You are here

file.module in Drupal 8

Same filename and directory in other branches
  1. 9 core/modules/file/file.module

Defines a "managed_file" Form API field and a "file" field for Field module.

File

core/modules/file/file.module
View source
<?php

/**
 * @file
 * Defines a "managed_file" Form API field and a "file" field for Field module.
 */
use Drupal\Component\Utility\Environment;
use Drupal\Core\Datetime\Entity\DateFormat;
use Drupal\Core\Field\FieldDefinitionInterface;
use Drupal\Core\File\Exception\FileException;
use Drupal\Core\File\FileSystemInterface;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Messenger\MessengerInterface;
use Drupal\Core\Render\BubbleableMetadata;
use Drupal\Core\Render\Element;
use Drupal\Core\Routing\RouteMatchInterface;
use Drupal\Core\Link;
use Drupal\Core\Url;
use Drupal\file\Entity\File;
use Drupal\file\FileInterface;
use Drupal\Component\Utility\NestedArray;
use Drupal\Component\Utility\Unicode;
use Drupal\Core\Entity\EntityStorageInterface;
use Drupal\Core\Template\Attribute;

/**
 * The regex pattern used when checking for insecure file types.
 */
define('FILE_INSECURE_EXTENSION_REGEX', '/\\.(phar|php|pl|py|cgi|asp|js)(\\.|$)/i');

// Load all Field module hooks for File.
require_once __DIR__ . '/file.field.inc';

/**
 * Implements hook_help().
 */
function file_help($route_name, RouteMatchInterface $route_match) {
  switch ($route_name) {
    case 'help.page.file':
      $output = '';
      $output .= '<h3>' . t('About') . '</h3>';
      $output .= '<p>' . t('The File module allows you to create fields that contain files. See the <a href=":field">Field module help</a> and the <a href=":field_ui">Field UI help</a> pages for general information on fields and how to create and manage them. For more information, see the <a href=":file_documentation">online documentation for the File module</a>.', [
        ':field' => Url::fromRoute('help.page', [
          'name' => 'field',
        ])
          ->toString(),
        ':field_ui' => \Drupal::moduleHandler()
          ->moduleExists('field_ui') ? Url::fromRoute('help.page', [
          'name' => 'field_ui',
        ])
          ->toString() : '#',
        ':file_documentation' => 'https://www.drupal.org/documentation/modules/file',
      ]) . '</p>';
      $output .= '<h3>' . t('Uses') . '</h3>';
      $output .= '<dl>';
      $output .= '<dt>' . t('Managing and displaying file fields') . '</dt>';
      $output .= '<dd>' . t('The <em>settings</em> and the <em>display</em> of the file field can be configured separately. See the <a href=":field_ui">Field UI help</a> for more information on how to manage fields and their display.', [
        ':field_ui' => \Drupal::moduleHandler()
          ->moduleExists('field_ui') ? Url::fromRoute('help.page', [
          'name' => 'field_ui',
        ])
          ->toString() : '#',
      ]) . '</dd>';
      $output .= '<dt>' . t('Allowing file extensions') . '</dt>';
      $output .= '<dd>' . t('In the field settings, you can define the allowed file extensions (for example <em>pdf docx psd</em>) for the files that will be uploaded with the file field.') . '</dd>';
      $output .= '<dt>' . t('Storing files') . '</dt>';
      $output .= '<dd>' . t('Uploaded files can either be stored as <em>public</em> or <em>private</em>, depending on the <a href=":file-system">File system settings</a>. For more information, see the <a href=":system-help">System module help page</a>.', [
        ':file-system' => Url::fromRoute('system.file_system_settings')
          ->toString(),
        ':system-help' => Url::fromRoute('help.page', [
          'name' => 'system',
        ])
          ->toString(),
      ]) . '</dd>';
      $output .= '<dt>' . t('Restricting the maximum file size') . '</dt>';
      $output .= '<dd>' . t('The maximum file size that users can upload is limited by PHP settings of the server, but you can restrict by entering the desired value as the <em>Maximum upload size</em> setting. The maximum file size is automatically displayed to users in the help text of the file field.') . '</dd>';
      $output .= '<dt>' . t('Displaying files and descriptions') . '<dt>';
      $output .= '<dd>' . t('In the field settings, you can allow users to toggle whether individual files are displayed. In the display settings, you can then choose one of the following formats: <ul><li><em>Generic file</em> displays links to the files and adds icons that symbolize the file extensions. If <em>descriptions</em> are enabled and have been submitted, then the description is displayed instead of the file name.</li><li><em>URL to file</em> displays the full path to the file as plain text.</li><li><em>Table of files</em> lists links to the files and the file sizes in a table.</li><li><em>RSS enclosure</em> only displays the first file, and only in a RSS feed, formatted according to the RSS 2.0 syntax for enclosures.</li></ul> A file can still be linked to directly by its URI even if it is not displayed.') . '</dd>';
      $output .= '</dl>';
      return $output;
  }
}

/**
 * Implements hook_field_widget_info_alter().
 */
function file_field_widget_info_alter(array &$info) {

  // Allows using the 'uri' widget for the 'file_uri' field type, which uses it
  // as the default widget.
  // @see \Drupal\file\Plugin\Field\FieldType\FileUriItem
  $info['uri']['field_types'][] = 'file_uri';
}

/**
 * Loads file entities from the database.
 *
 * @param array|null $fids
 *   (optional) An array of entity IDs. If omitted or NULL, all entities are
 *   loaded.
 * @param bool $reset
 *   (optional) Whether to reset the internal file_load_multiple() cache.
 *   Defaults to FALSE.
 *
 * @return array
 *   An array of file entities, indexed by fid.
 *
 * @deprecated in drupal:8.0.0 and is removed from drupal:9.0.0. Use
 *   \Drupal\file\Entity\File::loadMultiple().
 *
 * @see https://www.drupal.org/node/2266845
 */
function file_load_multiple(array $fids = NULL, $reset = FALSE) {
  @trigger_error('file_load_multiple() is deprecated in Drupal 8.0.0 and will be removed before Drupal 9.0.0. Use \\Drupal\\file\\Entity\\File::loadMultiple(). See https://www.drupal.org/node/2266845', E_USER_DEPRECATED);
  if ($reset) {
    \Drupal::entityTypeManager()
      ->getStorage('file')
      ->resetCache($fids);
  }
  return File::loadMultiple($fids);
}

/**
 * Loads a single file entity from the database.
 *
 * @param int $fid
 *   A file ID.
 * @param bool $reset
 *   (optional) Whether to reset the internal file_load_multiple() cache.
 *   Defaults to FALSE.
 *
 * @return \Drupal\file\FileInterface|null
 *   A file entity or NULL if the file was not found.
 *
 * @deprecated in drupal:8.0.0 and is removed from drupal:9.0.0. Use
 *   \Drupal\file\Entity\File::load().
 *
 * @see https://www.drupal.org/node/2266845
 */
function file_load($fid, $reset = FALSE) {
  @trigger_error('file_load() is deprecated in Drupal 8.0.0 and will be removed before Drupal 9.0.0. Use \\Drupal\\file\\Entity\\File::load(). See https://www.drupal.org/node/2266845', E_USER_DEPRECATED);
  if ($reset) {
    \Drupal::entityTypeManager()
      ->getStorage('file')
      ->resetCache([
      $fid,
    ]);
  }
  return File::load($fid);
}

/**
 * Copies a file to a new location and adds a file record to the database.
 *
 * This function should be used when manipulating files that have records
 * stored in the database. This is a powerful function that in many ways
 * performs like an advanced version of copy().
 * - Checks if $source and $destination are valid and readable/writable.
 * - If file already exists in $destination either the call will error out,
 *   replace the file or rename the file based on the $replace parameter.
 * - If the $source and $destination are equal, the behavior depends on the
 *   $replace parameter. FileSystemInterface::EXISTS_REPLACE will error out.
 *   FileSystemInterface::EXISTS_RENAME will rename the file until the
 *   $destination is unique.
 * - Adds the new file to the files database. If the source file is a
 *   temporary file, the resulting file will also be a temporary file. See
 *   file_save_upload() for details on temporary files.
 *
 * @param \Drupal\file\FileInterface $source
 *   A file entity.
 * @param string $destination
 *   A string containing the destination that $source should be
 *   copied to. This must be a stream wrapper URI.
 * @param int $replace
 *   (optional) Replace behavior when the destination file already exists.
 *   Possible values include:
 *   - FileSystemInterface::EXISTS_REPLACE: Replace the existing file. If a
 *     managed file with the destination name exists, then its database entry
 *     will be updated. If no database entry is found, then a new one will be
 *     created.
 *   - FileSystemInterface::EXISTS_RENAME: (default) Append
 *     _{incrementing number} until the filename is unique.
 *   - FileSystemInterface::EXISTS_ERROR: Do nothing and return FALSE.
 *
 * @return \Drupal\file\FileInterface|false
 *   File entity if the copy is successful, or FALSE in the event of an error.
 *
 * @see \Drupal\Core\File\FileSystemInterface::copy()
 * @see hook_file_copy()
 */
function file_copy(FileInterface $source, $destination = NULL, $replace = FileSystemInterface::EXISTS_RENAME) {

  /** @var \Drupal\Core\File\FileSystemInterface $file_system */
  $file_system = \Drupal::service('file_system');

  /** @var \Drupal\Core\StreamWrapper\StreamWrapperManagerInterface $stream_wrapper_manager */
  $stream_wrapper_manager = \Drupal::service('stream_wrapper_manager');
  if (!$stream_wrapper_manager
    ->isValidUri($destination)) {
    if (($realpath = $file_system
      ->realpath($source
      ->getFileUri())) !== FALSE) {
      \Drupal::logger('file')
        ->notice('File %file (%realpath) could not be copied because the destination %destination is invalid. This is often caused by improper use of file_copy() or a missing stream wrapper.', [
        '%file' => $source
          ->getFileUri(),
        '%realpath' => $realpath,
        '%destination' => $destination,
      ]);
    }
    else {
      \Drupal::logger('file')
        ->notice('File %file could not be copied because the destination %destination is invalid. This is often caused by improper use of file_copy() or a missing stream wrapper.', [
        '%file' => $source
          ->getFileUri(),
        '%destination' => $destination,
      ]);
    }
    \Drupal::messenger()
      ->addError(t('The specified file %file could not be copied because the destination is invalid. More information is available in the system log.', [
      '%file' => $source
        ->getFileUri(),
    ]));
    return FALSE;
  }
  try {
    $uri = $file_system
      ->copy($source
      ->getFileUri(), $destination, $replace);
    $file = $source
      ->createDuplicate();
    $file
      ->setFileUri($uri);
    $file
      ->setFilename($file_system
      ->basename($uri));

    // If we are replacing an existing file re-use its database record.
    // @todo Do not create a new entity in order to update it. See
    //   https://www.drupal.org/node/2241865.
    if ($replace == FileSystemInterface::EXISTS_REPLACE) {
      $existing_files = \Drupal::entityTypeManager()
        ->getStorage('file')
        ->loadByProperties([
        'uri' => $uri,
      ]);
      if (count($existing_files)) {
        $existing = reset($existing_files);
        $file->fid = $existing
          ->id();
        $file
          ->setOriginalId($existing
          ->id());
        $file
          ->setFilename($existing
          ->getFilename());
      }
    }
    elseif ($replace == FileSystemInterface::EXISTS_RENAME && is_file($destination)) {
      $file
        ->setFilename($file_system
        ->basename($destination));
    }
    $file
      ->save();

    // Inform modules that the file has been copied.
    \Drupal::moduleHandler()
      ->invokeAll('file_copy', [
      $file,
      $source,
    ]);
    return $file;
  } catch (FileException $e) {
    return FALSE;
  }
}

/**
 * Moves a file to a new location and update the file's database entry.
 *
 * - Checks if $source and $destination are valid and readable/writable.
 * - Performs a file move if $source is not equal to $destination.
 * - If file already exists in $destination either the call will error out,
 *   replace the file or rename the file based on the $replace parameter.
 * - Adds the new file to the files database.
 *
 * @param \Drupal\file\FileInterface $source
 *   A file entity.
 * @param string $destination
 *   A string containing the destination that $source should be moved
 *   to. This must be a stream wrapper URI.
 * @param int $replace
 *   (optional) The replace behavior when the destination file already exists.
 *   Possible values include:
 *   - FileSystemInterface::EXISTS_REPLACE: Replace the existing file. If a
 *     managed file with the destination name exists then its database entry
 *     will be updated and $source->delete() called after invoking
 *     hook_file_move(). If no database entry is found, then the source files
 *     record will be updated.
 *   - FileSystemInterface::EXISTS_RENAME: (default) Append
 *     _{incrementing number} until the filename is unique.
 *   - FileSystemInterface::EXISTS_ERROR: Do nothing and return FALSE.
 *
 * @return \Drupal\file\FileInterface|false
 *   Resulting file entity for success, or FALSE in the event of an error.
 *
 * @see \Drupal\Core\File\FileSystemInterface::move()
 * @see hook_file_move()
 */
function file_move(FileInterface $source, $destination = NULL, $replace = FileSystemInterface::EXISTS_RENAME) {

  /** @var \Drupal\Core\File\FileSystemInterface $file_system */
  $file_system = \Drupal::service('file_system');

  /** @var \Drupal\Core\StreamWrapper\StreamWrapperManagerInterface $stream_wrapper_manager */
  $stream_wrapper_manager = \Drupal::service('stream_wrapper_manager');
  if (!$stream_wrapper_manager
    ->isValidUri($destination)) {
    if (($realpath = $file_system
      ->realpath($source
      ->getFileUri())) !== FALSE) {
      \Drupal::logger('file')
        ->notice('File %file (%realpath) could not be moved because the destination %destination is invalid. This may be caused by improper use of file_move() or a missing stream wrapper.', [
        '%file' => $source
          ->getFileUri(),
        '%realpath' => $realpath,
        '%destination' => $destination,
      ]);
    }
    else {
      \Drupal::logger('file')
        ->notice('File %file could not be moved because the destination %destination is invalid. This may be caused by improper use of file_move() or a missing stream wrapper.', [
        '%file' => $source
          ->getFileUri(),
        '%destination' => $destination,
      ]);
    }
    \Drupal::messenger()
      ->addError(t('The specified file %file could not be moved because the destination is invalid. More information is available in the system log.', [
      '%file' => $source
        ->getFileUri(),
    ]));
    return FALSE;
  }
  try {
    $uri = $file_system
      ->move($source
      ->getFileUri(), $destination, $replace);
    $delete_source = FALSE;
    $file = clone $source;
    $file
      ->setFileUri($uri);

    // If we are replacing an existing file re-use its database record.
    if ($replace == FileSystemInterface::EXISTS_REPLACE) {
      $existing_files = \Drupal::entityTypeManager()
        ->getStorage('file')
        ->loadByProperties([
        'uri' => $uri,
      ]);
      if (count($existing_files)) {
        $existing = reset($existing_files);
        $delete_source = TRUE;
        $file->fid = $existing
          ->id();
        $file->uuid = $existing
          ->uuid();
      }
    }
    elseif ($replace == FileSystemInterface::EXISTS_RENAME && is_file($destination)) {
      $file
        ->setFilename(\Drupal::service('file_system')
        ->basename($destination));
    }
    $file
      ->save();

    // Inform modules that the file has been moved.
    \Drupal::moduleHandler()
      ->invokeAll('file_move', [
      $file,
      $source,
    ]);

    // Delete the original if it's not in use elsewhere.
    if ($delete_source && !\Drupal::service('file.usage')
      ->listUsage($source)) {
      $source
        ->delete();
    }
    return $file;
  } catch (FileException $e) {
    return FALSE;
  }
}

/**
 * Checks that a file meets the criteria specified by the validators.
 *
 * After executing the validator callbacks specified hook_file_validate() will
 * also be called to allow other modules to report errors about the file.
 *
 * @param \Drupal\file\FileInterface $file
 *   A file entity.
 * @param array $validators
 *   (optional) An associative array of callback functions used to validate
 *   the file. The keys are function names and the values arrays of callback
 *   parameters which will be passed in after the file entity. The functions
 *   should return an array of error messages; an empty array indicates that
 *   the file passed validation. The callback functions will be called in the
 *   order specified in the array, then the hook hook_file_validate()
 *   will be invoked so other modules can validate the new file.
 *
 * @return array
 *   An array containing validation error messages.
 *
 * @see hook_file_validate()
 */
function file_validate(FileInterface $file, $validators = []) {

  // Call the validation functions specified by this function's caller.
  $errors = [];
  foreach ($validators as $function => $args) {
    if (function_exists($function)) {
      array_unshift($args, $file);
      $errors = array_merge($errors, call_user_func_array($function, $args));
    }
  }

  // Let other modules perform validation on the new file.
  $errors = array_merge($errors, \Drupal::moduleHandler()
    ->invokeAll('file_validate', [
    $file,
  ]));

  // Ensure the file does not contain a malicious extension. At this point
  // _file_save_upload_single() will have munged the file so it does not contain
  // a malicious extension. Contributed and custom code that calls this method
  // needs to take similar steps if they need to permit files with malicious
  // extensions to be uploaded.
  if (empty($errors) && !\Drupal::config('system.file')
    ->get('allow_insecure_uploads') && preg_match(FILE_INSECURE_EXTENSION_REGEX, $file
    ->getFilename())) {
    $errors[] = t('For security reasons, your upload has been rejected.');
  }
  return $errors;
}

/**
 * Checks for files with names longer than can be stored in the database.
 *
 * @param \Drupal\file\FileInterface $file
 *   A file entity.
 *
 * @return array
 *   An empty array if the file name length is smaller than the limit or an
 *   array containing an error message if it's not or is empty.
 */
function file_validate_name_length(FileInterface $file) {
  $errors = [];
  if (!$file
    ->getFilename()) {
    $errors[] = t("The file's name is empty. Please give a name to the file.");
  }
  if (strlen($file
    ->getFilename()) > 240) {
    $errors[] = t("The file's name exceeds the 240 characters limit. Please rename the file and try again.");
  }
  return $errors;
}

/**
 * Checks that the filename ends with an allowed extension.
 *
 * @param \Drupal\file\FileInterface $file
 *   A file entity.
 * @param string $extensions
 *   A string with a space separated list of allowed extensions.
 *
 * @return array
 *   An empty array if the file extension is allowed or an array containing an
 *   error message if it's not.
 *
 * @see hook_file_validate()
 */
function file_validate_extensions(FileInterface $file, $extensions) {
  $errors = [];
  $regex = '/\\.(' . preg_replace('/ +/', '|', preg_quote($extensions)) . ')$/i';
  if (!preg_match($regex, $file
    ->getFilename())) {
    $errors[] = t('Only files with the following extensions are allowed: %files-allowed.', [
      '%files-allowed' => $extensions,
    ]);
  }
  return $errors;
}

/**
 * Checks that the file's size is below certain limits.
 *
 * @param \Drupal\file\FileInterface $file
 *   A file entity.
 * @param int $file_limit
 *   (optional) The maximum file size in bytes. Zero (the default) indicates
 *   that no limit should be enforced.
 * @param int $user_limit
 *   (optional) The maximum number of bytes the user is allowed. Zero (the
 *   default) indicates that no limit should be enforced.
 *
 * @return array
 *   An empty array if the file size is below limits or an array containing an
 *   error message if it's not.
 *
 * @see hook_file_validate()
 */
function file_validate_size(FileInterface $file, $file_limit = 0, $user_limit = 0) {
  $user = \Drupal::currentUser();
  $errors = [];
  if ($file_limit && $file
    ->getSize() > $file_limit) {
    $errors[] = t('The file is %filesize exceeding the maximum file size of %maxsize.', [
      '%filesize' => format_size($file
        ->getSize()),
      '%maxsize' => format_size($file_limit),
    ]);
  }

  // Save a query by only calling spaceUsed() when a limit is provided.
  if ($user_limit && \Drupal::entityTypeManager()
    ->getStorage('file')
    ->spaceUsed($user
    ->id()) + $file
    ->getSize() > $user_limit) {
    $errors[] = t('The file is %filesize which would exceed your disk quota of %quota.', [
      '%filesize' => format_size($file
        ->getSize()),
      '%quota' => format_size($user_limit),
    ]);
  }
  return $errors;
}

/**
 * Checks that the file is recognized as a valid image.
 *
 * @param \Drupal\file\FileInterface $file
 *   A file entity.
 *
 * @return array
 *   An empty array if the file is a valid image or an array containing an error
 *   message if it's not.
 *
 * @see hook_file_validate()
 */
function file_validate_is_image(FileInterface $file) {
  $errors = [];
  $image_factory = \Drupal::service('image.factory');
  $image = $image_factory
    ->get($file
    ->getFileUri());
  if (!$image
    ->isValid()) {
    $supported_extensions = $image_factory
      ->getSupportedExtensions();
    $errors[] = t('The image file is invalid or the image type is not allowed. Allowed types: %types', [
      '%types' => implode(', ', $supported_extensions),
    ]);
  }
  return $errors;
}

/**
 * Verifies that image dimensions are within the specified maximum and minimum.
 *
 * Non-image files will be ignored. If an image toolkit is available the image
 * will be scaled to fit within the desired maximum dimensions.
 *
 * @param \Drupal\file\FileInterface $file
 *   A file entity. This function may resize the file affecting its size.
 * @param string|int $maximum_dimensions
 *   (optional) A string in the form WIDTHxHEIGHT; for example, '640x480' or
 *   '85x85'. If an image toolkit is installed, the image will be resized down
 *   to these dimensions. A value of zero (the default) indicates no restriction
 *   on size, so no resizing will be attempted.
 * @param string|int $minimum_dimensions
 *   (optional) A string in the form WIDTHxHEIGHT. This will check that the
 *   image meets a minimum size. A value of zero (the default) indicates that
 *   there is no restriction on size.
 *
 * @return array
 *   An empty array if the file meets the specified dimensions, was resized
 *   successfully to meet those requirements or is not an image. If the image
 *   does not meet the requirements or an attempt to resize it fails, an array
 *   containing the error message will be returned.
 *
 * @see hook_file_validate()
 */
function file_validate_image_resolution(FileInterface $file, $maximum_dimensions = 0, $minimum_dimensions = 0) {
  $errors = [];

  // Check first that the file is an image.
  $image_factory = \Drupal::service('image.factory');
  $image = $image_factory
    ->get($file
    ->getFileUri());
  if ($image
    ->isValid()) {
    $scaling = FALSE;
    if ($maximum_dimensions) {

      // Check that it is smaller than the given dimensions.
      list($width, $height) = explode('x', $maximum_dimensions);
      if ($image
        ->getWidth() > $width || $image
        ->getHeight() > $height) {

        // Try to resize the image to fit the dimensions.
        if ($image
          ->scale($width, $height)) {
          $scaling = TRUE;
          $image
            ->save();
          if (!empty($width) && !empty($height)) {
            $message = t('The image was resized to fit within the maximum allowed dimensions of %dimensions pixels. The new dimensions of the resized image are %new_widthx%new_height pixels.', [
              '%dimensions' => $maximum_dimensions,
              '%new_width' => $image
                ->getWidth(),
              '%new_height' => $image
                ->getHeight(),
            ]);
          }
          elseif (empty($width)) {
            $message = t('The image was resized to fit within the maximum allowed height of %height pixels. The new dimensions of the resized image are %new_widthx%new_height pixels.', [
              '%height' => $height,
              '%new_width' => $image
                ->getWidth(),
              '%new_height' => $image
                ->getHeight(),
            ]);
          }
          elseif (empty($height)) {
            $message = t('The image was resized to fit within the maximum allowed width of %width pixels. The new dimensions of the resized image are %new_widthx%new_height pixels.', [
              '%width' => $width,
              '%new_width' => $image
                ->getWidth(),
              '%new_height' => $image
                ->getHeight(),
            ]);
          }
          \Drupal::messenger()
            ->addStatus($message);
        }
        else {
          $errors[] = t('The image exceeds the maximum allowed dimensions and an attempt to resize it failed.');
        }
      }
    }
    if ($minimum_dimensions) {

      // Check that it is larger than the given dimensions.
      list($width, $height) = explode('x', $minimum_dimensions);
      if ($image
        ->getWidth() < $width || $image
        ->getHeight() < $height) {
        if ($scaling) {
          $errors[] = t('The resized image is too small. The minimum dimensions are %dimensions pixels and after resizing, the image size will be %widthx%height pixels.', [
            '%dimensions' => $minimum_dimensions,
            '%width' => $image
              ->getWidth(),
            '%height' => $image
              ->getHeight(),
          ]);
        }
        else {
          $errors[] = t('The image is too small. The minimum dimensions are %dimensions pixels and the image size is %widthx%height pixels.', [
            '%dimensions' => $minimum_dimensions,
            '%width' => $image
              ->getWidth(),
            '%height' => $image
              ->getHeight(),
          ]);
        }
      }
    }
  }
  return $errors;
}

/**
 * Saves a file to the specified destination and creates a database entry.
 *
 * @param string $data
 *   A string containing the contents of the file.
 * @param string|null $destination
 *   (optional) A string containing the destination URI. This must be a stream
 *   wrapper URI. If no value or NULL is provided, a randomized name will be
 *   generated and the file will be saved using Drupal's default files scheme,
 *   usually "public://".
 * @param int $replace
 *   (optional) The replace behavior when the destination file already exists.
 *   Possible values include:
 *   - FileSystemInterface::EXISTS_REPLACE: Replace the existing file. If a
 *     managed file with the destination name exists, then its database entry
 *     will be updated. If no database entry is found, then a new one will be
 *     created.
 *   - FileSystemInterface::EXISTS_RENAME: (default) Append
 *     _{incrementing number} until the filename is unique.
 *   - FileSystemInterface::EXISTS_ERROR: Do nothing and return FALSE.
 *
 * @return \Drupal\file\FileInterface|false
 *   A file entity, or FALSE on error.
 *
 * @see \Drupal\Core\File\FileSystemInterface::saveData()
 */
function file_save_data($data, $destination = NULL, $replace = FileSystemInterface::EXISTS_RENAME) {
  $user = \Drupal::currentUser();
  if (empty($destination)) {
    $destination = \Drupal::config('system.file')
      ->get('default_scheme') . '://';
  }

  /** @var \Drupal\Core\StreamWrapper\StreamWrapperManagerInterface $stream_wrapper_manager */
  $stream_wrapper_manager = \Drupal::service('stream_wrapper_manager');
  if (!$stream_wrapper_manager
    ->isValidUri($destination)) {
    \Drupal::logger('file')
      ->notice('The data could not be saved because the destination %destination is invalid. This may be caused by improper use of file_save_data() or a missing stream wrapper.', [
      '%destination' => $destination,
    ]);
    \Drupal::messenger()
      ->addError(t('The data could not be saved because the destination is invalid. More information is available in the system log.'));
    return FALSE;
  }
  try {
    $uri = \Drupal::service('file_system')
      ->saveData($data, $destination, $replace);

    // Create a file entity.
    $file = File::create([
      'uri' => $uri,
      'uid' => $user
        ->id(),
      'status' => FILE_STATUS_PERMANENT,
    ]);

    // If we are replacing an existing file re-use its database record.
    // @todo Do not create a new entity in order to update it. See
    //   https://www.drupal.org/node/2241865.
    if ($replace == FileSystemInterface::EXISTS_REPLACE) {
      $existing_files = \Drupal::entityTypeManager()
        ->getStorage('file')
        ->loadByProperties([
        'uri' => $uri,
      ]);
      if (count($existing_files)) {
        $existing = reset($existing_files);
        $file->fid = $existing
          ->id();
        $file
          ->setOriginalId($existing
          ->id());
        $file
          ->setFilename($existing
          ->getFilename());
      }
    }
    elseif ($replace == FileSystemInterface::EXISTS_RENAME && is_file($destination)) {
      $file
        ->setFilename(\Drupal::service('file_system')
        ->basename($destination));
    }
    $file
      ->save();
    return $file;
  } catch (FileException $e) {
    return FALSE;
  }
}

/**
 * Examines a file entity and returns appropriate content headers for download.
 *
 * @param \Drupal\file\FileInterface $file
 *   A file entity.
 *
 * @return array
 *   An associative array of headers, as expected by
 *   \Symfony\Component\HttpFoundation\StreamedResponse.
 */
function file_get_content_headers(FileInterface $file) {
  $type = Unicode::mimeHeaderEncode($file
    ->getMimeType());
  return [
    'Content-Type' => $type,
    'Content-Length' => $file
      ->getSize(),
    'Cache-Control' => 'private',
  ];
}

/**
 * Implements hook_theme().
 */
function file_theme() {
  return [
    // From file.module.
    'file_link' => [
      'variables' => [
        'file' => NULL,
        'description' => NULL,
        'attributes' => [],
      ],
    ],
    'file_managed_file' => [
      'render element' => 'element',
    ],
    'file_audio' => [
      'variables' => [
        'files' => [],
        'attributes' => NULL,
      ],
    ],
    'file_video' => [
      'variables' => [
        'files' => [],
        'attributes' => NULL,
      ],
    ],
    // From file.field.inc.
    'file_widget_multiple' => [
      'render element' => 'element',
      'file' => 'file.field.inc',
    ],
    'file_upload_help' => [
      'variables' => [
        'description' => NULL,
        'upload_validators' => NULL,
        'cardinality' => NULL,
      ],
      'file' => 'file.field.inc',
    ],
  ];
}

/**
 * Implements hook_file_download().
 */
function file_file_download($uri) {

  // Get the file record based on the URI. If not in the database just return.

  /** @var \Drupal\file\FileInterface[] $files */
  $files = \Drupal::entityTypeManager()
    ->getStorage('file')
    ->loadByProperties([
    'uri' => $uri,
  ]);
  if (count($files)) {
    foreach ($files as $item) {

      // Since some database servers sometimes use a case-insensitive comparison
      // by default, double check that the filename is an exact match.
      if ($item
        ->getFileUri() === $uri) {
        $file = $item;
        break;
      }
    }
  }
  if (!isset($file)) {
    return;
  }

  // Find out if a temporary file is still used in the system.
  if ($file
    ->isTemporary()) {
    $usage = \Drupal::service('file.usage')
      ->listUsage($file);
    if (empty($usage) && $file
      ->getOwnerId() != \Drupal::currentUser()
      ->id()) {

      // Deny access to temporary files without usage that are not owned by the
      // same user. This prevents the security issue that a private file that
      // was protected by field permissions becomes available after its usage
      // was removed and before it is actually deleted from the file system.
      // Modules that depend on this behavior should make the file permanent
      // instead.
      return -1;
    }
  }

  // Find out which (if any) fields of this type contain the file.
  $references = file_get_file_references($file, NULL, EntityStorageInterface::FIELD_LOAD_CURRENT, NULL);

  // Stop processing if there are no references in order to avoid returning
  // headers for files controlled by other modules. Make an exception for
  // temporary files where the host entity has not yet been saved (for example,
  // an image preview on a node/add form) in which case, allow download by the
  // file's owner.
  if (empty($references) && ($file
    ->isPermanent() || $file
    ->getOwnerId() != \Drupal::currentUser()
    ->id())) {
    return;
  }
  if (!$file
    ->access('download')) {
    return -1;
  }

  // Access is granted.
  $headers = file_get_content_headers($file);
  return $headers;
}

/**
 * Implements hook_cron().
 */
function file_cron() {
  $age = \Drupal::config('system.file')
    ->get('temporary_maximum_age');
  $file_storage = \Drupal::entityTypeManager()
    ->getStorage('file');

  /** @var \Drupal\Core\StreamWrapper\StreamWrapperManagerInterface $stream_wrapper_manager */
  $stream_wrapper_manager = \Drupal::service('stream_wrapper_manager');

  // Only delete temporary files if older than $age. Note that automatic cleanup
  // is disabled if $age set to 0.
  if ($age) {
    $fids = Drupal::entityQuery('file')
      ->accessCheck(FALSE)
      ->condition('status', FILE_STATUS_PERMANENT, '<>')
      ->condition('changed', REQUEST_TIME - $age, '<')
      ->range(0, 100)
      ->execute();
    $files = $file_storage
      ->loadMultiple($fids);
    foreach ($files as $file) {
      $references = \Drupal::service('file.usage')
        ->listUsage($file);
      if (empty($references)) {
        if (!file_exists($file
          ->getFileUri())) {
          if (!$stream_wrapper_manager
            ->isValidUri($file
            ->getFileUri())) {
            \Drupal::logger('file system')
              ->warning('Temporary file "%path" that was deleted during garbage collection did not exist on the filesystem. This could be caused by a missing stream wrapper.', [
              '%path' => $file
                ->getFileUri(),
            ]);
          }
          else {
            \Drupal::logger('file system')
              ->warning('Temporary file "%path" that was deleted during garbage collection did not exist on the filesystem.', [
              '%path' => $file
                ->getFileUri(),
            ]);
          }
        }

        // Delete the file entity. If the file does not exist, this will
        // generate a second notice in the watchdog.
        $file
          ->delete();
      }
      else {
        \Drupal::logger('file system')
          ->info('Did not delete temporary file "%path" during garbage collection because it is in use by the following modules: %modules.', [
          '%path' => $file
            ->getFileUri(),
          '%modules' => implode(', ', array_keys($references)),
        ]);
      }
    }
  }
}

/**
 * Saves form file uploads.
 *
 * The files will be added to the {file_managed} table as temporary files.
 * Temporary files are periodically cleaned. Use the 'file.usage' service to
 * register the usage of the file which will automatically mark it as permanent.
 *
 * @param array $element
 *   The FAPI element whose values are being saved.
 * @param \Drupal\Core\Form\FormStateInterface $form_state
 *   The current state of the form.
 * @param null|int $delta
 *   (optional) The delta of the file to return the file entity.
 *   Defaults to NULL.
 * @param int $replace
 *   (optional) The replace behavior when the destination file already exists.
 *   Possible values include:
 *   - FileSystemInterface::EXISTS_REPLACE: Replace the existing file.
 *   - FileSystemInterface::EXISTS_RENAME: (default) Append
 *     _{incrementing number} until the filename is unique.
 *   - FileSystemInterface::EXISTS_ERROR: Do nothing and return FALSE.
 *
 * @return array|\Drupal\file\FileInterface|null|false
 *   An array of file entities or a single file entity if $delta != NULL. Each
 *   array element contains the file entity if the upload succeeded or FALSE if
 *   there was an error. Function returns NULL if no file was uploaded.
 *
 * @internal
 *   This function is internal, and may be removed in a minor version release.
 *   It wraps file_save_upload() to allow correct error handling in forms.
 *   Contrib and custom code should not call this function, they should use the
 *   managed file upload widgets in core.
 *
 * @see https://www.drupal.org/project/drupal/issues/3069020
 * @see https://www.drupal.org/project/drupal/issues/2482783
 */
function _file_save_upload_from_form(array $element, FormStateInterface $form_state, $delta = NULL, $replace = FileSystemInterface::EXISTS_RENAME) {

  // Get all errors set before calling this method. This will also clear them
  // from $_SESSION.
  $errors_before = \Drupal::messenger()
    ->deleteByType(MessengerInterface::TYPE_ERROR);
  $upload_location = isset($element['#upload_location']) ? $element['#upload_location'] : FALSE;
  $upload_name = implode('_', $element['#parents']);
  $upload_validators = isset($element['#upload_validators']) ? $element['#upload_validators'] : [];
  $result = file_save_upload($upload_name, $upload_validators, $upload_location, $delta, $replace);

  // Get new errors that are generated while trying to save the upload. This
  // will also clear them from $_SESSION.
  $errors_new = \Drupal::messenger()
    ->deleteByType(MessengerInterface::TYPE_ERROR);
  if (!empty($errors_new)) {
    if (count($errors_new) > 1) {

      // Render multiple errors into a single message.
      // This is needed because only one error per element is supported.
      $render_array = [
        'error' => [
          '#markup' => t('One or more files could not be uploaded.'),
        ],
        'item_list' => [
          '#theme' => 'item_list',
          '#items' => $errors_new,
        ],
      ];
      $error_message = \Drupal::service('renderer')
        ->renderPlain($render_array);
    }
    else {
      $error_message = reset($errors_new);
    }
    $form_state
      ->setError($element, $error_message);
  }

  // Ensure that errors set prior to calling this method are still shown to the
  // user.
  if (!empty($errors_before)) {
    foreach ($errors_before as $error) {
      \Drupal::messenger()
        ->addError($error);
    }
  }
  return $result;
}

/**
 * Saves file uploads to a new location.
 *
 * The files will be added to the {file_managed} table as temporary files.
 * Temporary files are periodically cleaned. Use the 'file.usage' service to
 * register the usage of the file which will automatically mark it as permanent.
 *
 * Note that this function does not support correct form error handling. The
 * file upload widgets in core do support this. It is advised to use these in
 * any custom form, instead of calling this function.
 *
 * @param string $form_field_name
 *   A string that is the associative array key of the upload form element in
 *   the form array.
 * @param array $validators
 *   (optional) An associative array of callback functions used to validate the
 *   file. See file_validate() for a full discussion of the array format.
 *   If the array is empty, it will be set up to call file_validate_extensions()
 *   with a safe list of extensions, as follows: "jpg jpeg gif png txt doc
 *   xls pdf ppt pps odt ods odp". To allow all extensions, you must explicitly
 *   set this array to ['file_validate_extensions' => '']. (Beware: this is not
 *   safe and should only be allowed for trusted users, if at all.)
 * @param string|false $destination
 *   (optional) A string containing the URI that the file should be copied to.
 *   This must be a stream wrapper URI. If this value is omitted or set to
 *   FALSE, Drupal's temporary files scheme will be used ("temporary://").
 * @param null|int $delta
 *   (optional) The delta of the file to return the file entity.
 *   Defaults to NULL.
 * @param int $replace
 *   (optional) The replace behavior when the destination file already exists.
 *   Possible values include:
 *   - FileSystemInterface::EXISTS_REPLACE: Replace the existing file.
 *   - FileSystemInterface::EXISTS_RENAME: (default) Append
 *     _{incrementing number} until the filename is unique.
 *   - FileSystemInterface::EXISTS_ERROR: Do nothing and return FALSE.
 *
 * @return array|\Drupal\file\FileInterface|null|false
 *   An array of file entities or a single file entity if $delta != NULL. Each
 *   array element contains the file entity if the upload succeeded or FALSE if
 *   there was an error. Function returns NULL if no file was uploaded.
 *
 * @see _file_save_upload_from_form()
 *
 * @todo: move this logic to a service in https://www.drupal.org/node/2244513.
 */
function file_save_upload($form_field_name, $validators = [], $destination = FALSE, $delta = NULL, $replace = FileSystemInterface::EXISTS_RENAME) {
  static $upload_cache;
  $all_files = \Drupal::request()->files
    ->get('files', []);

  // Make sure there's an upload to process.
  if (empty($all_files[$form_field_name])) {
    return NULL;
  }
  $file_upload = $all_files[$form_field_name];

  // Return cached objects without processing since the file will have
  // already been processed and the paths in $_FILES will be invalid.
  if (isset($upload_cache[$form_field_name])) {
    if (isset($delta)) {
      return $upload_cache[$form_field_name][$delta];
    }
    return $upload_cache[$form_field_name];
  }

  // Prepare uploaded files info. Representation is slightly different
  // for multiple uploads and we fix that here.
  $uploaded_files = $file_upload;
  if (!is_array($file_upload)) {
    $uploaded_files = [
      $file_upload,
    ];
  }
  $files = [];
  foreach ($uploaded_files as $i => $file_info) {
    $files[$i] = _file_save_upload_single($file_info, $form_field_name, $validators, $destination, $replace);
  }

  // Add files to the cache.
  $upload_cache[$form_field_name] = $files;
  return isset($delta) ? $files[$delta] : $files;
}

/**
 * Saves a file upload to a new location.
 *
 * @param \SplFileInfo $file_info
 *   The file upload to save.
 * @param string $form_field_name
 *   A string that is the associative array key of the upload form element in
 *   the form array.
 * @param array $validators
 *   (optional) An associative array of callback functions used to validate the
 *   file.
 * @param bool $destination
 *   (optional) A string containing the URI that the file should be copied to.
 * @param int $replace
 *   (optional) The replace behavior when the destination file already exists.
 *
 * @return \Drupal\file\FileInterface|false
 *   The created file entity or FALSE if the uploaded file not saved.
 *
 * @throws \Drupal\Core\Entity\EntityStorageException
 *
 * @internal
 *   This method should only be called from file_save_upload(). Use that method
 *   instead.
 *
 * @see file_save_upload()
 */
function _file_save_upload_single(\SplFileInfo $file_info, $form_field_name, $validators = [], $destination = FALSE, $replace = FileSystemInterface::EXISTS_REPLACE) {
  $user = \Drupal::currentUser();
  $original_file_name = trim($file_info
    ->getClientOriginalName(), '.');

  // Check for file upload errors and return FALSE for this file if a lower
  // level system error occurred. For a complete list of errors:
  // See http://php.net/manual/features.file-upload.errors.php.
  switch ($file_info
    ->getError()) {
    case UPLOAD_ERR_INI_SIZE:
    case UPLOAD_ERR_FORM_SIZE:
      \Drupal::messenger()
        ->addError(t('The file %file could not be saved because it exceeds %maxsize, the maximum allowed size for uploads.', [
        '%file' => $original_file_name,
        '%maxsize' => format_size(Environment::getUploadMaxSize()),
      ]));
      return FALSE;
    case UPLOAD_ERR_PARTIAL:
    case UPLOAD_ERR_NO_FILE:
      \Drupal::messenger()
        ->addError(t('The file %file could not be saved because the upload did not complete.', [
        '%file' => $original_file_name,
      ]));
      return FALSE;
    case UPLOAD_ERR_OK:

      // Final check that this is a valid upload, if it isn't, use the
      // default error handler.
      if (is_uploaded_file($file_info
        ->getRealPath())) {
        break;
      }
    default:

      // Unknown error
      \Drupal::messenger()
        ->addError(t('The file %file could not be saved. An unknown error has occurred.', [
        '%file' => $original_file_name,
      ]));
      return FALSE;
  }

  // Begin building file entity.
  $values = [
    'uid' => $user
      ->id(),
    'status' => 0,
    'filename' => $original_file_name,
    'uri' => $file_info
      ->getRealPath(),
    'filesize' => $file_info
      ->getSize(),
  ];
  $values['filemime'] = \Drupal::service('file.mime_type.guesser')
    ->guess($values['filename']);
  $file = File::create($values);
  $extensions = '';
  if (isset($validators['file_validate_extensions'])) {
    if (isset($validators['file_validate_extensions'][0])) {

      // Build the list of non-munged extensions if the caller provided them.
      $extensions = $validators['file_validate_extensions'][0];
    }
    else {

      // If 'file_validate_extensions' is set and the list is empty then the
      // caller wants to allow any extension. In this case we have to remove the
      // validator or else it will reject all extensions.
      unset($validators['file_validate_extensions']);
    }
  }
  else {

    // No validator was provided, so add one using the default list.
    // Build a default non-munged safe list for file_munge_filename().
    $extensions = 'jpg jpeg gif png txt doc xls pdf ppt pps odt ods odp';
    $validators['file_validate_extensions'] = [];
    $validators['file_validate_extensions'][0] = $extensions;
  }

  //  Don't rename if 'allow_insecure_uploads' evaluates to TRUE.
  if (!\Drupal::config('system.file')
    ->get('allow_insecure_uploads')) {
    if (!empty($extensions)) {

      // Munge the filename to protect against possible malicious extension
      // hiding within an unknown file type (ie: filename.html.foo).
      $file
        ->setFilename(file_munge_filename($file
        ->getFilename(), $extensions));
    }

    // Rename potentially executable files, to help prevent exploits (i.e. will
    // rename filename.php.foo and filename.php to filename.php_.foo_.txt and
    // filename.php_.txt, respectively).
    if (preg_match(FILE_INSECURE_EXTENSION_REGEX, $file
      ->getFilename())) {

      // If the file will be rejected anyway due to a disallowed extension, it
      // should not be renamed; rather, we'll let file_validate_extensions()
      // reject it below.
      if (!isset($validators['file_validate_extensions']) || empty(file_validate_extensions($file, $extensions))) {
        $file
          ->setMimeType('text/plain');
        $filename = $file
          ->getFilename();
        if (substr($filename, -4) != '.txt') {

          // The destination filename will also later be used to create the URI.
          $filename .= '.txt';
        }
        $file
          ->setFilename(file_munge_filename($filename, $extensions));
        \Drupal::messenger()
          ->addStatus(t('For security reasons, your upload has been renamed to %filename.', [
          '%filename' => $file
            ->getFilename(),
        ]));

        // The .txt extension may not be in the allowed list of extensions. We
        // have to add it here or else the file upload will fail.
        if (!empty($validators['file_validate_extensions'][0])) {
          $validators['file_validate_extensions'][0] .= ' txt';
        }
      }
    }
  }

  // If the destination is not provided, use the temporary directory.
  if (empty($destination)) {
    $destination = 'temporary://';
  }

  /** @var \Drupal\Core\StreamWrapper\StreamWrapperManagerInterface $stream_wrapper_manager */
  $stream_wrapper_manager = \Drupal::service('stream_wrapper_manager');

  // Assert that the destination contains a valid stream.
  $destination_scheme = $stream_wrapper_manager::getScheme($destination);
  if (!$stream_wrapper_manager
    ->isValidScheme($destination_scheme)) {
    \Drupal::messenger()
      ->addError(t('The file could not be uploaded because the destination %destination is invalid.', [
      '%destination' => $destination,
    ]));
    return FALSE;
  }
  $file->source = $form_field_name;

  // A file URI may already have a trailing slash or look like "public://".
  if (substr($destination, -1) != '/') {
    $destination .= '/';
  }

  /** @var \Drupal\Core\File\FileSystemInterface $file_system */
  $file_system = \Drupal::service('file_system');
  try {
    $file->destination = $file_system
      ->getDestinationFilename($destination . $file
      ->getFilename(), $replace);
  } catch (FileException $e) {
    \Drupal::messenger()
      ->addError(t('The file %filename could not be uploaded because the name is invalid.', [
      '%filename' => $file
        ->getFilename(),
    ]));
    return FALSE;
  }

  // If the destination is FALSE then there is an existing file and $replace is
  // set to return an error, so we need to exit.
  if ($file->destination === FALSE) {
    \Drupal::messenger()
      ->addError(t('The file %source could not be uploaded because a file by that name already exists in the destination %directory.', [
      '%source' => $form_field_name,
      '%directory' => $destination,
    ]));
    return FALSE;
  }

  // Add in our check of the file name length.
  $validators['file_validate_name_length'] = [];

  // Call the validation functions specified by this function's caller.
  $errors = file_validate($file, $validators);

  // Check for errors.
  if (!empty($errors)) {
    $message = [
      'error' => [
        '#markup' => t('The specified file %name could not be uploaded.', [
          '%name' => $file
            ->getFilename(),
        ]),
      ],
      'item_list' => [
        '#theme' => 'item_list',
        '#items' => $errors,
      ],
    ];

    // @todo Add support for render arrays in
    // \Drupal\Core\Messenger\MessengerInterface::addMessage()?
    // @see https://www.drupal.org/node/2505497.
    \Drupal::messenger()
      ->addError(\Drupal::service('renderer')
      ->renderPlain($message));
    return FALSE;
  }
  $file
    ->setFileUri($file->destination);
  if (!$file_system
    ->moveUploadedFile($file_info
    ->getRealPath(), $file
    ->getFileUri())) {
    \Drupal::messenger()
      ->addError(t('File upload error. Could not move uploaded file.'));
    \Drupal::logger('file')
      ->notice('Upload error. Could not move uploaded file %file to destination %destination.', [
      '%file' => $file
        ->getFilename(),
      '%destination' => $file
        ->getFileUri(),
    ]);
    return FALSE;
  }

  // Set the permissions on the new file.
  $file_system
    ->chmod($file
    ->getFileUri());

  // If we are replacing an existing file re-use its database record.
  // @todo Do not create a new entity in order to update it. See
  //   https://www.drupal.org/node/2241865.
  if ($replace == FileSystemInterface::EXISTS_REPLACE) {
    $existing_files = \Drupal::entityTypeManager()
      ->getStorage('file')
      ->loadByProperties([
      'uri' => $file
        ->getFileUri(),
    ]);
    if (count($existing_files)) {
      $existing = reset($existing_files);
      $file->fid = $existing
        ->id();
      $file
        ->setOriginalId($existing
        ->id());
    }
  }

  // Update the filename with any changes as a result of security or renaming
  // due to an existing file.
  $file
    ->setFilename(\Drupal::service('file_system')
    ->basename($file->destination));

  // We can now validate the file object itself before it's saved.
  $violations = $file
    ->validate();
  foreach ($violations as $violation) {
    $errors[] = $violation
      ->getMessage();
  }
  if (!empty($errors)) {
    $message = [
      'error' => [
        '#markup' => t('The specified file %name could not be uploaded.', [
          '%name' => $file
            ->getFilename(),
        ]),
      ],
      'item_list' => [
        '#theme' => 'item_list',
        '#items' => $errors,
      ],
    ];

    // @todo Add support for render arrays in
    // \Drupal\Core\Messenger\MessengerInterface::addMessage()?
    // @see https://www.drupal.org/node/2505497.
    \Drupal::messenger()
      ->addError(\Drupal::service('renderer')
      ->renderPlain($message));
    return FALSE;
  }

  // If we made it this far it's safe to record this file in the database.
  $file
    ->save();

  // Allow an anonymous user who creates a non-public file to see it. See
  // \Drupal\file\FileAccessControlHandler::checkAccess().
  if ($user
    ->isAnonymous() && $destination_scheme !== 'public') {
    $session = \Drupal::request()
      ->getSession();
    $allowed_temp_files = $session
      ->get('anonymous_allowed_file_ids', []);
    $allowed_temp_files[$file
      ->id()] = $file
      ->id();
    $session
      ->set('anonymous_allowed_file_ids', $allowed_temp_files);
  }
  return $file;
}

/**
 * Determines the preferred upload progress implementation.
 *
 * @return string|false
 *   A string indicating which upload progress system is available. Either "apc"
 *   or "uploadprogress". If neither are available, returns FALSE.
 */
function file_progress_implementation() {
  static $implementation;
  if (!isset($implementation)) {
    $implementation = FALSE;

    // We prefer the PECL extension uploadprogress because it supports multiple
    // simultaneous uploads. APCu only supports one at a time.
    if (extension_loaded('uploadprogress')) {
      $implementation = 'uploadprogress';
    }
  }
  return $implementation;
}

/**
 * Implements hook_ENTITY_TYPE_predelete() for file entities.
 */
function file_file_predelete(File $file) {

  // @todo Remove references to a file that is in-use.
}

/**
 * Implements hook_tokens().
 */
function file_tokens($type, $tokens, array $data, array $options, BubbleableMetadata $bubbleable_metadata) {
  $token_service = \Drupal::token();
  $url_options = [
    'absolute' => TRUE,
  ];
  if (isset($options['langcode'])) {
    $url_options['language'] = \Drupal::languageManager()
      ->getLanguage($options['langcode']);
    $langcode = $options['langcode'];
  }
  else {
    $langcode = NULL;
  }
  $replacements = [];
  if ($type == 'file' && !empty($data['file'])) {

    /** @var \Drupal\file\FileInterface $file */
    $file = $data['file'];
    foreach ($tokens as $name => $original) {
      switch ($name) {

        // Basic keys and values.
        case 'fid':
          $replacements[$original] = $file
            ->id();
          break;

        // Essential file data
        case 'name':
          $replacements[$original] = $file
            ->getFilename();
          break;
        case 'path':
          $replacements[$original] = $file
            ->getFileUri();
          break;
        case 'mime':
          $replacements[$original] = $file
            ->getMimeType();
          break;
        case 'size':
          $replacements[$original] = format_size($file
            ->getSize());
          break;
        case 'url':

          // Ideally, this would use file_url_transform_relative(), but because
          // tokens are also often used in e-mails, it's better to keep absolute
          // file URLs. The 'url.site' cache context is associated to ensure the
          // correct absolute URL is used in case of a multisite setup.
          $replacements[$original] = $file
            ->createFileUrl(FALSE);
          $bubbleable_metadata
            ->addCacheContexts([
            'url.site',
          ]);
          break;

        // These tokens are default variations on the chained tokens handled below.
        case 'created':
          $date_format = DateFormat::load('medium');
          $bubbleable_metadata
            ->addCacheableDependency($date_format);
          $replacements[$original] = \Drupal::service('date.formatter')
            ->format($file
            ->getCreatedTime(), 'medium', '', NULL, $langcode);
          break;
        case 'changed':
          $date_format = DateFormat::load('medium');
          $bubbleable_metadata = $bubbleable_metadata
            ->addCacheableDependency($date_format);
          $replacements[$original] = \Drupal::service('date.formatter')
            ->format($file
            ->getChangedTime(), 'medium', '', NULL, $langcode);
          break;
        case 'owner':
          $owner = $file
            ->getOwner();
          $bubbleable_metadata
            ->addCacheableDependency($owner);
          $name = $owner
            ->label();
          $replacements[$original] = $name;
          break;
      }
    }
    if ($date_tokens = $token_service
      ->findWithPrefix($tokens, 'created')) {
      $replacements += $token_service
        ->generate('date', $date_tokens, [
        'date' => $file
          ->getCreatedTime(),
      ], $options, $bubbleable_metadata);
    }
    if ($date_tokens = $token_service
      ->findWithPrefix($tokens, 'changed')) {
      $replacements += $token_service
        ->generate('date', $date_tokens, [
        'date' => $file
          ->getChangedTime(),
      ], $options, $bubbleable_metadata);
    }
    if (($owner_tokens = $token_service
      ->findWithPrefix($tokens, 'owner')) && $file
      ->getOwner()) {
      $replacements += $token_service
        ->generate('user', $owner_tokens, [
        'user' => $file
          ->getOwner(),
      ], $options, $bubbleable_metadata);
    }
  }
  return $replacements;
}

/**
 * Implements hook_token_info().
 */
function file_token_info() {
  $types['file'] = [
    'name' => t("Files"),
    'description' => t("Tokens related to uploaded files."),
    'needs-data' => 'file',
  ];

  // File related tokens.
  $file['fid'] = [
    'name' => t("File ID"),
    'description' => t("The unique ID of the uploaded file."),
  ];
  $file['name'] = [
    'name' => t("File name"),
    'description' => t("The name of the file on disk."),
  ];
  $file['path'] = [
    'name' => t("Path"),
    'description' => t("The location of the file relative to Drupal root."),
  ];
  $file['mime'] = [
    'name' => t("MIME type"),
    'description' => t("The MIME type of the file."),
  ];
  $file['size'] = [
    'name' => t("File size"),
    'description' => t("The size of the file."),
  ];
  $file['url'] = [
    'name' => t("URL"),
    'description' => t("The web-accessible URL for the file."),
  ];
  $file['created'] = [
    'name' => t("Created"),
    'description' => t("The date the file created."),
    'type' => 'date',
  ];
  $file['changed'] = [
    'name' => t("Changed"),
    'description' => t("The date the file was most recently changed."),
    'type' => 'date',
  ];
  $file['owner'] = [
    'name' => t("Owner"),
    'description' => t("The user who originally uploaded the file."),
    'type' => 'user',
  ];
  return [
    'types' => $types,
    'tokens' => [
      'file' => $file,
    ],
  ];
}

/**
 * Form submission handler for upload / remove buttons of managed_file elements.
 *
 * @see \Drupal\file\Element\ManagedFile::processManagedFile()
 */
function file_managed_file_submit($form, FormStateInterface $form_state) {

  // Determine whether it was the upload or the remove button that was clicked,
  // and set $element to the managed_file element that contains that button.
  $parents = $form_state
    ->getTriggeringElement()['#array_parents'];
  $button_key = array_pop($parents);
  $element = NestedArray::getValue($form, $parents);

  // No action is needed here for the upload button, because all file uploads on
  // the form are processed by \Drupal\file\Element\ManagedFile::valueCallback()
  // regardless of which button was clicked. Action is needed here for the
  // remove button, because we only remove a file in response to its remove
  // button being clicked.
  if ($button_key == 'remove_button') {
    $fids = array_keys($element['#files']);

    // Get files that will be removed.
    if ($element['#multiple']) {
      $remove_fids = [];
      foreach (Element::children($element) as $name) {
        if (strpos($name, 'file_') === 0 && $element[$name]['selected']['#value']) {
          $remove_fids[] = (int) substr($name, 5);
        }
      }
      $fids = array_diff($fids, $remove_fids);
    }
    else {

      // If we deal with single upload element remove the file and set
      // element's value to empty array (file could not be removed from
      // element if we don't do that).
      $remove_fids = $fids;
      $fids = [];
    }
    foreach ($remove_fids as $fid) {

      // If it's a temporary file we can safely remove it immediately, otherwise
      // it's up to the implementing module to remove usages of files to have them
      // removed.
      if ($element['#files'][$fid] && $element['#files'][$fid]
        ->isTemporary()) {
        $element['#files'][$fid]
          ->delete();
      }
    }

    // Update both $form_state->getValues() and FormState::$input to reflect
    // that the file has been removed, so that the form is rebuilt correctly.
    // $form_state->getValues() must be updated in case additional submit
    // handlers run, and for form building functions that run during the
    // rebuild, such as when the managed_file element is part of a field widget.
    // FormState::$input must be updated so that
    // \Drupal\file\Element\ManagedFile::valueCallback() has correct information
    // during the rebuild.
    $form_state
      ->setValueForElement($element['fids'], implode(' ', $fids));
    NestedArray::setValue($form_state
      ->getUserInput(), $element['fids']['#parents'], implode(' ', $fids));
  }

  // Set the form to rebuild so that $form is correctly updated in response to
  // processing the file removal. Since this function did not change $form_state
  // if the upload button was clicked, a rebuild isn't necessary in that
  // situation and calling $form_state->disableRedirect() would suffice.
  // However, we choose to always rebuild, to keep the form processing workflow
  // consistent between the two buttons.
  $form_state
    ->setRebuild();
}

/**
 * Saves any files that have been uploaded into a managed_file element.
 *
 * @param array $element
 *   The FAPI element whose values are being saved.
 * @param \Drupal\Core\Form\FormStateInterface $form_state
 *   The current state of the form.
 *
 * @return array|false
 *   An array of file entities for each file that was saved, keyed by its file
 *   ID. Each array element contains a file entity. Function returns FALSE if
 *   upload directory could not be created or no files were uploaded.
 */
function file_managed_file_save_upload($element, FormStateInterface $form_state) {
  $upload_name = implode('_', $element['#parents']);
  $all_files = \Drupal::request()->files
    ->get('files', []);
  if (empty($all_files[$upload_name])) {
    return FALSE;
  }
  $file_upload = $all_files[$upload_name];
  $destination = isset($element['#upload_location']) ? $element['#upload_location'] : NULL;
  if (isset($destination) && !\Drupal::service('file_system')
    ->prepareDirectory($destination, FileSystemInterface::CREATE_DIRECTORY)) {
    \Drupal::logger('file')
      ->notice('The upload directory %directory for the file field %name could not be created or is not accessible. A newly uploaded file could not be saved in this directory as a consequence, and the upload was canceled.', [
      '%directory' => $destination,
      '%name' => $element['#field_name'],
    ]);
    $form_state
      ->setError($element, t('The file could not be uploaded.'));
    return FALSE;
  }

  // Save attached files to the database.
  $files_uploaded = $element['#multiple'] && count(array_filter($file_upload)) > 0;
  $files_uploaded |= !$element['#multiple'] && !empty($file_upload);
  if ($files_uploaded) {
    if (!($files = _file_save_upload_from_form($element, $form_state))) {
      \Drupal::logger('file')
        ->notice('The file upload failed. %upload', [
        '%upload' => $upload_name,
      ]);
      return [];
    }

    // Value callback expects FIDs to be keys.
    $files = array_filter($files);
    $fids = array_map(function ($file) {
      return $file
        ->id();
    }, $files);
    return empty($files) ? [] : array_combine($fids, $files);
  }
  return [];
}

/**
 * Prepares variables for file form widget templates.
 *
 * Default template: file-managed-file.html.twig.
 *
 * @param array $variables
 *   An associative array containing:
 *   - element: A render element representing the file.
 */
function template_preprocess_file_managed_file(&$variables) {
  $element = $variables['element'];
  $variables['attributes'] = [];
  if (isset($element['#id'])) {
    $variables['attributes']['id'] = $element['#id'];
  }
  if (!empty($element['#attributes']['class'])) {
    $variables['attributes']['class'] = (array) $element['#attributes']['class'];
  }
}

/**
 * Prepares variables for file link templates.
 *
 * Default template: file-link.html.twig.
 *
 * @param array $variables
 *   An associative array containing:
 *   - file: A File entity to which the link will be created.
 *   - icon_directory: (optional) A path to a directory of icons to be used for
 *     files. Defaults to the value of the "icon.directory" variable.
 *   - description: A description to be displayed instead of the filename.
 *   - attributes: An associative array of attributes to be placed in the a tag.
 */
function template_preprocess_file_link(&$variables) {
  $file = $variables['file'];
  $options = [];

  // @todo Wrap in file_url_transform_relative(). This is currently
  // impossible. As a work-around, we currently add the 'url.site' cache context
  // to ensure different file URLs are generated for different sites in a
  // multisite setup, including HTTP and HTTPS versions of the same site.
  // Fix in https://www.drupal.org/node/2646744.
  $url = $file
    ->createFileUrl(FALSE);
  $variables['#cache']['contexts'][] = 'url.site';
  $mime_type = $file
    ->getMimeType();

  // Set options as per anchor format described at
  // http://microformats.org/wiki/file-format-examples
  $options['attributes']['type'] = $mime_type . '; length=' . $file
    ->getSize();

  // Use the description as the link text if available.
  if (empty($variables['description'])) {
    $link_text = $file
      ->getFilename();
  }
  else {
    $link_text = $variables['description'];
    $options['attributes']['title'] = $file
      ->getFilename();
  }

  // Classes to add to the file field for icons.
  $classes = [
    'file',
    // Add a specific class for each and every mime type.
    'file--mime-' . strtr($mime_type, [
      '/' => '-',
      '.' => '-',
    ]),
    // Add a more general class for groups of well known MIME types.
    'file--' . file_icon_class($mime_type),
  ];

  // Set file classes to the options array.
  $variables['attributes'] = new Attribute($variables['attributes']);
  $variables['attributes']
    ->addClass($classes);
  $variables['file_size'] = format_size($file
    ->getSize());
  $variables['link'] = Link::fromTextAndUrl($link_text, Url::fromUri($url, $options))
    ->toRenderable();
}

/**
 * Gets a class for the icon for a MIME type.
 *
 * @param string $mime_type
 *   A MIME type.
 *
 * @return string
 *   A class associated with the file.
 */
function file_icon_class($mime_type) {

  // Search for a group with the files MIME type.
  $generic_mime = (string) file_icon_map($mime_type);
  if (!empty($generic_mime)) {
    return $generic_mime;
  }

  // Use generic icons for each category that provides such icons.
  foreach ([
    'audio',
    'image',
    'text',
    'video',
  ] as $category) {
    if (strpos($mime_type, $category) === 0) {
      return $category;
    }
  }

  // If there's no generic icon for the type the general class.
  return 'general';
}

/**
 * Determines the generic icon MIME package based on a file's MIME type.
 *
 * @param string $mime_type
 *   A MIME type.
 *
 * @return string|false
 *   The generic icon MIME package expected for this file.
 */
function file_icon_map($mime_type) {
  switch ($mime_type) {

    // Word document types.
    case 'application/msword':
    case 'application/vnd.ms-word.document.macroEnabled.12':
    case 'application/vnd.oasis.opendocument.text':
    case 'application/vnd.oasis.opendocument.text-template':
    case 'application/vnd.oasis.opendocument.text-master':
    case 'application/vnd.oasis.opendocument.text-web':
    case 'application/vnd.openxmlformats-officedocument.wordprocessingml.document':
    case 'application/vnd.stardivision.writer':
    case 'application/vnd.sun.xml.writer':
    case 'application/vnd.sun.xml.writer.template':
    case 'application/vnd.sun.xml.writer.global':
    case 'application/vnd.wordperfect':
    case 'application/x-abiword':
    case 'application/x-applix-word':
    case 'application/x-kword':
    case 'application/x-kword-crypt':
      return 'x-office-document';

    // Spreadsheet document types.
    case 'application/vnd.ms-excel':
    case 'application/vnd.ms-excel.sheet.macroEnabled.12':
    case 'application/vnd.oasis.opendocument.spreadsheet':
    case 'application/vnd.oasis.opendocument.spreadsheet-template':
    case 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet':
    case 'application/vnd.stardivision.calc':
    case 'application/vnd.sun.xml.calc':
    case 'application/vnd.sun.xml.calc.template':
    case 'application/vnd.lotus-1-2-3':
    case 'application/x-applix-spreadsheet':
    case 'application/x-gnumeric':
    case 'application/x-kspread':
    case 'application/x-kspread-crypt':
      return 'x-office-spreadsheet';

    // Presentation document types.
    case 'application/vnd.ms-powerpoint':
    case 'application/vnd.ms-powerpoint.presentation.macroEnabled.12':
    case 'application/vnd.oasis.opendocument.presentation':
    case 'application/vnd.oasis.opendocument.presentation-template':
    case 'application/vnd.openxmlformats-officedocument.presentationml.presentation':
    case 'application/vnd.stardivision.impress':
    case 'application/vnd.sun.xml.impress':
    case 'application/vnd.sun.xml.impress.template':
    case 'application/x-kpresenter':
      return 'x-office-presentation';

    // Compressed archive types.
    case 'application/zip':
    case 'application/x-zip':
    case 'application/stuffit':
    case 'application/x-stuffit':
    case 'application/x-7z-compressed':
    case 'application/x-ace':
    case 'application/x-arj':
    case 'application/x-bzip':
    case 'application/x-bzip-compressed-tar':
    case 'application/x-compress':
    case 'application/x-compressed-tar':
    case 'application/x-cpio-compressed':
    case 'application/x-deb':
    case 'application/x-gzip':
    case 'application/x-java-archive':
    case 'application/x-lha':
    case 'application/x-lhz':
    case 'application/x-lzop':
    case 'application/x-rar':
    case 'application/x-rpm':
    case 'application/x-tzo':
    case 'application/x-tar':
    case 'application/x-tarz':
    case 'application/x-tgz':
      return 'package-x-generic';

    // Script file types.
    case 'application/ecmascript':
    case 'application/javascript':
    case 'application/mathematica':
    case 'application/vnd.mozilla.xul+xml':
    case 'application/x-asp':
    case 'application/x-awk':
    case 'application/x-cgi':
    case 'application/x-csh':
    case 'application/x-m4':
    case 'application/x-perl':
    case 'application/x-php':
    case 'application/x-ruby':
    case 'application/x-shellscript':
    case 'text/vnd.wap.wmlscript':
    case 'text/x-emacs-lisp':
    case 'text/x-haskell':
    case 'text/x-literate-haskell':
    case 'text/x-lua':
    case 'text/x-makefile':
    case 'text/x-matlab':
    case 'text/x-python':
    case 'text/x-sql':
    case 'text/x-tcl':
      return 'text-x-script';

    // HTML aliases.
    case 'application/xhtml+xml':
      return 'text-html';

    // Executable types.
    case 'application/x-macbinary':
    case 'application/x-ms-dos-executable':
    case 'application/x-pef-executable':
      return 'application-x-executable';

    // Acrobat types
    case 'application/pdf':
    case 'application/x-pdf':
    case 'applications/vnd.pdf':
    case 'text/pdf':
    case 'text/x-pdf':
      return 'application-pdf';
    default:
      return FALSE;
  }
}

/**
 * Retrieves a list of references to a file.
 *
 * @param \Drupal\file\FileInterface $file
 *   A file entity.
 * @param \Drupal\Core\Field\FieldDefinitionInterface|null $field
 *   (optional) A field definition to be used for this check. If given,
 *   limits the reference check to the given field. Defaults to NULL.
 * @param int $age
 *   (optional) A constant that specifies which references to count. Use
 *   EntityStorageInterface::FIELD_LOAD_REVISION (the default) to retrieve all
 *   references within all revisions or
 *   EntityStorageInterface::FIELD_LOAD_CURRENT to retrieve references only in
 *   the current revisions of all entities that have references to this file.
 * @param string $field_type
 *   (optional) The name of a field type. If given, limits the reference check
 *   to fields of the given type. If both $field and $field_type are given but
 *   $field is not the same type as $field_type, an empty array will be
 *   returned. Defaults to 'file'.
 *
 * @return array
 *   A multidimensional array. The keys are field_name, entity_type,
 *   entity_id and the value is an entity referencing this file.
 *
 * @ingroup file
 */
function file_get_file_references(FileInterface $file, FieldDefinitionInterface $field = NULL, $age = EntityStorageInterface::FIELD_LOAD_REVISION, $field_type = 'file') {
  $references =& drupal_static(__FUNCTION__, []);
  $field_columns =& drupal_static(__FUNCTION__ . ':field_columns', []);

  // Fill the static cache, disregard $field and $field_type for now.
  if (!isset($references[$file
    ->id()][$age])) {
    $references[$file
      ->id()][$age] = [];
    $usage_list = \Drupal::service('file.usage')
      ->listUsage($file);
    $file_usage_list = isset($usage_list['file']) ? $usage_list['file'] : [];
    foreach ($file_usage_list as $entity_type_id => $entity_ids) {
      $entities = \Drupal::entityTypeManager()
        ->getStorage($entity_type_id)
        ->loadMultiple(array_keys($entity_ids));
      foreach ($entities as $entity) {
        $bundle = $entity
          ->bundle();

        // We need to find file fields for this entity type and bundle.
        if (!isset($file_fields[$entity_type_id][$bundle])) {
          $file_fields[$entity_type_id][$bundle] = [];

          // This contains the possible field names.
          foreach ($entity
            ->getFieldDefinitions() as $field_name => $field_definition) {

            // If this is the first time this field type is seen, check
            // whether it references files.
            if (!isset($field_columns[$field_definition
              ->getType()])) {
              $field_columns[$field_definition
                ->getType()] = file_field_find_file_reference_column($field_definition);
            }

            // If the field type does reference files then record it.
            if ($field_columns[$field_definition
              ->getType()]) {
              $file_fields[$entity_type_id][$bundle][$field_name] = $field_columns[$field_definition
                ->getType()];
            }
          }
        }
        foreach ($file_fields[$entity_type_id][$bundle] as $field_name => $field_column) {

          // Iterate over the field items to find the referenced file and field
          // name. This will fail if the usage checked is in a non-current
          // revision because field items are from the current
          // revision.
          // We also iterate over all translations because a file can be linked
          // to a language other than the default.
          foreach ($entity
            ->getTranslationLanguages() as $langcode => $language) {
            foreach ($entity
              ->getTranslation($langcode)
              ->get($field_name) as $item) {
              if ($file
                ->id() == $item->{$field_column}) {
                $references[$file
                  ->id()][$age][$field_name][$entity_type_id][$entity
                  ->id()] = $entity;
                break;
              }
            }
          }
        }
      }
    }
  }
  $return = $references[$file
    ->id()][$age];

  // Filter the static cache down to the requested entries. The usual static
  // cache is very small so this will be very fast.
  $entity_field_manager = \Drupal::service('entity_field.manager');
  if ($field || $field_type) {
    foreach ($return as $field_name => $data) {
      foreach (array_keys($data) as $entity_type_id) {
        $field_storage_definitions = $entity_field_manager
          ->getFieldStorageDefinitions($entity_type_id);
        $current_field = $field_storage_definitions[$field_name];
        if ($field_type && $current_field
          ->getType() != $field_type || $field && $field
          ->uuid() != $current_field
          ->uuid()) {
          unset($return[$field_name][$entity_type_id]);
        }
      }
    }
  }
  return $return;
}

/**
 * Formats human-readable version of file status.
 *
 * @param int|null $choice
 *   (optional) An integer status code. If not set, all statuses are returned.
 *   Defaults to NULL.
 *
 * @return \Drupal\Core\StringTranslation\TranslatableMarkup|\Drupal\Core\StringTranslation\TranslatableMarkup[]
 *   An array of file statuses or a specified status if $choice is set.
 */
function _views_file_status($choice = NULL) {
  $status = [
    0 => t('Temporary'),
    FILE_STATUS_PERMANENT => t('Permanent'),
  ];
  if (isset($choice)) {
    return isset($status[$choice]) ? $status[$choice] : t('Unknown');
  }
  return $status;
}

Functions

Namesort descending Description
file_copy Copies a file to a new location and adds a file record to the database.
file_cron Implements hook_cron().
file_field_widget_info_alter Implements hook_field_widget_info_alter().
file_file_download Implements hook_file_download().
file_file_predelete Implements hook_ENTITY_TYPE_predelete() for file entities.
file_get_content_headers Examines a file entity and returns appropriate content headers for download.
file_get_file_references Retrieves a list of references to a file.
file_help Implements hook_help().
file_icon_class Gets a class for the icon for a MIME type.
file_icon_map Determines the generic icon MIME package based on a file's MIME type.
file_load Deprecated Loads a single file entity from the database.
file_load_multiple Deprecated Loads file entities from the database.
file_managed_file_save_upload Saves any files that have been uploaded into a managed_file element.
file_managed_file_submit Form submission handler for upload / remove buttons of managed_file elements.
file_move Moves a file to a new location and update the file's database entry.
file_progress_implementation Determines the preferred upload progress implementation.
file_save_data Saves a file to the specified destination and creates a database entry.
file_save_upload Saves file uploads to a new location.
file_theme Implements hook_theme().
file_tokens Implements hook_tokens().
file_token_info Implements hook_token_info().
file_validate Checks that a file meets the criteria specified by the validators.
file_validate_extensions Checks that the filename ends with an allowed extension.
file_validate_image_resolution Verifies that image dimensions are within the specified maximum and minimum.
file_validate_is_image Checks that the file is recognized as a valid image.
file_validate_name_length Checks for files with names longer than can be stored in the database.
file_validate_size Checks that the file's size is below certain limits.
template_preprocess_file_link Prepares variables for file link templates.
template_preprocess_file_managed_file Prepares variables for file form widget templates.
_file_save_upload_from_form Saves form file uploads.
_file_save_upload_single Saves a file upload to a new location.
_views_file_status Formats human-readable version of file status.

Constants

Namesort descending Description
FILE_INSECURE_EXTENSION_REGEX The regex pattern used when checking for insecure file types.