Manual:Configuring file uploads/ru

MediaWiki поддерживает загрузку и интеграцию медиа-файлов. Эта страница описывает технические аспекты этой возможности, см. и для получения общей информации об использовании.

Начиная с версии 1.1, в MediaWiki загрузка изображений, по-умолчанию, отключена. Вы можете активировать эту функцию, но, для начала, проверьте требования:

Требования


Убедитесь, что загрузка активирована в PHP-конфиге
В должно быть указано следующее:

Если этот параметр не активирован - PHP-скрипты не смогут использовать функции загрузки файлов.

Если задана директива open_basedir, она должна содержать как папку загрузки назначения в вашей установленной MediaWiki («{$IP}/images»), так и папку «upload_tmp_dir» (системная папка по умолчанию, если она не установлена). Добавление 'upload_tmp_dir' может избежать сообщений типа Не удалось найти файл "/var/tmp/php31aWnF" (где в этом примере 'upload_tmp_dir' есть '/var/tmp'). Подробнее о загрузке файлов в PHP читайте Основы загрузки файлов и, в частности,.

Check for Windows and IIS users
Set  to have permissions for the Internet Guest Account ( _MachineName, or   for IIS 7+): Read, write and execute;



Проверьте права доступа
Права доступа на каталог загрузки должны быть настроены так, чтобы обычный пользователь не имел возможности загрузить и выполнить другие скрипты, способные навредить вашему сайту.

Set the  folder (or the   folder in previous versions) to have permission "755":


 * User can read, write and execute;
 * Group can read and execute;
 * World can read and execute.

If using, make sure to adjust the ACLs accordingly (see there).

Check webserver security
See Manual:Security for changes to make to your webserver configuration to prevent uploaded files from executing code or having browsers execute malicious files.


 * Restrict directory listing on images folder

If you don't want a public user to list your images folder, an option is to set this up in your apache configuration:

Check .htaccess file
The  directory in the MediaWiki installation folder contains an .htaccess file with some configurations on it. The goal of this file is to make the upload folder more secure, and if you place your upload directory somewhere else, it's recommended to also copy the .htaccess file to the new location, or apply that configuration on the server directly. However, some of those configurations may cause conflicts or errors, depending on how the server is configured.

Some things to take into account:

If that's the case, you should comment-out the lines, and apply those directives directly on the server configuration files. The directives that are most likely causing the problems are  —which prevents HTML and PHP files from being served as HTML—, and   —which would prevent PHP files from being parsed and executed on the server as such.
 * If the server doesn't allow to set or override directives in .htaccess files, accessing any file under that folder may result in a generic "HTTP 500 error".



Включение/отключение загрузки файлов
Установите нужное значение параметра $wgEnableUploads (в LocalSettings.php) для активации функции загрузки файлов:

Чтобы отключить загрузку файлов установите значение параметра в false:

Using a central repository
InstantCommons is a feature, enabled with a configuration change, which gives you immediate access to the millions of free (freely licensed) files in Wikimedia Commons.



Ограничение загрузки файлов
По-умолчанию, все зарегистрированные пользователи могут загружать файлы. Чтобы ограничить это - измените значение параметра :


 * To prevent normal users from uploading files:


 * To create a special group called "uploadaccess", and allow members of that group to upload files:


 * To allow "autoconfirmed" (non-newbie) users to upload files:

Право заменять существующие файлы даётся разрешением - :


 * To prevent normal users from overriding existing files:


 * To allow "autoconfirmed" (non-newbie) users to replace existing files:

If a ForeignFileRepo is set, the right to replace those files locally is handled by an special permission, called :


 * To prevent normal users from overriding filerepo files locally:


 * To allow "autoconfirmed" (non-newbie) users to replace filerepo files locally:

Для детальной информации о правах пользователей смотрите Help:User rights и Manual:Preventing access - для получения информации об ограничении доступа.



Настройка типов файлов
Чтобы разрешить загрузку какого-либо типа файлов, добавьте его расширение в $wgFileExtensions. К примеру, параметр $wgFileExtensions может выглядеть так

или

или

However, certain file extensions are prohibited (, formerly for MediaWiki 1.36 and earlier) and cannot be uploaded even if added to $wgFileExtensions. To upload files with prohibited extensions, you must modify. For instance, to allow users to upload executables:

In addition, (formerly ) prevents certain file types based on MIME type; .zip files, for example, are prohibited based on MIME type (MediaWiki version 1.14 up to 1.17).

Вы также можете установить

для разрешения загрузки большинства файлов. Ограничение будет продолжать действовать на некоторые запрещённые типы файлов (см. загрузка файлов - не изображений)..

Если вы получаете ошибку "The file is corrupt or has an incorrect extension", убедитесь что определение MIME типов работает корректно.

If you decide to allow any kind of file, make sure your mime detection is working and think about.

To enable zip extension (tested in MediaWiki v1.19.23) the following will be necessary in the file:

Log in
By default anonymous uploads are not allowed. You must register and log in before the upload file link appears in the toolbox.

Миниатюры
Для получения информации об автоматической генерации миниатюр, смотрите Manual:Image_thumbnailing. For problems with thumbnailing, see Image Thumbnails not working and/or appearing.

If the file is not visual (like an Image or Video) a fileicon is used instead. These are generated by the  function in the File class in the FileRepo group. Icons stored in " " in a " "-format.



Максимальный размер загружаемого файла
Browsers tell the server the size of the file to be uploaded before it actually sends the file.

If the upload is too big, it is rejected by the target (server) and the upload fails providing multiple errors depending at which layer the limit was imposed:


 * If it's a server limit (nginx, Apache) on the maximum amount of transmitted data, it may simply fail with a HTTP 500 error or HTTP 413 – Request entity too large.
 * If the limit it's at the PHP level, if post_max_size is hit, you may get a generic HTTP 500 error (or simply a blank page) otherwise, MediaWiki should give a more meaningful error message.



По умолчанию настройки ограничивает размер загружаемых файлов до 2 мегабайт (и максимальный размер операции отправки до 8 мегабайт). Если необходимо загрузить файл большего размера, измените параметр post_max_size в php.ini и upload_max_filesize.


 * , 8 megabytes large by default
 * , 2 megabytes large by default

Для этого могут потребоваться права администратора - если же ваш сайт находится на стороннем сервере, обратитесь к техподдержке хостинга.

The location of the php.ini file varies on the distribution you are using. See for instructions for locating php.ini used by your server.
 * Locating the php.ini file :

If you have more than one website hosted on a server and want to change only for MediaWiki, insert into your /etc/apache2/sites-enabled/your_wiki_site.com inside &lt;Virtual Host&gt;:
 * Multiple websites hosted on a server :

Both above settings also work in a .htaccess file if your site uses mod_php. If your site uses PHP >= 5.3 and allows it, you can place php.ini directives in .user.ini files instead.


 * web server limits :

Your web server may impose further limits on the size of files allowed for upload. For Apache, one of the relevant settings is LimitRequestBody. For Nginx, client_max_body_size is the relevant setting. For Lighttpd, server.max-request-size is what may need modification.

Ubuntu 16.04:

(sudo /etc/init.d/php5-fpm restart in Linux, for example.)


 * uploading too large of files warning :

MediaWiki покажет предупреждение, если вы попытаетесь загрузить файл, размером превышающем установленный лимит в параметре $wgUploadSizeWarning. Это ограничение не зависит от жёсткого лимита PHP. This is independent of the hard limit imposed by PHP.


 * temporary upload limits :

Temporary changes to upload limits (when using multiple wikis on a farm, for example) can be altered by adding the lines:

to the MediaWiki LocalSettings.php configuration file for each wiki. In this example the PHP limit is set at 50 Mb. Note that these settings will not override the maximum settings set above (since the core php.ini and apache2 php.ini files set the absolute maximum). This method sets maximums that are less than the absolute maximum.


 * IIS7 лимит загруки

  

With the above maxAllowedContentLength, users can upload files that are 50,000,000 bytes (50 MB) in size. This setting will work immediately without restarting IIS services. The web.config file is located in the root directory of your web site.

To allow uploading files up to 2G:

add the following lines to LocalSettings.php:

Also, modify the following lines in :

In the IIS web.config file, override the value of maxRequestLength. For example, the following entry in web.config allows files that are less than or equal to 2 gigabytes (GB) to be uploaded:

With IIS 7, you also need to configure it to allow large uploads. This is found by clicking “Request Filtering > Edit Feature Settings” in the IIS section in the middle of the window. Set the ”Maximum allowed content length (Bytes)” field to 2147482624. If you don’t see "Request Filtering" in the IIS section, it needs enabled via Internet Information Services > World Wide Web Services > Security in the "Turn Windows features on or off" area in Control Panel.

If the above tip does not enable large uploads, then open a command prompt and execute this command as well:

Allowing Java JAR Uploads
By default, MediaWiki will scan all uploads that appear to be ZIP archives and reject any that contain Java .class files. This is a security measure to prevent users uploading a malicious Java applet. For non-public sites only, use the following to disable this check:

This setting can be used as a work around for allowing mimetypes to be accepted indiscriminately. For example, if you attempt to upload a .doc file created by Word 2007, no matter the text list you provide and mimetype checking you invoke or prohibit, you will receive the message:


 * The file is a corrupt or otherwise unreadable ZIP file. It cannot be properly checked for security.

.doc files saved by Word 2007 (and possibly later versions) contain a small embedded ZIP archive storing metadata that is not representable in the binary .doc format as used by earlier versions of Word. This embedded ZIP data confuses the Java archive scanner, causing the .doc file to be rejected. Files in the newer .docx file format are valid ZIP archives in their entirety, and can be uploaded successfully without setting.



Загрузка файлов напрямую с других сайтов
Если вы хотите разрешить пользователям загружать файлы напрямую с других сайтов, вместо копирования файла на локальный компьютер, установите.

By default, upload by URL are only possible using the API (or extensions such as ). To make the option usable from Special:Upload, you need to set to  as well. On the upload form, you will then see an additional field for the URL, below the usual filename field. The URL field is greyed out per default, but can be activated by activating the radiobutton (checkbox) to the left of the field.

In order to use this feature, users must have the user right. This right was granted to sysops by default until MediaWiki 1.20 but it now needs to be granted explicitly. To allow this to normal users, set Keep in mind that allowing uploads directly from an arbitrary location on the web makes it easier to upload random, unwanted material, and it might be misunderstood as an invitation to upload anything that people might come across on the web.

Mass uploading
A number of tools are available for uploading multiple files in one go rather than each file separately:

Upload directory
Whenever an image is uploaded, several things are created:

This page is stored and can be edited like any other page. These are stored in the thumb directory of the image directory, in a separate directory for each main file.
 * 1) An article in the file namespace with the name of the file, e.g. File:MyPicture.png.
 * 1) The file itself is stored into the folder on the file system, which is configured in  or into one if its subfolders (see below).
 * 1) If thumbnailing is available, thumbnailed versions of the file will be created when necessary (such as for the usage on the file description page.

If is enabled (by default), MediaWiki creates several subdirectories in the images directory.

If  is set to , uploaded files will be distributed into sub-directories of $wgUploadDirectory based on the first two characters of the md5 hash of the filename. (e.g. $IP/images/a/ab/foo.jpg) Creation of such subdirectories is handled automatically. This is used to avoid having too many files in one folder because some filesystems don't perform well with large numbers of files in one folder.

If you only maintain a small wiki with few uploaded images, you could turn this off by setting, all images are uploaded in $wgUploadDirectory itself. (e.g. $IP/images/foo.jpg)

Multiwiki sites

 * Make sure you've changed the site location in LocalSettings.php from, e.g. /var/lib/mediawiki to wherever your installation is, and created a writeable images directory (most of the rest can be symlinked).

Not doing so will mysteriously break image uploads.

Configuring the upload form
The upload form message provided with the default MediaWiki installation (which appears when you click "Upload file" link or go to Special:Upload link) may not go very well for you.

For that case you can edit MediaWiki:Uploadtext contents and provide your own text. If your wiki site is multilanguage don't forget to edit localized versions like MediaWiki:Uploadtext/de.

On the MediaWiki:Licenses page you can customize a drop-down list of licenses for uploads of your site. See the documentation of this feature.

Take into account that localized versions like MediaWiki:Licenses/de won't work by default. To enable them you must configure the variable.

Edit MediaWiki:Upload-default-description to add an initial text to the "Summary" field of your upload form (for example your wiki site has a universal template for upload summaries and you want everyone to use that template).



Известные проблемы на Windows
Запуск MediaWiki на сервере Windows имеет некоторые ограничения в разрешенных именах файлов из-за ошибки PHP. PHP не может корректно обрабатывать имена файлов с не-ascii-символами, а MediaWiki будет отказываться загружать файлы, содержащие такие символы, чтобы предотвратить прерывистую загрузку, с сообщением .

Since MediaWiki 1.31 MediaWiki can handle filenames with non-ascii characters if it's using PHP 7.1 or later.



Известные проблемы с именами баз данных, которые являются non-alphanumeric символами
If  contains non-alphanumeric characters, uploads may fail with errors like Could not create directory "mwstore://local-backend/local-public/&lt;path&gt;". . This is caused by an internal check for valid container name for file backend, but it's constructed using.

Since MediaWiki 1.26, it allows uploads when contains dots.



См. также

 * Security section Upload security
 * Manual:Configuration settings#Uploads for a list of all configuration variables related to file uploads
 * - similar list as a category (ordered alphabetically)
 * You see a blank page when trying to upload a file
 * Adding support for new filetypes