PHP File Validation

How it works

  1. The file gets uploaded to your server.
  2. Before storing the file on disk, it is being validated on server side.

Jump to Complete Example

File Upload

In the Server Upload article we explain the steps to upload an file on your server. When you insert an file in the rich text editor, you can validate its format. However that check is done only on the filename and not on the mime type. We recommend to make additional checks on server side just to make sure that users don't upload files in bad formats.

Validate Extension

The WYSIWYG editor's PHP SDK comes with the possibility to check the file extension when it is being stored on the disk. Additional to the file name extension, it is using the mime type of the file for better accuracy.

$options = array(
  'validation' => array(
    'allowedExts' => array('txt', 'pdf', 'doc'),
    'allowedMimeTypes' => array('text/plain', 'application/msword', 'application/x-pdf', 'application/pdf')
  )
);

// Store the image.
$response = FroalaEditor_Image::upload('/uploads/', $options);

Custom Validation

You can also pass a custom method instead of validating the extension and mime type. This gives you full control on what types of files you want to store on disk. Below is an example of how to validate if a file is smaller than 10Mb.

$options = array(
  'validation' => function($filePath, $mimetype) {
    // Get file size.
    $size = filesize($filePath);

    // Check file size is smaller than 10Mb.
    if ($size > 10 * 1024 * 1024) {
      return false;
    }

    return true;
  }
);

$response = FroalaEditor_Image::upload('/uploads/', $options);

Complete Example

<script>
  $(function() {
    $('.selector').froalaEditor({
      // Set the file upload URL.
      fileUploadURL: '/upload_file.php',

      fileUploadParams: {
        id: 'my_editor'
      }
    })
  });
</script>
<?php

// Include the editor SDK.
require 'PATH_TO_FROALA_SDK/lib/froala_editor.php';

$options = array(
  'validation' => array(
    'allowedExts' => array('txt', 'pdf', 'doc'),
    'allowedMimeTypes' => array('text/plain', 'application/msword', 'application/x-pdf', 'application/pdf')
  )
);

// Store the file.
try {
  $response = FroalaEditor_Image::upload('/uploads/', $options);
  echo stripslashes(json_encode($response));
}
catch (Exception $e) {
  http_response_code(404);
}

?>