/**
* Checks the file extension
*
* @param string $extension The extension to be checked
* @param string $component The optional name for the component storing the parameters
*
* @return boolean true if it passes the checks else false
*
* @since 4.0.0
*/
public static function checkFileExtension($extension, $component = 'com_media', $allowedExecutables = array()) : bool
{
$params = ComponentHelper::getParams($component);
// Media file names should never have executable extensions buried in them.
$executables = array_merge(self::EXECUTABLES, InputFilter::FORBIDDEN_FILE_EXTENSIONS);
// Remove allowed executables from array
if (count($allowedExecutables)) {
$executables = array_diff($executables, $allowedExecutables);
}
if (in_array($extension, $executables, true)) {
return false;
}
$allowable = array_map('trim', explode(',', $params->get('restrict_uploads_extensions', 'bmp,gif,jpg,jpeg,png,webp,ico,mp3,m4a,mp4a,ogg,mp4,mp4v,mpeg,mov,odg,odp,ods,odt,pdf,ppt,txt,xcf,xls,csv')));
$ignored = array_map('trim', explode(',', $params->get('ignore_extensions', '')));
if ($extension == '' || $extension == false || !\in_array($extension, $allowable, true) && !\in_array($extension, $ignored, true)) {
return false;
}
// We don't check mime at all or it passes the checks
return true;
}