Manual:Configuring file uploads/zh

MediaWiki 支持上传和整合媒体文件 本页描述此特性的技术方面，一般使用方面请看 和 Help:Images

出于安全考虑，从 1.1版起 MediaWiki 中的上传功能默认是禁用的. 通过配制可以启用上传功能，但建议你先检查确认一下先决条件.

确保上传功能在 PHP 中启用
中需有如下设置

如无此设置，PHP脚本中不能使用上传功能，并且MediaWiki的上传也不能启用.

如果启用了"open_basedir" 项，那么此项须包含： 1、你的 MediaWiki 中用于存储上传文件的文件夹(即"{$IP}/images") 2、'upload_tmp_dir' 项设置的文件夹（如果未设此项则需包含系统默认的上传临时文件的文件夹） 添加'upload_tmp_dir'可以避免像找不到文件/var/tmp/php31aWnF这样的消息（在这个例子中'upload_tmp_dir'是'/var/tmp'）. 阅读文件上传基础知识，特别是了解有关PHP文件上传的更多信息.

注意：变量的形式值是 boolean|布尔表达式. PHP将每个未被识别为False值的字符串视为true，因此经常使用的“on”值会产生相同的结果.

Windows 与 IIS 用户检查
设置 拥有Internet来宾帐户的权限（ _MachineName或对于IIS 7+： ）：读、写、执行

检查目录安全性
需要配置上传目录，以便最终用户无法上传和执行其他脚本，这些脚本可能会利用对您的Web目录的访问权并损坏您的Wiki或Web站点.

设置 文件夹（或以前版本中的 文件夹）以获得权限“755”：
 * 用户可以读、写和执行.
 * 组可以读和执行.
 * 任何人都可读和执行.

如果使用安全模式，请确保该目录由用于运行php脚本的用户（即apache用户或suphp脚本所有者）拥有.

如果使用CentOS 6或Mageia，则chown命令中的所有者应为apache:apache而不是www-data:www-data.

如果使用SELinux，请确保相应地调整ACL（请参阅此处）.

如果使用suphp，请确保在/etc/suphp.conf中将umask设置为0022（或更低）.

如果您不希望公共用户列出您的images文件夹，可以选择在apache配置中进行设置：
 * 限制images文件夹上的目录列表

检查 .htaccess 文件
MediaWiki安装文件夹中的 目录包含一个.htaccess文件，其中包含一些配置. 此文件的目标是使上载文件夹更安全，如果将上载目录放在其他位置，建议还将.htaccess文件复制到新位置，或直接在服务器上应用该配置. 但是，其中一些配置可能会导致冲突或错误，具体取决于服务器的配置方式.

需要考虑的一些事情:


 * 如果服务器不允许在.htaccess文件中设置或覆盖指令，则访问该文件夹下的任何文件可能会导致通用的“HTTP 500错误”. 如果是这种情况，您应该注释掉行，并将这些指令直接应用于服务器配置文件.  最有可能导致问题的指令是$ AddType，它阻止HTML和PHP文件作为HTML和 ，这将阻止PHP文件在服务器上被解析和执行.
 * 在MediaWiki 1.27之前，如果您有一个自定义404处理程序来使用脚本生成缩略图，则此.htaccess文件中的重写规则可能会禁用以前的规则，因为它缺少 选项（）.

设置上传开启/关闭
在MediaWiki 1.5及更高版本中，要设置的属性位于LocalSettings.php中，设置如下：

这可以实现上传，正如人们所预料的那样. 要禁用它们，请将该属性设置为false：

在旧版本的软件中，要设置的属性位于LocalSettings.php中，但是是向后的，即. 默认如下所示：

反转值以启用上传：

使用一个中心存储库
InstantCommons是一项功能，通过配置更改启用，可让您立即访问维基共享资源中的数百万免费（免费许可）文件.

上传权限
默认来说，所有已注册用户都可以上传文件. 要限制它，你必须改变$wgGroupPermissions：


 * 防止普通用户上传文件：
 * 要创建一个名为“uploadaccess”的特殊组，并允许该组的成员上传文件：
 * 允许自动确认用户上传文件：

替换现有文件的权利由额外的权限处理，称为 :


 * 防止普通用户覆盖现有文件：
 * 允许自动确认用户覆盖已存在的文件：

如果设置了ForeignFileRepo，则在本地替换这些文件的权限由特殊权限处理，称为 ：


 * To prevent normal users from overriding filerepo files locally:


 * To allow "autoconfirmed" (non-newbie) users to replace filerepo files locally:

See Manual:User rights for details on user rights, and Manual:Preventing access for more information about restricting access.

设置文件种类
You can add $wgFileExtensions in LocalSettings.php to allow uploads of other desired file types. For example, you can change the $wgFileExtensions line to look something like

或

或

However, certain file extensions are blacklisted ($wgFileBlacklist) and cannot be uploaded even if added to $wgFileExtensions. To upload files with blacklisted extensions, you must modify the blacklist. For instance, to allow users to upload executables:

In addition, $wgMimeTypeBlacklist prevents certain file types based on MIME type; .zip files, for example, are prohibited based on MIME type (MediaWiki version 1.14 up to 1.17).

You can also set $wgStrictFileExtensions

to allow most types of file to be uploaded. However, blacklisted filetypes and MIME types will still not be permitted.

If you are getting the error "The file is corrupt or has an incorrect extension", make sure mime type detection is working properly.

If you decide to allow any kind of file, make sure your mime detection is working and think about enabling virus scans for uploads.

To enable zip extension (tested in MediaWiki v1.19.23) the following will be necessary in the LocalSettings.php file:

登录
By default anonymous uploads are not allowed. You must register and log in before the upload file link appears in the toolbox.

图片缩略图
有关图像自动显示/以缩略图显示的信息,请参见. For problems with thumbnailing, see Image Thumbnails not working and/or appearing.

If the file is not visual (like an Image or Video) a fileicon is used instead. These are generated by the  function in the File class in the FileRepo group. Icons stored in " " in a " "-format.

为文件上传设定最大限制
By default, the configuration code in limits the size of files to be uploaded to 2 megabytes (and the maximum size of a post operation to 8 megabytes). To allow uploading of larger files, edit these parameters in php.ini:
 * , 8 megabytes large by default
 * , 2 megabytes large by default

这可能需要服务器的根用户权限. (If you are on a shared host, contact your server administrator.)

The location of the php.ini file varies on the distribution you are using. (Try "locate php.ini" or "php -i" to find the location of your config file.)
 * 找到 php.ini 文件

It is important to change the php.ini file in the apache2 folder. For example, there may be a core default php.ini at  as well as one at. If you are using mod_php (most common), the most likely location for the correct php.ini file is in  or. 对于php-fastcgi，编辑/etc/php5/cgi/php.ini.

If you have more than one website hosted on a server and want to change only for Mediawiki, insert into your /etc/apache2/sites-enabled/your_wiki_site.com inside :
 * 同一服务器上架设的多个网站

Both above settings also work in a .htaccess file if your site uses mod_php. If your site uses PHP >= 5.3 and allows it, you can place php.ini directives in .user.ini files instead.


 * web 服务器限制

Your web server may impose further limits on the size of files allowed for upload. For Apache, one of the relevant settings is LimitRequestBody. For Nginx, client_max_body_size is the relevant setting. For Lighttpd, server.max-request-size is what may need modification.

Ubuntu 16.04:

(sudo /etc/init.d/php5-fpm restart in Linux, for example.)


 * uploading too large of files warning

MediaWiki itself issues a warning if you try to upload files larger than what is specified by $wgUploadSizeWarning option. This is independent of the hard limit imposed by PHP.

Temporary changes to upload limits (when using multiple wikis on a farm, for example) can be altered by adding the lines:
 * 临时上传限制

to the MediaWiki LocalSettings.php configuration file for each wiki. 在这个例子中，PHP 限制被设定为 50 MB. Note that these settings will not override the maximum settings set above (since the core php.ini and apache2 php.ini files set the absolute maximum). This method sets maximums that are less than the absolute maximum.


 * IIS7 上传限制

  

With the above maxAllowedContentLength, users can upload files that are 50,000,000 bytes (50 MB) in size. This setting will work immediately without restarting IIS services. The web.config file is located in the root directory of your web site.

允许最大到 2G 的文件上传:

将以下文本加入至LocalSettings.php：

并且， 修改 这些行在 PHP.INI 中:

In the IIS web.config file, override the value of maxRequestLength. For example, the following entry in web.config allows files that are less than or equal to 2 gigabytes (GB) to be uploaded:

With IIS 7, you also need to configure it to allow large uploads. This is found by clicking “Request Filtering > Edit Feature Settings” in the IIS section in the middle of the window. Set the ”Maximum allowed content length (Bytes)” field to 2147482624. If you don’t see "Request Filtering" in the IIS section, it needs enabled via Internet Information Services > World Wide Web Services > Security in the "Turn Windows features on or off" area in Control Panel.

If the above tip does not enable large uploads, then open a command prompt and execute this command as well:

允许 Java JAR 上传
By default, MediaWiki will scan all uploads that appear to be ZIP archives and reject any that contain Java .class files. This is a security measure to prevent users uploading a malicious Java applet. For non-public sites only, use the following to disable this check:

This setting can be used as a work around for allowing mimetypes to be accepted indiscriminately. For example, if you attempt to upload a .doc file created by Word 2007, no matter the ext list you provide and mimetype checking you invoke or prohibit, you will receive the message:


 * The file is a corrupt or otherwise unreadable ZIP file. It cannot be properly checked for security.

.doc files saved by Word 2007 (and possibly later versions) contain a small embedded ZIP archive storing metadata that is not representable in the binary .doc format as used by earlier versions of Word. This embedded ZIP data confuses the Java archive scanner, causing the .doc file to be rejected. Files in the newer .docx file format are valid ZIP archives in their entirety, and can be uploaded successfully without setting.

直接从 URL 上传 ("Sideloading")
If you want to allow a user to directly upload files from a URL, instead of from a file on their local computer, set.

By default, upload by URL are only possible using the API (or extensions such as UploadWizard). To make the option usable from Special:Upload, you need to set $wgCopyUploadsFromSpecialUpload to true as well. On the upload form, you will then see an additional field for the URL, below the usual filename field. The URL field is greyed out per default, but can be activated by activating the radiobutton (checkbox) to the left of the field.

In order to use this feature, users must have the user right. This right was granted to sysops by default until MediaWiki 1.20 but it now needs to be granted explicitly. 要对于普通用户允许这个，设置 Keep in mind that allowing uploads directly from an arbitrary location on the web makes it easier to upload random, unwanted material, and it might be misunderstood as an invitation to upload anything that people might come across on the web.

恢复删除图像
Undeleting images is possible as an option since MediaWiki 1.8, and enabled by default since MediaWiki 1.11.

Prior to MediaWiki 1.11, you can enable undeletion of images by setting $wgSaveDeletedFiles = true. Since version 1.11, the behavior is controlled by $wgFileStore, and deleted files are per default stored in $wgUploadDirectory/deleted. Since version 1.17, $wgFileStore has been deprecated and should be used instead.

大规模上传
A number of tools are available for uploading multiple files in one go rather than each file separately:

上传目录
Whenever an image is uploaded, several things are created:


 * 1) An article in the file namespace with the name of the file, e.g. File:MyPicture.png. This page is stored and can be edited like any other page.
 * 2) The file itself is stored into the folder on the file system, which is configured in  or into one if its subfolders (see below).
 * 3) If necessary and thumbnailing is available, thumbnailed versions of the file will be created when necessary (such as for the usage on the file description page. These are stored in the thumb directory of the image directory, in a separate directory for each main file.

If $wgHashedUploadDirectory is enabled (by default), MediaWiki creates several subdirectories in the images directory.

If  is set to , uploaded files will be distributed into sub-directories of $wgUploadDirectory based on the first two characters of the md5 hash of the filename. (e.g. $IP/images/a/ab/foo.jpg) Creation of such subdirectories is handled automatically. This is used to avoid having too many files in one folder because some filesystems don't perform well with large numbers of files in one folder.

If you only maintain a small wiki with few uploaded images, you could turn this off by setting, all images are uploaded in $wgUploadDirectory itself. (e.g. $IP/images/foo.jpg)

多维基站点
Not doing so will mysteriously break image uploads.
 * Make sure you've changed the site location in LocalSettings.php from, e.g. /var/lib/mediawiki to wherever your installation is, and created a writeable images directory (most of the rest can be symlinked).

配置上传表单
The upload form message provided with the default MediWiki installation (which appears when you click "Upload file" link or go to Special:Upload link) may not go very well for you.

For that case you can edit MediaWiki:Uploadtext contents and provide your own text. If your wiki site is multilanguage don't forget to edit localized versions like MediaWiki:Uploadtext/de.

On the MediaWiki:Licenses page you can customize a drop-down list of licenses for uploads of your site.

Take into account that localized versions like MediaWiki:Licenses/de won't work by default. To enable them you must configure the variable.

Edit MediaWiki:Upload-default-description to add an initial text to the "Summary" field of your upload form (for example your wiki site has a universal template for upload summaries and you want everyone to use that template).

参见：

Windows 上的已知问题
Running MediaWiki on Windows server has some restrictions in allowed filenames, due to a PHP bug. PHP can't handle filenames with non-ascii characters on it correctly, and MediaWiki will refuse to upload files containing such characters to prevent broken uploads, with the message .

Since MediaWiki 1.31 MediaWiki can handle filenames with non-ascii characters if it's using PHP 7.1 or later.

Known problems with database names having non-alphanumeric characters
If $wgDBname contains non-alphanumeric characters, uploads may fail with errors like Could not create directory "mwstore://local-backend/local-public/&lt;path&gt;". . This is caused by an internal check for valid container name for file backend, but it's constructed using $wgDBname.

Since MediaWiki 1.26, it allows uploads when $wgDBname contains dots.

参见

 * Security section Upload security
 * Manual:Configuration settings for a list of all configuration variables related to file uploads
 * Category:Upload variables - similar list as a category (ordered alphabetically)
 * You see a blank page when trying to upload a file
 * Manual:Disabling file lock manager in case it's problematic in your installation