fixed gallery

app/Services/AvatarService.php

@@ -54,12 +54,7 @@ class AvatarService
     {
         $this->assertImageManagerAvailable();
         $this->assertStorageIsAllowed();
-        $this->assertSecureImageUpload($file);
-
-        $binary = file_get_contents($file->getRealPath());
-        if ($binary === false || $binary === '') {
-            throw new RuntimeException('Uploaded avatar file is empty or unreadable.');
-        }
+        $binary = $this->assertSecureImageUpload($file);
 
         return $this->storeFromBinary($userId, $binary);
     }
@@ -230,8 +225,12 @@ class AvatarService
         }
     }
 
-    private function assertSecureImageUpload(UploadedFile $file): void
+    private function assertSecureImageUpload(UploadedFile $file): string
     {
+        if (! $file->isValid()) {
+            throw new RuntimeException('Avatar upload is not valid.');
+        }
+
         $extension = strtolower((string) $file->getClientOriginalExtension());
         if (!in_array($extension, self::ALLOWED_EXTENSIONS, true)) {
             throw new RuntimeException('Unsupported avatar file extension.');
@@ -242,7 +241,12 @@ class AvatarService
             throw new RuntimeException('Unsupported avatar MIME type.');
         }
 
-        $binary = file_get_contents($file->getRealPath());
+        $uploadPath = (string) ($file->getRealPath() ?: $file->getPathname());
+        if ($uploadPath === '' || !is_readable($uploadPath)) {
+            throw new RuntimeException('Unable to resolve uploaded avatar path.');
+        }
+
+        $binary = file_get_contents($uploadPath);
         if ($binary === false || $binary === '') {
             throw new RuntimeException('Unable to read uploaded avatar data.');
         }
@@ -257,5 +261,7 @@ class AvatarService
         if (!is_array($dimensions) || ($dimensions[0] ?? 0) < 1 || ($dimensions[1] ?? 0) < 1) {
             throw new RuntimeException('Uploaded avatar is not a valid image.');
         }
+
+        return $binary;
     }
 }