Manual talk:Configuring file uploads

MediaWiki's $wgEnableUploads vs. PHP's file_uploads
How come when editing MediaWiki's $wgEnableUploads between true and false becomes noticeable immediately (unable to upload vs. upload enabled) but editing PHP $file_uploads (if already 'on') is not impacting/denying my upload experience at all?

End User

 * Who is the "end user"; someone accessing the wiki using a web browser, or a local user on the machine running the wiki?

In this case, "end user" refers to the user accessing the wiki using a web browser.

File Types

 * Are file uploads only for images, or for any type of file?

You can configure MediaWiki to accept additional file types using the $wgFileExtensions configuration setting.

Chmod

 * Shouldn't the chmod for the upload directory be 744? That gives rwxr--r--.  755 gives r-x, which I thought was what we were trying to avoid...


 * Execute privilege on directories is required to access files inside them. (Yes, this is confusing. Blame AT&T.) --Brion VIBBER 00:47, 19 February 2006 (UTC)

There are pages on this site that say 744,755,777. Could someone explain wich to use when?

The important thing is that the webserver has write access. Thus if the upload directory is owned by the webserver user ( e.g. www-data ) 755 would suffice. If the webserver is not owner, but is in the group owning the directory, 775 would be better. 777 is the extreme case where all users on the system have full access. In most cases this would not be advisable.

Making Uploads Lowercase
Does anyone have any idea how to allow files to be uploaded and named with lowercase letter, for some reason all uploaded file default to a capital letter for the first letter of the file name? 24.3.123.174 21:13, 3 May 2006 (UTC)
 * wuh. just under a year response time. Anywho: A technical limitation of Mediawiki is that all pagenames have to start with an uppercase letter. this is most likely the cause for all files beeing renamed.195.230.62.186 12:24, 2 May 2007 (UTC)

The file is corrupt or has an incorrect extension. Please check the file and upload again.
I did as mentioned.

It's a little frustrating, but it seems like mediawiki does not bother that I changed settings in localsettings.php.

I added zip as an extension, than I turned off the extension check, then I turned of mime check etc.

Still I can only upload images and no zip files.

what to do?

How I fixed it
I had to set $wgVerifyMimeType=false; in my LocalSettings.php which means my mime types are probably screwed up. Its an symptomatic fix to a bigger problem, i suspect.


 * Perhaps have a look at Manual:Mime type detection -- Duesentrieb ⇌ 11:10, 6 March 2007 (UTC)

".[FILE EXTENSION]" is not a recommended image file format.
I have set file extensions to allow wmv and avi, set $wgStrictFileExtensions=false; and $wgVerifyMimeType=false in LocalSettings.php, but get the message " ".avi" is not a recommended image file format. " (same for .wmv) when I try to upload avi (and wmv) files. Files sizes are under the cap in php.ini. I have not problems uploading static image files (eg .jpg, .png).


 * With $wgStrictFileExtensions=false, you will still get that warning, but should be able to override it ("upload anyway" or some such). $wgVerifyMimeType=false has nothing to do with this, it just tells MediaWiki not to check if the file actually is an avi file (failing that test would result in a different error message though). -- Duesentrieb ⇌ 11:45, 21 April 2007 (UTC)


 * Thanks for the speedy response. Unfortunately no override option appeared on the screen.  I just got "Upload warning" header above the "not a recommended image file format" message.  This also happened when I check "Ignore any warnings" on the upload screen.  However, I then rearranged the order of in LocalSetting.php so that $wgStrictFileExtensions=false appeared before $wgEnableUploads=true and $wgFileExtensions = ....  I can now upload video files without any difficulties.


 * Turning of $wgStrictFileExtensions seems a little dangerous. I fixed a similar problem I was having with xls files by adding the following line to mime.types:


 * application/msword xls</tt>


 * Depending upon the mime detection engine on your server, certain types are misidentified. The true solution is to fix the engine, but this is a pretty safe alternative. - dan

MUst be server pixies then. -- Duesentrieb ⇌ 13:21, 21 April 2007 (UTC)

This file is bigger than the server is configured to allow
How do you change the maximum allowed size of a file for uploading?

This is what I have in my php.ini:

upload_max_filesize = 250M
 * Maximum allowed size for uploaded files.

(default was 2 MB)


 * YOu may also have to change post_max_size or max_post_size or some such. Apache itself might also have a limit set. And keep in mind that you have to restart apache for any changes to the php configuration to take effect. -- Duesentrieb ⇌ 11:08, 6 March 2007 (UTC)

Linking to .mov files (Quick Time) won't work
After: allowing uploading of .mov files to my wiki, successfully uploading a certain .mov file and watching it from the page I've been directed to, I found my wiki won't link to it. If I type, for instance, [[Media:Example.mov]] (assuming my .mov file's named Example), I'd get a red link, leading to "Upload file" page. What am I doing wrong? --87.69.58.71 17:53, 4 November 2006 (UTC)

Upload Priviledges
Is there a way to set it so that only SysOp can upload files?
 * Try meta:Uploading_files --Flominator 07:26, 29 January 2007 (UTC)

anonymous uploads
Is there a way to allow users to upload files without logging in?

That'd be a great help for corporate environments where only a limited number of people can access the wiki (server) anyway...

>This can be done by editing the SepcialUpload.php file in the includes folder. If you comment out both the $wgOut->errorPage('uploadnologin'.... line and the return line, users will not have to login to reach the upload form.

In which file is variable $wgFileExtensions?
Im trying to change my extensions list, but it is not in LocalSettings? Where is it?
 * The default is set in includes/DefaultSettings.php. But you shouldn't change it here. Just copy the line into your LocalSettings.php and alter it the way you like here. The intention for this procedure is just that the DefaultSettings is responsible for everything that is NOT explicity set by yourself. Also if you like to make an update someday you won't destroy your current settings, cause the LocalSettings.php won't be touched through an update.

Check directory security
In the manual page, it says under "Check directory security" that "The upload directory needs to be configured so that it is not possible for an end user to upload and execute other scripts, which could then exploit access to your web directory and damage your wiki or web site."

Unfortunately, the PHP function that makes subdirectories is:

and many places that call this use the fault mode 0777 which is world-writable. For example, everywhere in Image.php it uses one argument calling this method, such as:

The consequence of this is that every directory recursively under images is world-writable. The files themselves seem to be fine (mode 644), however, any user who can login to the system on which the MediaWiki instance is running can copy or destroy files at will.

Can we get wfMkdirParents (and everywhere that 0777 is passed to that method) to use a mode of 0755 instead? --Caswick 21:09, 15 March 2007 (UTC)

How to link "other" file types on pages?
Case 1 - When i want to upload images, i follow the following steps Simple.
 * go to page edit
 * write a suitable name
 * make it into an image link by clicking the 6th button from the left on the edit menu
 * save page
 * view page, the link is shown in red.
 * click it and upload the image

But with file types other than images,it give an error as to "not a jpeg format", there is no such option. I have to link the thing by copy/pasting the exact names everytime. There must some other way around! Please help me on this !! --Ankit.madan 07:12, 21 August 2007 (UTC)

Error when uploading from URL
Fatal error: Call to undefined function curl_init in /path/to/wiki/includes/SpecialUpload.php on line 165

Any idea what could cause this? I've googled it, but it seems only the chinese have experiences this problem. Using MW 1.11 - followed the directions on the configuration page. Regular uploads work fine.

Folder permissions & SUPHP
If you are using suphp you might want to check the suphp configuration file ( /etc/suphp.conf )

and ensure the Umask value is set to something sane (so when the folders get created they get the proper permissions)

umask=0022
 * Umask to set, specify in octal notation

Multiple Uploads
Is it possible to upload multiple files at one time (like for a photo gallery) rather than uploading each file individually? Or if I FTP them to my server without using MediaWiki's upload page, can I still use the &lt;gallery&gt; tags to display them somehow?


 * There's Extension:MultiUpload, havn't tried it though. If you upload files directly to the server using FTP or SCP or whatever, you have to import them into MediaWiki to make them work wiki-style: That is done using maintenance/importImages.php but it requires shell access. I believe some of the bots that exist for mediawiki also support file upload, but I havn't looked into that. There's also the commonist upload tool, which was designed for wikimedia commons, but can be adopted to other sites as well.
 * HTH -- Duesentrieb ⇌ 06:56, 11 April 2008 (UTC)


 * Thanks so much for the info! I do have shell access, and I think FTP and import would probably the fastest for lots of images. I may use MultiUpload as well - it would be nice if I had just a few files.

Imges File Names
I'm webmaster of http://venciclopedia.com, a Spanish language wiki. We recently moved from one hosting server to another and it took us weeks to finish the migration because of problems with the names of some images. The main problem was that our former hosting (yahoo) didn't allow the creation of files or folders with certain characters, but wiki did it anyway and we didn't care until we moved away. Our former wiki could read the folders and images in them, but we could not see them or ftp them out of yahoo because of invalid characters in the names.

This was most likely solved by our move to a new hosting and upgrade to the latest wiki, but after so many problems I simply don't want to risk it. My question: There's way to forbid users from uploading files with names containing symbols (as in #, @, etc) and accented words (as in "ó")?

Right now we are running with a modification I did to Specialupload.php in line 426, where I changed this: $filtered = preg_replace ( "/[^".Title::legalChars."]|:/", '-', $filtered ); To this: $filtered = preg_replace ( "/[^a-z0-9\\040\\.]|:/i", 'x', $filtered );

With this change users cannot upload files with symbols or accented words, but they still can upload the "ugly" and nondescriptive file names created by my patch. Meaning, words with a bunch of X's where the symbols or accented words used to be.


 * So, is there a way to just reload the page and say, Please change your filename, such and such characters are invalid?
 * Is there a way to transform accented words like "ó" into plain "o"s?

In Especial:Allmessages I found a message titled illegalfilename that warns against using invalid characters, so I guess there's some sort of option without having to change Specialupload.php directly.

Thanks in advance, here's my upload page in case you need to test it. http://venciclopedia.com/index.php?title=Especial:Upload

--Mark 09:55, 25 April 2008 (UTC)