Hello, I'm interested how to disable to upload the file formats such as. . exe php. ... etc.
I just want to be able to upload images with diferent format (jpg,png,bmp,gif...)
and how to set the maximum file size.
Thank you
How to restrict file format and size when upload
Re: How to restrict file format and size when upload
Hi,
I don't know where to exclude file formats from upload, but you can limit the file size here:
Administration -> Configuration -> Image Conversion Settings -> Max. file upload size
~eni
I don't know where to exclude file formats from upload, but you can limit the file size here:
Administration -> Configuration -> Image Conversion Settings -> Max. file upload size
~eni
Sorry, I'm Late. But I Got Lost On The Road Of Life.
Re: How to restrict file format and size when upload
Thank you for help, i miss that part of panelEni wrote:Hi,
I don't know where to exclude file formats from upload, but you can limit the file size here:
Administration -> Configuration -> Image Conversion Settings -> Max. file upload size
~eni
If there any admin to give the answer how to exclude file formats, because this is big security hole, users can upload anything.
Re: How to restrict file format and size when upload
I see what you mean.... but...
Serendipity, as I see it, is a Blogsystem, not a Forum, with more or less trusted memberships.
If you do not trust your blog writing members, forbid adminImages or adminImagesAdd for this group in general (or create a special group for untrusted users, without adminImages access)!
As far as I know, there is no plugin to extend the finetuning of membership rights to exclude special file formats (IMHO).
Serendipity, as I see it, is a Blogsystem, not a Forum, with more or less trusted memberships.
If you do not trust your blog writing members, forbid adminImages or adminImagesAdd for this group in general (or create a special group for untrusted users, without adminImages access)!
As far as I know, there is no plugin to extend the finetuning of membership rights to exclude special file formats (IMHO).
Regards,
Ian
Serendipity Styx Edition and additional_plugins @ https://ophian.github.io/ @ https://github.com/ophian
Ian
Serendipity Styx Edition and additional_plugins @ https://ophian.github.io/ @ https://github.com/ophian
Re: How to restrict file format and size when upload
Hm, depends on how it's used.
I have set up a blog as base for a school website. The main idea was to have the school newspaper being published online as well, so it ended up with several blog writers of different trust levels - teachers, parents and children (workgroups and single accounts), who used it for different school activity news. Though, it was mainly handled by moderating entries.
I have set up a blog as base for a school website. The main idea was to have the school newspaper being published online as well, so it ended up with several blog writers of different trust levels - teachers, parents and children (workgroups and single accounts), who used it for different school activity news. Though, it was mainly handled by moderating entries.
Sorry, I'm Late. But I Got Lost On The Road Of Life.
Re: How to restrict file format and size when upload
Yes, thats the point.
It has to be moderated, it has to be on somebodies hands!
It is a BLOG, not first of all a CMS system. I just wanted to make clear, why we do not have some more finetuned member settings, ... (by now).
(and yes, I know we all love using serendipity as both...!)
It has to be moderated, it has to be on somebodies hands!
It is a BLOG, not first of all a CMS system. I just wanted to make clear, why we do not have some more finetuned member settings, ... (by now).
(and yes, I know we all love using serendipity as both...!)
Regards,
Ian
Serendipity Styx Edition and additional_plugins @ https://ophian.github.io/ @ https://github.com/ophian
Ian
Serendipity Styx Edition and additional_plugins @ https://ophian.github.io/ @ https://github.com/ophian
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Re: How to restrict file format and size when upload
Hi!
The s9y core has an exclusion system that should already filter out most active contnet:
in include/functions_image.inc.php.
You can also see there's an event API hook, so you can create any custom plugin that listens on backend_media_check and modify $eventData to false, if $addData is an invalid file.
HTH,
Garvin
The s9y core has an exclusion system that should already filter out most active contnet:
Code: Select all
function serendipity_isActiveFile($file) {
if (preg_match('@^\.@', $file)) {
return true;
}
$core = preg_match('@\.(php.*|[psj]html?|aspx?|cgi|jsp|py|pl)$@i', $file);
if ($core) {
return true;
}
$eventData = false;
serendipity_plugin_api::hook_event('backend_media_check', $eventData, $file);
return $eventData;
}
You can also see there's an event API hook, so you can create any custom plugin that listens on backend_media_check and modify $eventData to false, if $addData is an invalid file.
HTH,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/