FriendsOfFlarum upload, the intelligent file attachment extension

roan

ok, it worked !!

I don't know why there was a need to do this command because I had just done the update

But, changing the version of the plugin did not solve my problem with it. I still get the same message:

Oops! Something went wrong. Please reload the page and try again.

I think I'm going to give up trying to use it, because nobody seems to be able to figure out where the error came from

luceos

roan

roan Uncaught TypeError: ({}) is not a function

This error comes from a failing new update of Flarum and bundled extensions v1.1. It was correct not too long ago though.

I'm not sure what other issue you are encountering? Did you flush your cache? php flarum cache:clear

roan

luceos

Thanks Luceos

The problem about fof/upload is here

I had given up trying to get this plugin to work for a while, and I just found the solution!
by deleting one part of the folder tree.

D-W

luceos Ok then how to handle extensions that don't have mime type specified? I could use octet-stream but this will allow adding other files than I expect and then downloads as *.bin

luceos

D-W all files have a mime type. All of them, you can use file --mime-type <file> on linux systems for instance to retrieve the mime type.

D-W

luceos No success:

luceos

D-W do you have an example file?

D-W

luceos yup here you go - zip with both extensions https://we.tl/t-HCJj5X3KRd

luceos

D-W

luceos thanks however this will allow other octet-stream files to be uploaded am I right? The same with the second one if I will allow text/xml it will also allow *.xml extension plus other XML(ish) formats which isn't expected imho.

luceos

D-W fact 😉 But integrating a check based on file extension would not be any safeguard against other octet-stream files faking their extension. So.. there's that.

D-W

luceos Yes but will prevent unwanted content to some degree. Of course, if someone will try to fake it you won't stop him, however, normal users may try to upload some files without faking it, and if it won't be allowed they just won't. While currently, you don't have even the option to try to prevent such actions.

Actually, the problem lies in MIME itself as image/jpg is narrow and explicit while application/octet-stream can basically everything.

D-W

luceos made a quick run through code but can't find where I could put extension check.
Would you mind pointing me where I could just drop two lines to fit my custom needs?

Ah. Seems I found it here? I should know if it is desired mime if is then check ext and if do not fit throw mime exception. Am I right?

It's interesting that the original upload object detects mime as expected (ofc in my narrow view):

samtto

Pictures larger than 1m cannot be uploaded
Said：The request payload was too large.
and nothing recorded in logs.
Maximum file size (in kilobytes):80000

anyone could tell why ?tks.

clarkwinkelmann

samtto check your PHP/Apache max upload size.

If the file is too large for the webserver, Flarum will never execute and won't be able to log anything. There might be details in the webserver or system log files but requests too large are usually only logged in webserver access logs if enabled.

samtto

clarkwinkelmann TKS,OK NOW.

nginx after "server name"add:
client_max_body_size 10M;

luceos

D-W that's the spot. Not sure how to get the user extension though. I remember symfony having a guess mimetype vs actual file type based on extension, you'd have to dig in I fear. Or just check based on upload name.

D-W

luceos Did it with $upload->getClientOriginalExtension() works as expected now. I still vote for one more string input in plugin settings to include expected extensions optionally as this may really be useful.

As we said due to the broad definition of application/octet-stream potential problems can be avoided this way like people uploading harmful exe (another user of the forum may run it just out of curiosity and boom) or other files when you want just a couple of extensions. I hope you get my point of view.

samtto

When I select multiple files on my mobile phone, only one file is uploaded successfully
am i miss anything ?

clarkwinkelmann

samtto does an error appear for the other files, or are they just ignored?

Did you try multiple devices? Can you report which browser/OS you were using?

samtto

clarkwinkelmann clarkwinkelmann There are no errors reported on the mobile phone, nor on the computer.
nothing records in /storage/logs.

samtto

clarkwinkelmann You can upload in batches on edge computers, but not on mobile phones.try it ou sir.

« Previous Page Next Page »