1

Edit: It turns out this issue happens while trying to upload .sql files. It's not the file name.

When I try to upload a file with this name: forge_2016-02-08_--USERS THOUGH.sql I'm shown this error below:

ErrorException in FileinfoMimeTypeGuesser.php line 69:

Array to string conversion

and

at HandleExceptions->handleError('8', 'Array to string conversion', '/home/forge/example.com/vendor/symfony/http-foundation/File/MimeType/FileinfoMimeTypeGuesser.php', '69', array('path' => '/tmp/phppkDGK8', 'finfo' => object(finfo)))

at finfo->file('/tmp/phppkDGK8') in FileinfoMimeTypeGuesser.php line 69

at finfo->file('/tmp/phppkDGK8') in FileinfoMimeTypeGuesser.php line 69 at FileinfoMimeTypeGuesser->guess('/tmp/phppkDGK8') in MimeTypeGuesser.php line 139

I have no idea why this error is happening. Here's my upload code:

    $baseDir = storage_path('uploads');

    $file = $request->file('file');
    $mimeType = $file->getMimeType();
    $name = str_random(6) . time() . '-' . str_replace(' ', '_', Str::ascii($file->getClientOriginalName()));
    $file->move($baseDir, $name);

    $path = $baseDir . '/' . $name;
    $data = ['path' => $path, 'ip' => userIP(), 'name' => $file->getClientOriginalName(), 'mime' => $mimeType, 'size' => $file->getClientSize()];
    $status = Uploads::create($data);

    if ($status) {
          $su = true;

Please help guys. I don't know why this is happening.

Improve this question
6
  • Do you really want to follow the $name convention you used? Commented Feb 13, 2016 at 1:35
  • @JilsonThomas yes, why? Is there anything wrong with it? Commented Feb 13, 2016 at 1:43
  • I doubt if the error is there. Can you try to dd('ok'); before and after the $name creation? Just to see where is the error. ? Commented Feb 13, 2016 at 1:46
  • The error is at $mimeType = $file->getMimeType(); Commented Feb 13, 2016 at 1:46
  • Can you check if $request->file('file')->isValid() ? Commented Feb 13, 2016 at 1:53

1 Answer 1

Reset to default
1

I fixed it by changing 

$mimeType = $file->getMimeType();

to 

$mimeType = $file->getClientMimeType();

This fixed it.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

The method name getClientMimeType sounds like this will only get you the MIME type the client sent – which can be dangerous, as it could possibly allow someone to upload files of a type you don’t want, by simply faking the MIME type. So this is definitively not what I’d call a “fix” of the issue.
Using the getMimeType shows array to string conversion error if the file is an sql file or has no extension at all. The files they uploaded are stored in the storage folder. If I'm allowing them to upload any type of file, and I simply store it in the storage folder and not run it, how is it dangerous to me? I'm simply curious. Thanks.
So you would even allow the user to upload .php files? By the looks of it it seems you keep the original file extension – so if those uploads go into a directory where they are reachable via HTTP and PHP code gets parsed in files ending with .php as usual, a user could upload and execute any arbitrary PHP code they like …
The uploaded files are stored in the storage folder which cannot be accessed via HTTP. Is that safe?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.