Opened 12 years ago
Closed 12 years ago
#20997 closed defect (bug) (invalid)
Multisite not honoring upload_filetypes
Reported by: | Ipstenu | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Multisite | Keywords: | |
Focuses: | Cc: |
Description
It was a myriad error filled day. Once I kicked PHP into shape, I couldn't upload epubs (though everything else 'normal' worked). I got the age old error "Sorry, this file type is not permitted for security reasons."
I checked in Network -> Settings -> Network Settings, where I've set "Upload file types" to the following (bolded the ones I added):
jpg jpeg png gif mp3 mov avi wmv midi mid pdf m4v flv ogv docx epub zip ico txt
But that didn't work until I added this in a function (mu-plugin function, whatever)
add_filter('upload_mimes', 'add_custom_upload_mimes'); function add_custom_upload_mimes($existing_mimes){ $existing_mimes['epub'] = 'application/epub+zip'; //allow epub files return $existing_mimes; }
So okay, that ain't right! I reproduced it on a clean build. Every time I add in the filter, it will magically work.
Now I know this worked on trunk in May, so I double checked the last changes to ms-functions.php (since that's where it has the nifty function check_upload_mimes() which looks at those settings) which has had no changes that should have impacted anything to do with this.
The weird thing is that this doesn't impact all file types. If I add 'zip' it works fine, but I have to force set epub (and mobi, and a couple others I made up). From what I can tell, these will always work: m4v flv ogv docx zip ico txt
But epub, mobi, bla (my fake one) always fail without the filter.
Tested it on php 5.3.13, 5.3.14, and 5.3.6
Change History (7)
#2
@
12 years ago
It's always worked when you add to it. In fact, it continues to work when you add things, just not all things. We've been telling folks since 3.0 that the way to add mimetypes in Multisite was to append to this. I've never tested it on 3.3 (in May I was using aortic).
#3
@
12 years ago
From what I can tell, these will always work: m4v flv ogv docx zip ico txt
That's because they are already present in get_allowed_mime_types()
:
http://core.trac.wordpress.org/browser/tags/3.4.1/wp-includes/functions.php#L1755
Any extensions not from that list won't work unless a filter function is hooked to upload_mimes
.
Got the same results as duck_.
#4
@
12 years ago
Can somebody please add some documentation for this?
I tried to upload ifc files in a network install and it doesn't work. I add the file to the allowed file types in /wp-admin/network/settings.php and it still doesn't work. Ipstenus filter fixes that.
I don't have all the SVN setup in place to create a patch, but could you at least add something like "Please note that unusal filetypes may be blocked even if they are added to the list. See bug #20997 for details." in the help tab of that page?
A good solution for this would be to send the "application/octet-stream" mime-type for unknown, but allowed filetypes.
#6
@
12 years ago
- Keywords needs-codex removed
I've added a note to the Network Admin Settings Screen page.
The check_upload_mimes() function is designed to restrict the set of allowed file types that come with WordPress (in get_allowed_mime_types()). It is not meant to add to it.
I double checked by adding epub to a 3.3 install and that blocked it too. Not sure why it worked for you previously without using a plugin.