From 2532ec7e7696e04021a27470efee0770fc2e904c Mon Sep 17 00:00:00 2001 From: theworstcomrade <4lbercik@gmail.com> Date: Fri, 19 Nov 2021 23:39:35 +0100 Subject: [PATCH] Document - fix stored xss https://huntr.dev/bounties/99c4ed09-b66f-474a-bd74-eeccf9339fde/ --- app/Helpers/Document/WithTypeHelpers.php | 2 +- app/Http/Requests/Client/StoreClientRequest.php | 4 ++-- app/Http/Requests/Client/UpdateClientRequest.php | 4 ++-- app/Http/Requests/Client/UploadClientRequest.php | 2 +- app/Http/Requests/ClientPortal/StoreDocumentRequest.php | 2 +- app/Http/Requests/ClientPortal/UpdateClientRequest.php | 2 +- .../Requests/ClientPortal/Uploads/StoreUploadRequest.php | 2 +- app/Http/Requests/Company/UploadCompanyRequest.php | 2 +- app/Http/Requests/Credit/StoreCreditRequest.php | 4 ++-- app/Http/Requests/Credit/UpdateCreditRequest.php | 4 ++-- app/Http/Requests/Credit/UploadCreditRequest.php | 2 +- app/Http/Requests/Expense/UploadExpenseRequest.php | 2 +- .../Requests/GroupSetting/UploadGroupSettingRequest.php | 2 +- app/Http/Requests/Invoice/StoreInvoiceRequest.php | 4 ++-- app/Http/Requests/Invoice/UpdateInvoiceRequest.php | 4 ++-- app/Http/Requests/Invoice/UploadInvoiceRequest.php | 2 +- app/Http/Requests/Payment/StorePaymentRequest.php | 4 ++-- app/Http/Requests/Payment/UpdatePaymentRequest.php | 6 +++--- app/Http/Requests/Payment/UploadPaymentRequest.php | 2 +- app/Http/Requests/Product/StoreProductRequest.php | 4 ++-- app/Http/Requests/Product/UpdateProductRequest.php | 4 ++-- app/Http/Requests/Product/UploadProductRequest.php | 2 +- app/Http/Requests/Project/UploadProjectRequest.php | 2 +- app/Http/Requests/Quote/StoreQuoteRequest.php | 4 ++-- app/Http/Requests/Quote/UpdateQuoteRequest.php | 4 ++-- app/Http/Requests/Quote/UploadQuoteRequest.php | 2 +- .../RecurringExpense/UploadRecurringExpenseRequest.php | 2 +- .../RecurringInvoice/StoreRecurringInvoiceRequest.php | 4 ++-- .../RecurringInvoice/UpdateRecurringInvoiceRequest.php | 4 ++-- .../RecurringInvoice/UploadRecurringInvoiceRequest.php | 2 +- .../Requests/RecurringQuote/StoreRecurringQuoteRequest.php | 4 ++-- .../Requests/RecurringQuote/UpdateRecurringQuoteRequest.php | 4 ++-- .../Requests/RecurringQuote/UploadRecurringQuoteRequest.php | 2 +- app/Http/Requests/Shop/StoreShopClientRequest.php | 4 ++-- app/Http/Requests/Shop/StoreShopInvoiceRequest.php | 4 ++-- app/Http/Requests/Task/UploadTaskRequest.php | 2 +- app/Http/Requests/Vendor/UploadVendorRequest.php | 2 +- app/Models/Document.php | 3 --- 38 files changed, 56 insertions(+), 59 deletions(-) diff --git a/app/Helpers/Document/WithTypeHelpers.php b/app/Helpers/Document/WithTypeHelpers.php index 55fad141aa96..f70cf402700e 100644 --- a/app/Helpers/Document/WithTypeHelpers.php +++ b/app/Helpers/Document/WithTypeHelpers.php @@ -21,7 +21,7 @@ trait WithTypeHelpers */ public function isImage(): bool { - if (in_array($this->type, ['png', 'svg', 'jpeg', 'jpg', 'tiff', 'gif'])) { + if (in_array($this->type, ['png', 'jpeg', 'jpg', 'tiff', 'gif'])) { return true; } diff --git a/app/Http/Requests/Client/StoreClientRequest.php b/app/Http/Requests/Client/StoreClientRequest.php index d68dddce70df..b2b8b6774a01 100644 --- a/app/Http/Requests/Client/StoreClientRequest.php +++ b/app/Http/Requests/Client/StoreClientRequest.php @@ -42,10 +42,10 @@ class StoreClientRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } if (isset($this->number)) { diff --git a/app/Http/Requests/Client/UpdateClientRequest.php b/app/Http/Requests/Client/UpdateClientRequest.php index dd179d1d86e0..2976c5baee38 100644 --- a/app/Http/Requests/Client/UpdateClientRequest.php +++ b/app/Http/Requests/Client/UpdateClientRequest.php @@ -41,10 +41,10 @@ class UpdateClientRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } $rules['company_logo'] = 'mimes:jpeg,jpg,png,gif|max:10000'; diff --git a/app/Http/Requests/Client/UploadClientRequest.php b/app/Http/Requests/Client/UploadClientRequest.php index b1c76c30ad47..ac6db347e035 100644 --- a/app/Http/Requests/Client/UploadClientRequest.php +++ b/app/Http/Requests/Client/UploadClientRequest.php @@ -31,7 +31,7 @@ class UploadClientRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/ClientPortal/StoreDocumentRequest.php b/app/Http/Requests/ClientPortal/StoreDocumentRequest.php index 112095b3e69e..8111d9497ff5 100644 --- a/app/Http/Requests/ClientPortal/StoreDocumentRequest.php +++ b/app/Http/Requests/ClientPortal/StoreDocumentRequest.php @@ -29,7 +29,7 @@ class StoreDocumentRequest extends Request public function rules() { return [ - 'file' => 'required|max:10000|mimes:png,svg,jpeg,gif,jpg,bmp,txt,doc,docx,xls,xlsx,pdf', + 'file' => 'required|max:10000|mimes:png,jpeg,gif,jpg,bmp,txt,doc,docx,xls,xlsx,pdf', ]; } diff --git a/app/Http/Requests/ClientPortal/UpdateClientRequest.php b/app/Http/Requests/ClientPortal/UpdateClientRequest.php index 986b88189864..64871eab0c9c 100644 --- a/app/Http/Requests/ClientPortal/UpdateClientRequest.php +++ b/app/Http/Requests/ClientPortal/UpdateClientRequest.php @@ -32,7 +32,7 @@ class UpdateClientRequest extends Request { return [ 'name' => 'sometimes|required', - 'file' => 'sometimes|nullable|max:100000|mimes:png,svg,jpeg,gif,jpg,bmp', + 'file' => 'sometimes|nullable|max:100000|mimes:png,jpeg,gif,jpg,bmp', ]; } } diff --git a/app/Http/Requests/ClientPortal/Uploads/StoreUploadRequest.php b/app/Http/Requests/ClientPortal/Uploads/StoreUploadRequest.php index 5dfe26098b61..0351e92799d5 100644 --- a/app/Http/Requests/ClientPortal/Uploads/StoreUploadRequest.php +++ b/app/Http/Requests/ClientPortal/Uploads/StoreUploadRequest.php @@ -24,7 +24,7 @@ class StoreUploadRequest extends FormRequest public function rules() { return [ - 'file' => ['file', 'mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'], + 'file' => ['file', 'mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'], ]; } diff --git a/app/Http/Requests/Company/UploadCompanyRequest.php b/app/Http/Requests/Company/UploadCompanyRequest.php index 5971c2eee167..8137835d943e 100644 --- a/app/Http/Requests/Company/UploadCompanyRequest.php +++ b/app/Http/Requests/Company/UploadCompanyRequest.php @@ -31,7 +31,7 @@ class UploadCompanyRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; return $rules; diff --git a/app/Http/Requests/Credit/StoreCreditRequest.php b/app/Http/Requests/Credit/StoreCreditRequest.php index ead68530b7a8..e4fc2f23ad53 100644 --- a/app/Http/Requests/Credit/StoreCreditRequest.php +++ b/app/Http/Requests/Credit/StoreCreditRequest.php @@ -46,10 +46,10 @@ class StoreCreditRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } $rules['client_id'] = 'required|exists:clients,id,company_id,'.auth()->user()->company()->id; diff --git a/app/Http/Requests/Credit/UpdateCreditRequest.php b/app/Http/Requests/Credit/UpdateCreditRequest.php index 7a9f461ad158..28cbfe2b4b0e 100644 --- a/app/Http/Requests/Credit/UpdateCreditRequest.php +++ b/app/Http/Requests/Credit/UpdateCreditRequest.php @@ -47,10 +47,10 @@ class UpdateCreditRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } if($this->number) diff --git a/app/Http/Requests/Credit/UploadCreditRequest.php b/app/Http/Requests/Credit/UploadCreditRequest.php index 9ff273d508da..a1abc8dd3cd3 100644 --- a/app/Http/Requests/Credit/UploadCreditRequest.php +++ b/app/Http/Requests/Credit/UploadCreditRequest.php @@ -31,7 +31,7 @@ class UploadCreditRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/Expense/UploadExpenseRequest.php b/app/Http/Requests/Expense/UploadExpenseRequest.php index 4de50374fee9..3b586b5ae06c 100644 --- a/app/Http/Requests/Expense/UploadExpenseRequest.php +++ b/app/Http/Requests/Expense/UploadExpenseRequest.php @@ -31,7 +31,7 @@ class UploadExpenseRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/GroupSetting/UploadGroupSettingRequest.php b/app/Http/Requests/GroupSetting/UploadGroupSettingRequest.php index 736370b7692a..ba2fb8a3cd4a 100644 --- a/app/Http/Requests/GroupSetting/UploadGroupSettingRequest.php +++ b/app/Http/Requests/GroupSetting/UploadGroupSettingRequest.php @@ -31,7 +31,7 @@ class UploadGroupSettingRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/Invoice/StoreInvoiceRequest.php b/app/Http/Requests/Invoice/StoreInvoiceRequest.php index 82436912eaad..efb4e9310673 100644 --- a/app/Http/Requests/Invoice/StoreInvoiceRequest.php +++ b/app/Http/Requests/Invoice/StoreInvoiceRequest.php @@ -41,10 +41,10 @@ class StoreInvoiceRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } $rules['client_id'] = 'bail|required|exists:clients,id,company_id,'.auth()->user()->company()->id; diff --git a/app/Http/Requests/Invoice/UpdateInvoiceRequest.php b/app/Http/Requests/Invoice/UpdateInvoiceRequest.php index f1619827ba23..d90688ef7b0c 100644 --- a/app/Http/Requests/Invoice/UpdateInvoiceRequest.php +++ b/app/Http/Requests/Invoice/UpdateInvoiceRequest.php @@ -44,10 +44,10 @@ class UpdateInvoiceRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } $rules['id'] = new LockedInvoiceRule($this->invoice); diff --git a/app/Http/Requests/Invoice/UploadInvoiceRequest.php b/app/Http/Requests/Invoice/UploadInvoiceRequest.php index 445d255f9097..9ae6d76fae24 100644 --- a/app/Http/Requests/Invoice/UploadInvoiceRequest.php +++ b/app/Http/Requests/Invoice/UploadInvoiceRequest.php @@ -31,7 +31,7 @@ class UploadInvoiceRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/Payment/StorePaymentRequest.php b/app/Http/Requests/Payment/StorePaymentRequest.php index e3c845d8176f..9f0ba912bd5f 100644 --- a/app/Http/Requests/Payment/StorePaymentRequest.php +++ b/app/Http/Requests/Payment/StorePaymentRequest.php @@ -107,10 +107,10 @@ class StorePaymentRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } return $rules; diff --git a/app/Http/Requests/Payment/UpdatePaymentRequest.php b/app/Http/Requests/Payment/UpdatePaymentRequest.php index 8c6cf555a5b8..e62826a2489e 100644 --- a/app/Http/Requests/Payment/UpdatePaymentRequest.php +++ b/app/Http/Requests/Payment/UpdatePaymentRequest.php @@ -38,7 +38,7 @@ class UpdatePaymentRequest extends Request $rules = [ 'invoices' => ['array', new PaymentAppliedValidAmount, new ValidCreditsPresentRule], 'invoices.*.invoice_id' => 'distinct', - 'documents' => 'mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx', + 'documents' => 'mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx', ]; if($this->number) @@ -48,10 +48,10 @@ class UpdatePaymentRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } return $rules; diff --git a/app/Http/Requests/Payment/UploadPaymentRequest.php b/app/Http/Requests/Payment/UploadPaymentRequest.php index 75ece4bd146f..5e7532f4fbc4 100644 --- a/app/Http/Requests/Payment/UploadPaymentRequest.php +++ b/app/Http/Requests/Payment/UploadPaymentRequest.php @@ -31,7 +31,7 @@ class UploadPaymentRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/Product/StoreProductRequest.php b/app/Http/Requests/Product/StoreProductRequest.php index 0eae52978e3b..cebea143a403 100644 --- a/app/Http/Requests/Product/StoreProductRequest.php +++ b/app/Http/Requests/Product/StoreProductRequest.php @@ -32,10 +32,10 @@ class StoreProductRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } $rules['cost'] = 'numeric'; diff --git a/app/Http/Requests/Product/UpdateProductRequest.php b/app/Http/Requests/Product/UpdateProductRequest.php index 14b2bc3266f7..3db46640f0a2 100644 --- a/app/Http/Requests/Product/UpdateProductRequest.php +++ b/app/Http/Requests/Product/UpdateProductRequest.php @@ -35,10 +35,10 @@ class UpdateProductRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } $rules['cost'] = 'numeric'; diff --git a/app/Http/Requests/Product/UploadProductRequest.php b/app/Http/Requests/Product/UploadProductRequest.php index 1cb8811566c8..4157e0300ebb 100644 --- a/app/Http/Requests/Product/UploadProductRequest.php +++ b/app/Http/Requests/Product/UploadProductRequest.php @@ -31,7 +31,7 @@ class UploadProductRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/Project/UploadProjectRequest.php b/app/Http/Requests/Project/UploadProjectRequest.php index 8b160dec8639..18638e2545a2 100644 --- a/app/Http/Requests/Project/UploadProjectRequest.php +++ b/app/Http/Requests/Project/UploadProjectRequest.php @@ -31,7 +31,7 @@ class UploadProjectRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/Quote/StoreQuoteRequest.php b/app/Http/Requests/Quote/StoreQuoteRequest.php index ea2e30bc3ef1..01145f54750f 100644 --- a/app/Http/Requests/Quote/StoreQuoteRequest.php +++ b/app/Http/Requests/Quote/StoreQuoteRequest.php @@ -43,10 +43,10 @@ class StoreQuoteRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } $rules['number'] = ['nullable',Rule::unique('quotes')->where('company_id', auth()->user()->company()->id)]; diff --git a/app/Http/Requests/Quote/UpdateQuoteRequest.php b/app/Http/Requests/Quote/UpdateQuoteRequest.php index 294a4cfc3a83..d67ce3dc1f04 100644 --- a/app/Http/Requests/Quote/UpdateQuoteRequest.php +++ b/app/Http/Requests/Quote/UpdateQuoteRequest.php @@ -41,10 +41,10 @@ class UpdateQuoteRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } if($this->number) diff --git a/app/Http/Requests/Quote/UploadQuoteRequest.php b/app/Http/Requests/Quote/UploadQuoteRequest.php index 56c072cb795e..63d326ea59ae 100644 --- a/app/Http/Requests/Quote/UploadQuoteRequest.php +++ b/app/Http/Requests/Quote/UploadQuoteRequest.php @@ -31,7 +31,7 @@ class UploadQuoteRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/RecurringExpense/UploadRecurringExpenseRequest.php b/app/Http/Requests/RecurringExpense/UploadRecurringExpenseRequest.php index e5fa858da8f7..12f5b1d1d23a 100644 --- a/app/Http/Requests/RecurringExpense/UploadRecurringExpenseRequest.php +++ b/app/Http/Requests/RecurringExpense/UploadRecurringExpenseRequest.php @@ -31,7 +31,7 @@ class UploadRecurringExpenseRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/RecurringInvoice/StoreRecurringInvoiceRequest.php b/app/Http/Requests/RecurringInvoice/StoreRecurringInvoiceRequest.php index 8f764f3b2e78..7c527fd7f858 100644 --- a/app/Http/Requests/RecurringInvoice/StoreRecurringInvoiceRequest.php +++ b/app/Http/Requests/RecurringInvoice/StoreRecurringInvoiceRequest.php @@ -42,11 +42,11 @@ class StoreRecurringInvoiceRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } $rules['client_id'] = 'required|exists:clients,id,company_id,'.auth()->user()->company()->id; diff --git a/app/Http/Requests/RecurringInvoice/UpdateRecurringInvoiceRequest.php b/app/Http/Requests/RecurringInvoice/UpdateRecurringInvoiceRequest.php index 4421cf5d69ed..d0c415056c98 100644 --- a/app/Http/Requests/RecurringInvoice/UpdateRecurringInvoiceRequest.php +++ b/app/Http/Requests/RecurringInvoice/UpdateRecurringInvoiceRequest.php @@ -42,10 +42,10 @@ class UpdateRecurringInvoiceRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } if($this->number) diff --git a/app/Http/Requests/RecurringInvoice/UploadRecurringInvoiceRequest.php b/app/Http/Requests/RecurringInvoice/UploadRecurringInvoiceRequest.php index bd0bc8b0db9b..42a1bdb398d3 100644 --- a/app/Http/Requests/RecurringInvoice/UploadRecurringInvoiceRequest.php +++ b/app/Http/Requests/RecurringInvoice/UploadRecurringInvoiceRequest.php @@ -31,7 +31,7 @@ class UploadRecurringInvoiceRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/RecurringQuote/StoreRecurringQuoteRequest.php b/app/Http/Requests/RecurringQuote/StoreRecurringQuoteRequest.php index 51ee3917501a..84d2b35f917d 100644 --- a/app/Http/Requests/RecurringQuote/StoreRecurringQuoteRequest.php +++ b/app/Http/Requests/RecurringQuote/StoreRecurringQuoteRequest.php @@ -42,11 +42,11 @@ class StoreRecurringQuoteRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } $rules['client_id'] = 'required|exists:clients,id,company_id,'.auth()->user()->company()->id; diff --git a/app/Http/Requests/RecurringQuote/UpdateRecurringQuoteRequest.php b/app/Http/Requests/RecurringQuote/UpdateRecurringQuoteRequest.php index 2f620cfcce1e..ca7dd0d78e6b 100644 --- a/app/Http/Requests/RecurringQuote/UpdateRecurringQuoteRequest.php +++ b/app/Http/Requests/RecurringQuote/UpdateRecurringQuoteRequest.php @@ -42,10 +42,10 @@ class UpdateRecurringQuoteRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } if($this->number) diff --git a/app/Http/Requests/RecurringQuote/UploadRecurringQuoteRequest.php b/app/Http/Requests/RecurringQuote/UploadRecurringQuoteRequest.php index 72985f6f48e7..7018f6e962a8 100644 --- a/app/Http/Requests/RecurringQuote/UploadRecurringQuoteRequest.php +++ b/app/Http/Requests/RecurringQuote/UploadRecurringQuoteRequest.php @@ -31,7 +31,7 @@ class UploadRecurringQuoteRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/Shop/StoreShopClientRequest.php b/app/Http/Requests/Shop/StoreShopClientRequest.php index 886551dc1361..ba545cb12c3b 100644 --- a/app/Http/Requests/Shop/StoreShopClientRequest.php +++ b/app/Http/Requests/Shop/StoreShopClientRequest.php @@ -43,10 +43,10 @@ class StoreShopClientRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } /* Ensure we have a client name, and that all emails are unique*/ diff --git a/app/Http/Requests/Shop/StoreShopInvoiceRequest.php b/app/Http/Requests/Shop/StoreShopInvoiceRequest.php index e027fcb56cd5..0dabd82b182d 100644 --- a/app/Http/Requests/Shop/StoreShopInvoiceRequest.php +++ b/app/Http/Requests/Shop/StoreShopInvoiceRequest.php @@ -42,10 +42,10 @@ class StoreShopInvoiceRequest extends Request $documents = count($this->input('documents')); foreach (range(0, $documents) as $index) { - $rules['documents.'.$index] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents.'.$index] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } } elseif ($this->input('documents')) { - $rules['documents'] = 'file|mimes:png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; + $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; } $rules['client_id'] = 'required|exists:clients,id,company_id,'.$this->company->id; diff --git a/app/Http/Requests/Task/UploadTaskRequest.php b/app/Http/Requests/Task/UploadTaskRequest.php index c14cce38fe4e..791f44b137d5 100644 --- a/app/Http/Requests/Task/UploadTaskRequest.php +++ b/app/Http/Requests/Task/UploadTaskRequest.php @@ -31,7 +31,7 @@ class UploadTaskRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Http/Requests/Vendor/UploadVendorRequest.php b/app/Http/Requests/Vendor/UploadVendorRequest.php index 27883a89a4c5..6afb515b7669 100644 --- a/app/Http/Requests/Vendor/UploadVendorRequest.php +++ b/app/Http/Requests/Vendor/UploadVendorRequest.php @@ -31,7 +31,7 @@ class UploadVendorRequest extends Request $rules = []; if($this->input('documents')) - $rules['documents'] = 'file|mimes:html,csv,png,ai,svg,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; + $rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; return $rules; diff --git a/app/Models/Document.php b/app/Models/Document.php index 20059e724ad2..cddd583321ea 100644 --- a/app/Models/Document.php +++ b/app/Models/Document.php @@ -42,9 +42,6 @@ class Document extends BaseModel 'ai' => [ 'mime' => 'application/postscript', ], - 'svg' => [ - 'mime' => 'image/svg+xml', - ], 'jpeg' => [ 'mime' => 'image/jpeg', ],