that entity up instead of relying on hidden data on your form. If you are not working with a Entity Form Type, then you can access to the data as a normal array, i.e. $article['id'] but why it's not an entity anymore?

Cheers!

I'm doing like that because, I got a single Entity but I have slightly different type of article, one has the image and one instead of that holds a pdf. I tried to pass the article with his type already set from the controller to the form but I wasn't able to do that because when I do $article->setType(0) the controller say UNDEFINED VARIABLE.
I need the type in the form because I wanna render some fields only, and because they hold the constraints I can't just render all the fields, because if I try to submit a type 0 article I get that the pdf is missing and viceversa.

For the moment I have done 2 different type of forms is that a bad idea?

Oh, I get it. Having 2 forms is not that bad, some times here in SfCasts, we create a FormType based on a use case. You can go crazy with Form events so you end up with only one form but I wouldn't recommend it, it's a bit chaotic.

Cheers!

Yeah I solved splitting in different forms for different types of article! Thank you for your advice!

Another issue that I have is with mime, I'm using:

* @Assert\All(@Assert\File(
* maxSize = "5M",
* mimeTypes = {"application/pdf", "application/x-pdf"},
* mimeTypesMessage = "Perfavore inserisci un pdf"
* ))

but this rules aren't working, if I try to upload a >2M file I get:

The file is too large. Allowed maximum size is 2 MiB.

Can't understand why. Also if I put the wrong type I get the message:

This value should be a string.

Why doesn't it use my mimeTypesMessage?

Ha! I know that error (File size error), it's because you have to configure your php.ini file. There are two settings you need to change:

; Maximum allowed size for uploaded files.
upload_max_filesize = 20M

; Must be greater than or equal to upload_max_filesize
post_max_size = 20M

After that you should be hitting your file constraints

It doesn't still hit the pdf constraint.. How can I do? I need to upload multiple pdf files but now he makes me upload everykind of file even thought I have put the constraint in the entity

Ok, but you are not getting the previous error, right? So, finally the form is submitting "correctly". How is composed your FormType? Is it an embeded form? if that's your case, you should read this part of the docs: https://symfony.com/doc/cur...

In the entity I have:
/**
* @ORM\Column(type="json", nullable=true)
* @Assert\All(@Assert\File(
* maxSize = "5M",
* mimeTypes = {"application/pdf", "application/x-pdf"},
* mimeTypesMessage = "Perfavore inserisci un pdf"
* ))
*/
private $documents = [];

Why you need @Assert\All? Try removing it

I have removed it and I get the error:
data.documents This value should be of type string.
[]

Can't understand why, is the problem that is taking from a single form an array of uploaded documents? Here my uploader helper funcion:

public function uploadArticleDocument(array $files, ?array $existingFilename): array
{
$documentsPath = array();
foreach($files as $key=>$file) {
if ($file instanceof UploadedFile) {
$originalFilename = $file->getClientOriginalName();
} else {
$originalFilename = $file->getFilename();
}

$newFilename = Urlizer::urlize(pathinfo($originalFilename, PATHINFO_FILENAME)) . '-' . uniqid() . '.' . $file->guessExtension();

$stream = fopen($file->getPathname(), 'r');
$result = $this->filesystem->writeStream(
self::ARTICLE_DOCUMENT . '/' . $newFilename,
$stream
);

if ($result === false) {
throw new \Exception(sprintf('Could not write uploaded file "%s"', $newFilename));
}
if (is_resource($stream)) {
fclose($stream);
}
if ($existingFilename) {
try {
$result = $this->filesystem->delete(self::ARTICLE_DOCUMENT . '/' . $existingFilename[$key]);
if ($result === false) {
throw new \Exception(sprintf('Could not delete old uploaded file "%s"', $existingFilename[$key]));
}
} catch (FileNotFoundException $e) {
$this->logger->alert(sprintf('Old uploaded file "%s" was missing when trying to delete', $existingFilename[$key]));
}
}

array_push($documentsPath, $newFilename);
}

return $documentsPath;
}

Ohh, look at the column type you specified, it's "json", it should be an array

Solved switching documents with references table. But this solve only one of my problem, I have the edit like you have done in this course, but for creation? Can I do a similar thing? Does in symfony exist a transaction? I was thinking about doing a commit when I'm creating and putting references and if the form is submit and valid everything get saved. Otherwise if something go wrong or the user exit from the page everything get rollback. Is it possible in symfony?

Yes, it's possible but it's a feature coming from Doctrine actually. Give it a check to this docs: https://www.doctrine-projec...