WordPress.org

Make WordPress Core

#21299 closed defect (bug) (fixed)

upload_mimes filter doesn't work occasionally

Reported by: dpacmittal Owned by: ryan
Milestone: 3.5 Priority: normal
Severity: normal Version: 3.4.1
Component: Upload Keywords:
Focuses: Cc:

Description

get_allowed_mime_types() in wp-includes/functions.php contains static variable $mimes. So if get_allowed_mime_types() is called before a filter is added, apply_filters() for 'upload_mimes' is not called, rendering the filter useless.

It happened on one of my websites where get_allowed_mime_types() was being called even before 'upload_mimes' filters were added from the theme's functions.php.

Best fix is to remove the static variable. Thoughts?

Change History (6)

comment:1 SergeyBiryukov21 months ago

Same for wp_allowed_protocols(): ticket:18268:18.

comment:2 dpacmittal21 months ago

Static variable also should not be used because it makes breaking core functionality very easy for a plugin developers. A developer may simply call the function get_allowed_mime_types() in his plugin, which might cause the static variable to initialize and set with default array.

Note, at this point no filters would've been added because plugins are loaded even before 'init' (http://codex.wordpress.org/Plugin_API/Action_Reference) . So if the function get_allowed_mime_types() is called at this point, $mimes is simply set to default array without running any filters. When the filter is added at a later stage, it is simple ignored because $mimes is true in the following code:

function get_allowed_mime_types() {
	static $mimes = false;
	if ( !$mimes ) {
		$mimes = apply_filters( 'upload_mimes', array(
...

Performance hit after removing static should not be much because it is not a very frequently called function.

comment:3 SergeyBiryukov21 months ago

  • Component changed from General to Upload

comment:4 dpacmittal21 months ago

Backupwordpress plugin breaks 'upload_mimes' filter and the developer has no clue about it, although he has not called get_allowed_mime_types() directly. He calls sanitize_file_name() which calls this function:

http://wordpress.org/support/topic/backupwordpress-clobbers-upload_mimes-filter?replies=2

Same issue here:
http://wordpress.stackexchange.com/questions/44777/upload-mimes-filter-has-no-effect

Last edited 21 months ago by dpacmittal (previous) (diff)

comment:5 ryan20 months ago

  • Milestone changed from Awaiting Review to 3.5

comment:6 ryan20 months ago

  • Owner set to ryan
  • Resolution set to fixed
  • Status changed from new to closed

In [21541]:

Introduce wp_get_mime_types() for fetching the complete list of mime types. Remove the static caching of the types so that filters other than the first filter work. Use wp_get_mime_types() in do_enclose(). fixes #21299 #21594

Note: See TracTickets for help on using tickets.