Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Wikipedia: Mediawiki

Uploading files

  

 
Wikipedia mediawiki RSS feed   Index | Next | Previous | View Threaded


chris.green at landg

Aug 7, 2006, 5:52 AM

Post #1 of 5 (773 views)
Permalink
Uploading files
I've been able to enable uploading of files and set the $wgFileExtensions[]
line in LocalSettings.php to enable me to upload pdf files.

My problem is how to set this to enable different types of files to be
uploaded e.g. pdf's and word docs and Powerpoint etc.

Does anyone know the correct syntax for specifying multiple file extensions
for files that can be uploaded.

Thank
Chris


This e-mail (and any attachments) may contain privileged and/or confidential information. If you are not the intended recipient please do not disclose, copy, distribute, disseminate or take any action in reliance on it. If you have received this message in error please reply and tell us and then delete it. Should you wish to communicate with us by e-mail we cannot guarantee the security of any data outside our own computer systems. For the protection of Legal & General's systems and staff, incoming emails will be automatically scanned.

Any information contained in this message may be subject to applicable terms and conditions and must not be construed as giving investment advice within or outside the United Kingdom.

The following companies are subsidiary companies of the Legal & General Group Plc which are authorised and regulated by the Financial Services Authority for advising and arranging the products shown: Legal & General Partnership Services Limited (insurance and mortgages), Legal & General Insurance Limited (insurance), Legal & General Assurance Society Limited
(life assurance, pensions and investments), Legal & General Unit Trust Managers Limited and Legal & General Portfolio Management Services Limited (investments).

They are registered in England under numbers shown.
The registered office is Temple Court, 11 Queen Victoria Street, London EC4N 4TP.

Legal & General Partnership Services Limited: 5045000 Legal & General Assurance Society Limited: 166055 Legal & General (Unit Trust Managers) Limited: 1009418 Legal & General (Portfolio Management Services) Limited: 2457525 Legal & General Insurance Limited: 423930

They are registered with the Financial Services Authority under numbers shown. You can check this at www.fsa.gov.uk/register

Legal & General Partnership Services Limited: 300792 Legal & General Assurance Society Limited: 117659 Legal & General (Unit Trust Managers) Limited: 119273 Legal & General (Portfolio Management Services) Limited: 146786 Legal & General Insurance Limited: 202050

_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] Wikimedia
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l


pv0001 at dynapic

Sep 24, 2009, 3:54 AM

Post #2 of 5 (621 views)
Permalink
Re: Uploading Files [In reply to]
am 24.09.2009 12:33 schrieb Haim (Howard) Roman:
> There are some file types that the Wiki developers considered too
> dangerous to allow to upload. So they're not allowed even if you
> think you've configured it to "allow everything". I don't know enough
> to defend or criticize this decision, but I assume the developers know
> what they're doing.

Ah, thanks for this insight. So I have to assume that
"$wgCheckFileExtensions = false;" mean sometimes "false" and the error
message is quite missleading:

"„.zip“ is not allowed. Allowed extensions: 7z, zip, rar,"
^^^
> This includes Open Office files. I'll bet it includes anything with XML.

I have *no* problems to upload ".odt", ".ods", ".odg" etc.

> I designated a place covered by an apache server to place such files,
> then defined a template to take the file name & convert it to the
> appropriate link. That way, if I move the location, I can just update
> the template.

I'm using the same approch by placing some (mostly the big ones) files
to an MW-external place and linking it inside of MW

Cheers,
Peter

_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l


mrzmanwiki at gmail

Sep 24, 2009, 8:54 AM

Post #3 of 5 (616 views)
Permalink
Re: Uploading Files [In reply to]
Peter Velan wrote:
> am 24.09.2009 12:33 schrieb Haim (Howard) Roman:
>> There are some file types that the Wiki developers considered too
>> dangerous to allow to upload. So they're not allowed even if you
>> think you've configured it to "allow everything". I don't know enough
>> to defend or criticize this decision, but I assume the developers know
>> what they're doing.
>
> Ah, thanks for this insight. So I have to assume that
> "$wgCheckFileExtensions = false;" mean sometimes "false" and the error
> message is quite missleading:
>
> "„.zip“ is not allowed. Allowed extensions: 7z, zip, rar,"
> ^^^
>> This includes Open Office files. I'll bet it includes anything with XML.
>
> I have *no* problems to upload ".odt", ".ods", ".odg" etc.
>
>> I designated a place covered by an apache server to place such files,
>> then defined a template to take the file name & convert it to the
>> appropriate link. That way, if I move the location, I can just update
>> the template.
>
> I'm using the same approch by placing some (mostly the big ones) files
> to an MW-external place and linking it inside of MW

You'll probably need to override MIME type checking as well. See
<http://www.mediawiki.org/wiki/Manual:Mime_type_detection#Forbidden_files>

Note that the MIME blacklist exists for security reasons. If untrusted
users are allowed to upload files, this can open up significant security
holes.

--
Alex (wikipedia:en:User:Mr.Z-man)

_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l


pv0001 at dynapic

Sep 24, 2009, 9:43 AM

Post #4 of 5 (630 views)
Permalink
Re: Uploading Files [In reply to]
am 24.09.2009 17:55 schrieb Alex:
> Peter Velan wrote:
>> am 24.09.2009 12:33 schrieb Haim (Howard) Roman:
>>> There are some file types that the Wiki developers considered too
>>> dangerous to allow to upload. So they're not allowed even if you
>>> think you've configured it to "allow everything". I don't know enough
>>> to defend or criticize this decision, but I assume the developers know
>>> what they're doing.
>>
>> Ah, thanks for this insight. So I have to assume that
>> "$wgCheckFileExtensions = false;" mean sometimes "false" and the error
>> message is quite missleading:
>>
>> "„.zip“ is not allowed. Allowed extensions: 7z, zip, rar,"
>> ^^^
>>> This includes Open Office files. I'll bet it includes anything with XML.
>>
>> I have *no* problems to upload ".odt", ".ods", ".odg" etc.
>>
>>> I designated a place covered by an apache server to place such files,
>>> then defined a template to take the file name & convert it to the
>>> appropriate link. That way, if I move the location, I can just update
>>> the template.
>>
>> I'm using the same approch by placing some (mostly the big ones) files
>> to an MW-external place and linking it inside of MW
>
> You'll probably need to override MIME type checking as well.

For testing purpose I switched "$wgVerifyMimeType = false;"

> See
> <http://www.mediawiki.org/wiki/Manual:Mime_type_detection#Forbidden_files>

Thanks! Your are right, the array "$wgFileblacklist" in
"DefaultSettings.php" does explicitly forbids Windows executables, as
per ...

| # May contain harmful executables for Windows victims
| 'exe', 'scr', 'dll', 'msi', 'vbs', 'bat',
| 'com', 'pif', 'cmd', 'vxd', 'cpl'

But, it seems a litle bit paranoid to consider files withe names like
"xyz.exe.pdf" as a potential hazard.

> Note that the MIME blacklist exists for security reasons. If untrusted
> users are allowed to upload files, this can open up significant security
> holes.

I would never allow uploads of executables in a public accessible
wiki. The wiki where I want to allow uploads of "dangerous" files is a
closed intranet type with predefined users.

Nevertheless, thanks for the reminder and the really appreciated hints.

Peter

_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l


stipen.treublatt at gmx

Feb 5, 2012, 1:32 AM

Post #5 of 5 (17 views)
Permalink
Re: Uploading Files [In reply to]
Have a look at
http://www.mediawiki.org/wiki/Manual:Configuring_file_uploads

and then use Special:Upload.

Am 05.02.2012 10:29, schrieb Greg:
> More mediawiki difficulty. Just how do I upload files? Like images and ZIP files, so that I can link to them in my pages?
>
> Yes, there are somethings in LocalSettings.php, which I have all enabled, but where or how do you upload files? Is there a form some where? Do you have to use FTP? And again, mediawiki online help is just too vague! And then, how does one reference them in a page?
>
> Grrrrr.
>
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>


_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l

Wikipedia mediawiki RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.