Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Add validators for minimum and maximum image dimensions for uploaded files.
Patch that uses file_validate_image_resolution() will be attached shortly.
Comments
Comment #2
cspiker CreditAttribution: cspiker commentedComment #3
Liam MorlandThanks for the patch. There needs to be input validation before file_validate_image_resolution() is called.
Comment #4
cspiker CreditAttribution: cspiker commentedNew patch against latest dev release with an added regex check of the validation rule format.
I don't believe that any input validation needs to be done on the uploaded file prior to calling
file_validate_image_resolution()
, since that function appears to do all the necessary validation itself (input is a file, file is uploaded, upload is an image, image has valid resolution).Comment #5
Liam MorlandThanks for the patch. The variable $errs is assigned, but not used. Is something missing or changed incompletely?
Comment #6
james.williams CreditAttribution: james.williams at ComputerMinds commentedThis patch addresses Liam's comment, but also adds a standalone 'valid image' rule to catch files that aren't even recognised as valid images. Core's
file_validate_image_resolution()
accepts files that cannot be processed as images (e.g. invalid/zero-byte files, or text files renamed to have .jpg file extensions, etc), even if dimension parameters have been set on the other rules. That may be desirable in some cases (even core allows for files like that, perhaps in case the supposedly-invalid images are actually permissible) - but that's exactly where this module comes in, to allow an admin to configure the rules.Comment #7
Liam MorlandThanks for the patch.
Please check the coding standards. This patch adds two lines that are too long.
It would be great to have some tests for this.
Comment #8
james.williams CreditAttribution: james.williams at ComputerMinds commentedSorry, which lines are too long? If you mean those containing the calls to
t()
, I don't think those would be correct to shorten, unless you can refer me to something saying otherwise please?Comment #9
Liam MorlandIf you click on the test results link above you can see the report:
It is best to learn how to use phpcs and phpcbf to find and fix coding standards issues.
Comment #10
james.williams CreditAttribution: james.williams at ComputerMinds commentedOh, sorry - I see them! I don't think those lines (comments) are even needed anyway, so here's a patch without them.