<div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr">in config.php I have<div>$UploadExts['gpx'] = 'application/gpx+xml'; </div><div>and am using <a href="https://www.pmwiki.org/wiki/PmWiki/UploadVariables#EnableUploadMimeMatch">$EnableUploadMimeMatch</a></div><div><br></div><div>Now when I try to upload (a properly formed) <a href="https://www.topografix.com/gpx.asp">.gpx</a> file </div><div>DDMU gives the message 'extension "doesn't match the file type"' (which means the check is now being called and is returning a message)<br><br>is there any way to determine, or to have included in the error message, what the expected mime type is?</div><div>While <a href="https://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types">many</a> <a href="https://www.freeformatter.com/mime-types-list.html">references</a> on the internet state the above (application/gpx+xml) is the mime type for .gpx files</div><div><a href="https://www.htmlstrip.com/mime-file-type-checker">MIME File Type Checker - HTMLStrip</a> suggests it it "text/xml", but I think that is because it doesn't know about.gpx files</div><div><br></div><div>Others are suggested <a href="https://wordpress.org/support/topic/gpx-tip/">here</a>.</div><div>Is it possible to add multiple values to $UploadExts?</div><div>OTOH the <a href="https://www.pmwiki.org/wiki/PmWiki/UploadVariables#EnableUploadMimeMatch">PmWiki documentation</a> suggests that<br><pre class="escaped gmail-hlt gmail-php gmail-hljs gmail-language-php" style="font-size:0.93333em;line-height:18px;max-width:100%;overflow:auto;margin-top:0px;margin-bottom:0px;background:rgb(243,243,243);color:rgb(68,68,68)"> <span class="gmail-hljs-variable" style="color:rgb(171,86,86)">$EnableUploadMimeMatch</span> = <span class="gmail-hljs-keyword" style="font-weight:700">array</span>(
  <span class="gmail-hljs-string" style="color:rgb(136,0,0)">'csv'</span>=><span class="gmail-hljs-string" style="color:rgb(136,0,0)">'!^(text/plain|application/csv)$!'</span>,
  <span class="gmail-hljs-string" style="color:rgb(136,0,0)">'docx'</span>=><span class="gmail-hljs-string" style="color:rgb(136,0,0)">'!^(application/encrypted)$!'</span>,
);</pre></div><div>is the way to manage this issue.</div><div><br></div><div>thanks</div><div><br></div><div>Simon</div><div><br></div><div>PS</div><div><a href="https://www.php.net/mime-content-type">PHP: mime_content_type - Manual</a> seems to suggest the <a href="https://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types">svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types</a> is the source of PHP mime types.<br><br></div></div></div></div></div></div></div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, 25 Dec 2023 at 18:57, Petko Yotov <<a href="mailto:5ko@5ko.fr">5ko@5ko.fr</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 25/12/2023 07:20, Simon wrote:<br>
> My feeling is that all uploads should be denied.<br>
...<br>
> for safety and visibility reasons I support denying uploads<br>
<br>
Agreed, enabled for 2.3.30, and added a new upload error message.<br>
<br>
> When using DragDropMultiUpload the upload never finished and<br>
> never faulted, it just hung.<br>
> Is there any possibility of making this visible to the user?, e.g.<br>
> DDMU fail with an error,<br>
<br>
Yes, the code I committed for 2.3.30, and the prerelease, should show <br>
the message in DDMU.<br>
<br>
Petko<br>
<br>
> On Mon, 25 Dec 2023 at 10:48, Petko Yotov <<a href="mailto:5ko@5ko.fr" target="_blank">5ko@5ko.fr</a>> wrote:<br>
> <br>
>> Apparently on Windows you need to enable the Fileinfo functions in<br>
>> php.ini, see:<br>
>> <br>
>> <a href="https://www.php.net/manual/en/fileinfo.installation.php" rel="noreferrer" target="_blank">https://www.php.net/manual/en/fileinfo.installation.php</a><br>
>> <br>
>> I have now documented this on the UploadVariables page.<br>
>> <br>
>> What should PmWiki do if $EnableUploadMimeMatch is enabled but not<br>
>> Fileinfo?<br>
>> <br>
>> - Act as if $EnableUploadMimeMatch is not enabled. This would work<br>
>> as it<br>
>> did before, other checks will be done.<br>
>> <br>
>> - Deny all uploads, since none can be checked.<br>
>> <br>
>> What do you think?<br>
>> <br>
>> Petko<br>
>> <br>
>> On 24/12/2023 21:28, Simon wrote:<br>
>>> Some time ago I enabled $EnableUploadMimematch [1]<br>
>>> <br>
>>> Recently I see<br>
>>> <br>
>>> [25-Dec-2023 08:25:00 Pacific/Auckland] PHP Fatal error:  Uncaught<br>
>>> Error: Call to undefined function mime_content_type() in<br>
>>> D:\Home\KiwiWiki\pmwiki\scripts\upload.php:405<br>
>>> Stack trace:<br>
>>> #0 D:\Home\KiwiWiki\pmwiki\scripts\upload.php(317):<br>
>>> UploadVerifyBasic()<br>
>>> #1 D:\Home\KiwiWiki\pmwiki\pmwiki.php(546): HandlePostUpload()<br>
>>> #2 D:\Home\KiwiWiki\pmwiki\pmwiki.php(533): HandleDispatch()<br>
>>> #3 {main}<br>
>>> thrown in D:\Home\KiwiWiki\pmwiki\scripts\upload.php on line 405<br>
>>> <br>
>>> just wondering if anyone had an idea why?<br>
>>> <br>
>>> and seasons holiday's greetings from the summery south<br>
>>> <br>
>>> Simon<br>
>>> <br>
>>> <br>
>>> <br>
>>> Links:<br>
>>> ------<br>
>>> [1]<br>
>>> <br>
>> <br>
> <a href="https://www.pmwiki.org/wiki/PmWiki/UploadVariables#EnableUploadMimeMatch" rel="noreferrer" target="_blank">https://www.pmwiki.org/wiki/PmWiki/UploadVariables#EnableUploadMimeMatch</a><br>
>>> _______________________________________________<br>
>>> pmwiki-devel mailing list<br>
>>> <a href="mailto:pmwiki-devel@pmichaud.com" target="_blank">pmwiki-devel@pmichaud.com</a><br>
>>> <a href="http://www.pmichaud.com/mailman/listinfo/pmwiki-devel" rel="noreferrer" target="_blank">http://www.pmichaud.com/mailman/listinfo/pmwiki-devel</a><br>
> <br>
> <br>
> Links:<br>
> ------<br>
> [1] <a href="https://www.pmwiki.org/wiki/Cookbook/DragDropMultiUpload" rel="noreferrer" target="_blank">https://www.pmwiki.org/wiki/Cookbook/DragDropMultiUpload</a><br>
> [2] <a href="https://www.php.net/manual/en/fileinfo.installation.php" rel="noreferrer" target="_blank">https://www.php.net/manual/en/fileinfo.installation.php</a><br>
</blockquote></div>