Can upload doc and pdf but not ppt – not permitted for security reasons

1 Views

“Insert search engine here” was pretty useless for this one – I’ve had a look through wp-includes/functions.php, wp-admin/includes/file.php etc. but not found a reason for the behaviour I’m getting.

I’m running multisite, and when I upload a .doc or .pdf I don’t have a problem. When I upload a .ppt – regardless of the actual filename or mimetype (i.e. a .ppt renamed to .txt, a .txt renamed to .ppt) – I’m told “Sorry,this file type is not permitted for security reasons” with little other explanation.

Read More

Do I need to modify the mimes table, add an override (and if so, what’s the syntax for this), or is it something in my Apache conf? I’ve done some funny fiddling to try and lock things down in a few places, possibly blocking .pot files.

Post Views: 1

Related posts

Leave a Reply

2 comments

  1. Found it while digging around in multisite network admin settings: there is a setting called “Upload file types” (in the database it’s the row with meta_key = “upload_filetypes” in the wp_sitemeta table) which contains a list of allowed filetypes. Adding “ppt” to the list allows them to be uploaded.

  2. WordPress doesnt appear to have anywhere to change these setting other than what you have done by doing it in the DB. But have you tried using this code?

    <?php
add_filter('upload_mimes', 'custom_upload_mimes');
function custom_upload_mimes ( $existing_mimes = array() ) {
    // add your extension to the array
    $existing_mimes['ppt'] = 'application/vnd.ms-powerpoint';
    // or: $existing_mimes['ppt|pot|pps'] = 'application/vnd.ms-powerpoint';
    // to add multiple extensions for the same mime type
    // add as many as you like
    // removing existing file types
    unset( $existing_mimes['exe'] );
    // add as many as you like
    // and return the new full result
    return $existing_mimes;
}
?>

    Use that code in your themes functions file. The filter upload_mimes apparently lets you set other allowed upload extensions and also correctly sets the extension mime type for use in WP. Plus the benefit of doing it this way is that its upgrade safe.

    If you need a list of mime types: http://www.w3schools.com/media/media_mimeref.asp