Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
D
drupal
Manage
Activity
Members
Labels
Plan
Wiki
Custom issue tracker
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Model registry
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
project
drupal
Merge requests
!7277
#3437514
Deprecate hook_file_validate() and doc references
Code
Review changes
Check out branch
Download
Patches
Plain diff
Closed
#3437514
Deprecate hook_file_validate() and doc references
issue/drupal-3437514:3437514-deprecate-hookfilevalidate
into
11.x
Overview
0
Commits
1
Pipelines
1
Changes
1
Closed
Kim Pepper
requested to merge
issue/drupal-3437514:3437514-deprecate-hookfilevalidate
into
11.x
1 year ago
Overview
0
Commits
1
Pipelines
1
Changes
1
Expand
Closes
#3437514
0
0
Merge request reports
Compare
11.x
11.x (base)
and
latest version
latest version
664c8af2
1 commit,
1 year ago
1 file
+
11
−
6
Inline
Compare changes
Side-by-side
Inline
Show whitespace changes
Show one file at a time
core/modules/file/file.api.php
+
11
−
6
Options
@@ -15,7 +15,7 @@
* Using \Drupal\file\Element\ManagedFile field with a defined list of allowed
* extensions is best way to provide a file upload field. It will ensure that:
* - File names are sanitized by the FileUploadSanitizeNameEvent event.
* - Files are validated by
hook implementations of hook_f
ile
_v
alidate().
* - Files are validated by
\Drupal\file\Validation\F
ile
V
alidat
orInterfac
e().
* - Files with insecure extensions will be blocked by default even if they are
* listed. If .txt is an allowed extension such files will be renamed.
*
@@ -27,14 +27,15 @@
* '#type' => 'file',
* '#title' => $this->t('Upload file'),
* '#upload_validators' => [
* 'file_validate_extensions' => [
* 'png gif jpg',
* 'FileExtension' => [
* 'extensions' => 'png gif jpg',
* ],
* ],
* ],
* ];
* @endcode
* - Use file_save_upload() to trigger the FileUploadSanitizeNameEvent event and
*
hook_file_
validate().
*
\Drupal\file\Validation\FileValidatorInterface::
validate().
*
* Important considerations, regardless of the form element used:
* - Always use and validate against a list of allowed extensions.
@@ -43,7 +44,7 @@
* recommended.
*
* @see https://cheatsheetseries.owasp.org/cheatsheets/File_Upload_Cheat_Sheet.html
* @see \
hook_f
ile
_v
alidat
e()
* @see \
Drupal\file\Validation\F
ile
V
alidat
orInterface
* @see file_save_upload()
* @see \Drupal\Core\File\Event\FileUploadSanitizeNameEvent
* @see \Drupal\system\EventSubscriber\SecurityFileUploadEventSubscriber
@@ -71,7 +72,11 @@
* An array of error messages. If there are no problems with the file return
* an empty array.
*
* @see file_validate()
* @deprecated in drupal:10.2.0 and is removed from drupal:11.0.0. Use the
* 'file.validator' service instead.
*
* @see https://www.drupal.org/node/3363700
* @see \Drupal\file\Validation\FileValidatorInterface
*/
function
hook_file_validate
(
\Drupal\file\FileInterface
$file
)
{
$errors
=
[];
Loading