PHPackages arraypress/wp-file-utils - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [File & Storage](/categories/file-storage) 4. / 5. arraypress/wp-file-utils ActiveLibrary[File & Storage](/categories/file-storage) arraypress/wp-file-utils ======================== A comprehensive WordPress library for file operations, path manipulation, MIME type handling, and secure filesystem operations. 119PHP Since Feb 21Pushed 2mo agoCompare [ Source](https://github.com/arraypress/wp-file-utils)[ Packagist](https://packagist.org/packages/arraypress/wp-file-utils)[ RSS](/packages/arraypress-wp-file-utils/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) WP File Utils ============= [](#wp-file-utils) A lightweight WordPress library providing essential file path operations, MIME type detection, and security validation. Installation ------------ [](#installation) ``` composer require arraypress/wp-file-utils ``` Requirements ------------ [](#requirements) - PHP 7.4 or later - WordPress 5.0 or later Core Classes ------------ [](#core-classes) ### File Class [](#file-class) Path/URL conversions and path manipulation that WordPress doesn't provide natively. ``` use ArrayPress\FileUtils\File; // Convert between URLs and paths (the real value of this library) $path = File::url_to_path( 'https://site.com/wp-content/uploads/file.pdf' ); $url = File::path_to_url( '/var/www/wp-content/uploads/file.pdf' ); // Resolve paths within the uploads directory $path = File::upload_path( 'sugarcart/2024/01/file.zip' ); $url = File::upload_url( 'sugarcart/2024/01/file.zip' ); // Check if file is local if ( File::is_local_file( $url ) ) { // Safe to convert to local path } // Change extension $new_path = File::change_extension( 'image.jpg', 'png' ); // 'image.png' // Rename with preserved extension $filename = File::rename_preserve_extension( 'My Report', 'original.pdf' ); // 'my-report.pdf' // Join paths safely $full_path = File::join_path( $upload_dir, '2024', 'documents', 'file.pdf' ); // Normalize cross-platform paths $clean = File::normalize_path( 'path\\to//file.pdf' ); // 'path/to/file.pdf' ``` ### MIME Class [](#mime-class) MIME type detection and categorization with 70+ file type mappings. ``` use ArrayPress\FileUtils\MIME; // Get MIME type from filename $mime = MIME::get_type( 'document.pdf' ); // 'application/pdf' // Get extension from MIME type $ext = MIME::get_extension_from_type( 'application/pdf' ); // 'pdf' // Determine extension from HTTP response (useful for sideloading) $ext = MIME::get_extension_from_response( $response, $body ); // 'webp' // Determine delivery behavior if ( MIME::should_force_download( $mime ) ) { // Force download (ZIP, DOC, executables, etc.) } else { // Display inline (PDF, images, video, audio) } // Type checking MIME::is_media( $mime ); // Audio or video MIME::is_image( $mime ); // Image files MIME::is_document( $mime ); // Office docs, PDFs, text MIME::is_archive( $mime ); // ZIP, RAR, 7Z, etc. // Get all registered types $all = MIME::get_all_types(); // ['pdf' => 'application/pdf', ...] ``` ### Security Class [](#security-class) File security validation and path sanitization. ``` use ArrayPress\FileUtils\Security; // Check if filename is safe (no traversal, null bytes, or dangerous extensions) if ( Security::is_safe_filename( $filename ) ) { // Safe to use } // Check against an allowlist $allowed = [ 'pdf', 'doc', 'docx', 'jpg', 'png' ]; if ( Security::is_allowed_file_type( 'document.pdf', $allowed ) ) { // File type is permitted } // Sanitize user-supplied paths (strips phar://, php://, traversal, etc.) $safe_path = Security::sanitize_path( $user_input ); ``` Supported MIME Types -------------------- [](#supported-mime-types) The library includes mappings for 70+ file types: - **Documents**: PDF, Word, Excel, PowerPoint, OpenDocument - **Media**: MP3, MP4, WebM, AVI, MOV, OGG, WAV, FLAC - **Images**: JPEG, PNG, GIF, WebP, SVG, BMP, TIFF - **Archives**: ZIP, RAR, 7Z, TAR, GZ, BZ2 - **E-books**: EPUB, MOBI, AZW - **Text**: TXT, CSV, JSON, XML, HTML, CSS, JS, RTF - **Fonts**: TTF, OTF, WOFF, WOFF2 - **Applications**: EXE, DMG, APK, DEB, RPM Why This Library? ----------------- [](#why-this-library) WordPress lacks several essential file operations: - **URL ↔ path conversion** — no built-in way to convert between file URLs and local paths - **Upload path resolution** — no simple helper to resolve paths within the uploads directory - **Smart delivery detection** — no logic for determining inline vs download behavior - **Comprehensive MIME mappings** — limited file type coverage beyond basics - **MIME from HTTP responses** — no detection from response headers or binary inspection - **Path security** — no protection against protocol injection (`phar://`, `php://`, etc.) Integration Examples -------------------- [](#integration-examples) ### File Upload Validation [](#file-upload-validation) ``` use ArrayPress\FileUtils\Security; use ArrayPress\FileUtils\MIME; function validate_upload( string $filename ): bool|WP_Error { if ( ! Security::is_safe_filename( $filename ) ) { return new WP_Error( 'unsafe', 'Filename contains unsafe characters.' ); } $allowed = [ 'pdf', 'doc', 'docx', 'jpg', 'png' ]; if ( ! Security::is_allowed_file_type( $filename, $allowed ) ) { return new WP_Error( 'invalid_type', 'File type not allowed.' ); } return true; } ``` ### Sideloading Remote Images [](#sideloading-remote-images) ``` use ArrayPress\FileUtils\MIME; $response = wp_remote_get( $image_url ); $body = wp_remote_retrieve_body( $response ); // Detect extension even when URL has no file extension $ext = MIME::get_extension_from_response( $response, $body ); $filename = 'product-image.' . $ext; ``` ### Download Handling [](#download-handling) ``` use ArrayPress\FileUtils\File; use ArrayPress\FileUtils\MIME; $local_path = File::url_to_path( $download_url ); if ( $local_path && is_readable( $local_path ) ) { $mime = MIME::get_type( $local_path ); if ( MIME::should_force_download( $mime ) ) { // Serve as download } else { // Display inline } } ``` License ------- [](#license) GPL-2.0-or-later Credits ------- [](#credits) Created and maintained by [David Sherlock](https://davidsherlock.com) at [ArrayPress](https://arraypress.com). ### Health Score 21 — LowBetter than 19% of packages Maintenance56 Moderate activity, may be stable Popularity8 Limited adoption so far Community6 Small or concentrated contributor base Maturity12 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/cd6eb8aff0903d87eb674d1ba3c5f3653899c0d7661504eb0deb7798ed86b643?d=identicon)[arraypress](/maintainers/arraypress) --- Top Contributors [![arraypress](https://avatars.githubusercontent.com/u/22668877?v=4)](https://github.com/arraypress "arraypress (9 commits)") ### Embed Badge ![Health badge](/badges/arraypress-wp-file-utils/health.svg) ``` [![Health](https://phpackages.com/badges/arraypress-wp-file-utils/health.svg)](https://phpackages.com/packages/arraypress-wp-file-utils) ``` ### Alternatives [knplabs/gaufrette PHP library that provides a filesystem abstraction layer 2.5k39.8M123](/packages/knplabs-gaufrette)[google/cloud-storage Cloud Storage Client for PHP 34390.8M125](/packages/google-cloud-storage)[illuminate/filesystem The Illuminate Filesystem package. 15261.6M2.6k](/packages/illuminate-filesystem)[superbalist/flysystem-google-storage Flysystem adapter for Google Cloud Storage 26320.6M30](/packages/superbalist-flysystem-google-storage)[creocoder/yii2-flysystem The flysystem extension for the Yii framework 2931.7M62](/packages/creocoder-yii2-flysystem)[flowjs/flow-php-server PHP library for handling chunk uploads. Works with flow.js html5 file uploads. 2451.6M15](/packages/flowjs-flow-php-server) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)