From dcb30b3aa7937f76294c676220acee09a2215c64 Mon Sep 17 00:00:00 2001
From: Duncan Sommerville <duncan.sommerville@gmail.com>
Date: Thu, 24 Sep 2015 12:57:19 -0400
Subject: [PATCH] Move file extension check to before database object insertion

---
 airtime_mvc/application/models/airtime/CcFiles.php | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/airtime_mvc/application/models/airtime/CcFiles.php b/airtime_mvc/application/models/airtime/CcFiles.php
index e0e7e65b1..daaad7bbf 100644
--- a/airtime_mvc/application/models/airtime/CcFiles.php
+++ b/airtime_mvc/application/models/airtime/CcFiles.php
@@ -135,6 +135,13 @@ class CcFiles extends BaseCcFiles {
 
         try
         {
+            //Only accept files with a file extension that we support.
+            // Let the analyzer do the heavy lifting in terms of mime verification and playability
+            $fileExtension = pathinfo($originalFilename, PATHINFO_EXTENSION);
+            if (!in_array(strtolower($fileExtension), array_values(FileDataHelper::getAudioMimeTypeArray()))) {
+                throw new Exception("Bad file extension.");
+            }
+
             $fileArray = self::removeBlacklistedFields($fileArray);
 
             self::validateFileArray($fileArray);
@@ -147,12 +154,6 @@ class CcFiles extends BaseCcFiles {
             $file->setDbHidden(true);
             $file->save();
 
-            //Only accept files with a file extension that we support.
-            $fileExtension = pathinfo($originalFilename, PATHINFO_EXTENSION);
-            if (!in_array(strtolower($fileExtension), array_values(FileDataHelper::getAudioMimeTypeArray()))) {
-                throw new Exception("Bad file extension.");
-            }
-
             $callbackUrl = Application_Common_HTTPHelper::getStationUrl() . "/rest/media/" . $file->getPrimaryKey();
 
             Application_Service_MediaService::importFileToLibrary($callbackUrl, $filePath,