In the WPMU of 6th of December (and I believe it is in all other builds), in the WYSIWYG editor, the upload area doesn't have any restrictions on the nature of files uploaded !!!
I mean, even .php scripts could be uploaded !!
How to limit that ???
File Upload (12 posts)
-
kalam
Posted 20 years ago # -
andrewbillits
Posted 20 years ago #yeah, I think the intention was to allow mp3, wav, etc. However it must not be checking the file to see whethere it is an allowed type.
Just write a simple function that will return either true or false depending if the filetype is allowed.
something like:
$allowed = "mp3|gif|png|jpg";
and check that against the character after the "."
-
or save a step, and use my plugin which fixes it. Set your allowed types in options as normal.
-
Posted 20 years ago #itdamager: always one step ahead :D
-
Posted 20 years ago #Thanks for the quick repleis :)
I am talking about the already installed tool !!!
I don't know where to add that function you are talking about -
Posted 20 years ago #The plugin basically just adds a function similar to what I was talking about. Plus is gives you a nice little interface to add/remove allowed file types/ So if you can, use the plugin.
-
kalam: download and unzip my plugin and save it in mu-plugins. It will automagically be activated.
Now you will only be able to upload the file types you specify in siteadmin->options.
-
Posted 20 years ago #And the already existing one ?? will it get deactivated automatically ??
-
My script won't touch any pre-existing files. It only verifies file extensions of new uploads by rejecting and deleting uploads not matching your allowed files setting.
-
Posted 20 years ago #It worked :-)
-
thanks itdamager ;)
-
Posted 20 years ago #:-) thanks
