Version Description
- Added the security option item in the admin menu for enabling the security check for a file content and for sanitizing the multiple file extensions within the filename by WordPress core.
- Supported the new language setting regarding load_plugin_textdomain function.
Download this release
Release Info
Developer | kimipooh |
Plugin | WP Add Mime Types |
Version | 2.5.0 |
Comparing to | |
See all releases |
Code changes from version 2.4.1 to 2.5.0
- includes/admin.php +31 -3
- includes/network-admin.php +29 -0
- readme.txt +14 -10
- wp-add-mime-types.php +47 -35
includes/admin.php
CHANGED
@@ -37,8 +37,20 @@ function admin_settings_page(){
|
|
37 |
$settings['mime_type_values'] = serialize($mime_type_values);
|
38 |
}
|
39 |
}else
|
40 |
-
|
41 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
42 |
// Update to WordPress Data.
|
43 |
if(is_multisite() && is_plugin_active_for_network($plugin_basename))
|
44 |
get_site_option('wp_add_mime_types_network_array', $settings);
|
@@ -52,7 +64,7 @@ function admin_settings_page(){
|
|
52 |
<h2><?php _e('WP Add Mime Types Admin Settings', 'wp-add-mime-types'); ?></h2>
|
53 |
|
54 |
<form method="post" action="">
|
55 |
-
<fieldset style="border:1px solid #777777; width: 750px; padding-left: 6px;">
|
56 |
<legend><h3><?php _e('List of allowed mime types and file extensions by WordPress','wp-add-mime-types'); ?></h3></legend>
|
57 |
<div style="overflow:scroll; height: 500px;">
|
58 |
<table>
|
@@ -95,7 +107,23 @@ if(!empty($allowed_mime_values)){
|
|
95 |
</fieldset>
|
96 |
<br/>
|
97 |
|
98 |
-
<fieldset style="border:1px solid #777777; width: 750px; padding-left: 6px;">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
99 |
<legend><h3><?php _e('Add Values','wp-add-mime-types'); ?></h3></legend>
|
100 |
<p><?php _e('* About the mime type value for the file extension, please search "mime type [file extension name] using a search engine.<br/>Ex. epub = application/epub+zip<br/>Reference: <a href="http://www.iana.org/assignments/media-types/media-types.xhtml" target="_blank">Media Types on the Internet Assigned Numbers Authority (IANA)</a><br/>* If the added mime type does not work, please deactivate other mime type plugins or the setting of other mime type plugins.','wp-add-mime-types'); ?>
|
101 |
<br/><?php _e('* Ignore to the right of "#" on a line. ','wp-add-mime-types'); ?></p>
|
37 |
$settings['mime_type_values'] = serialize($mime_type_values);
|
38 |
}
|
39 |
}else
|
40 |
+
$mime_type_values = unserialize($settings['mime_type_values']);
|
41 |
|
42 |
+
if(!isset($settings['security_attempt_enable']))
|
43 |
+
$settings['security_attempt_enable'] = "no";
|
44 |
+
else{
|
45 |
+
if(isset($_POST['security_attempt_enable']))
|
46 |
+
$settings['security_attempt_enable'] = wp_strip_all_tags($_POST['security_attempt_enable']);
|
47 |
+
}
|
48 |
+
if(!isset($settings['filename_sanitized_enable']))
|
49 |
+
$settings['filename_sanitized_enable'] = "no";
|
50 |
+
else{
|
51 |
+
if(isset($_POST['filename_sanitized_enable']))
|
52 |
+
$settings['filename_sanitized_enable'] = wp_strip_all_tags($_POST['filename_sanitized_enable']);
|
53 |
+
}
|
54 |
// Update to WordPress Data.
|
55 |
if(is_multisite() && is_plugin_active_for_network($plugin_basename))
|
56 |
get_site_option('wp_add_mime_types_network_array', $settings);
|
64 |
<h2><?php _e('WP Add Mime Types Admin Settings', 'wp-add-mime-types'); ?></h2>
|
65 |
|
66 |
<form method="post" action="">
|
67 |
+
<fieldset style="border:1px solid #777777; width: 750px; padding-left: 6px; ">
|
68 |
<legend><h3><?php _e('List of allowed mime types and file extensions by WordPress','wp-add-mime-types'); ?></h3></legend>
|
69 |
<div style="overflow:scroll; height: 500px;">
|
70 |
<table>
|
107 |
</fieldset>
|
108 |
<br/>
|
109 |
|
110 |
+
<fieldset style="border:1px solid #777777; width: 750px; padding-left: 6px; padding-bottom: 1em;">
|
111 |
+
<legend><h3><?php _e('Security Options','wp-add-mime-types'); ?></h3></legend>
|
112 |
+
<?php _e('* The plugin avoids some security checks by WordPress core. If you do not want to avoid them, please turn on the following setting.','wp-add-mime-types'); ?></p>
|
113 |
+
<p><span style="color:red;"><?php if(is_multisite() && is_plugin_active_for_network($plugin_basename)) _e('* The site administrator cannot add the value for mime type because the multisite is enabled. <br/>Please contact the multisite administrator if you would like to add the value.','wp-add-mime-types'); ?></span></p>
|
114 |
+
|
115 |
+
<?php // ?>
|
116 |
+
<p>
|
117 |
+
<input type="hidden" name="security_attempt_enable" value="no" />
|
118 |
+
<input type="checkbox" name="security_attempt_enable" value="yes" <?php if( isset($settings['security_attempt_enable']) && $settings['security_attempt_enable'] === "yes" ) echo "checked"; ?> <?php if(!$permission || (is_multisite() && is_plugin_active_for_network($plugin_basename))) echo "disabled"; ?>/> <?php _e('Enable the attempt to determine the real file type of a file by WordPress core.','wp-add-mime-types'); ?>
|
119 |
+
</p>
|
120 |
+
<p>
|
121 |
+
<input type="hidden" name="filename_sanitized_enable" value="no" />
|
122 |
+
<input type="checkbox" name="filename_sanitized_enable" value="yes" <?php if( isset($settings['filename_sanitized_enable']) && $settings['filename_sanitized_enable'] === "yes" ) echo "checked"; ?> <?php if(!$permission || (is_multisite() && is_plugin_active_for_network($plugin_basename))) echo "disabled"; ?>/> <?php _e('Enable to sanitize the multiple file extensions within the filename by WordPress core.','wp-add-mime-types'); ?>
|
123 |
+
</p>
|
124 |
+
</fieldset>
|
125 |
+
|
126 |
+
<fieldset style="border:1px solid #777777; width: 750px; padding-left: 6px; padding-bottom: 1em;">
|
127 |
<legend><h3><?php _e('Add Values','wp-add-mime-types'); ?></h3></legend>
|
128 |
<p><?php _e('* About the mime type value for the file extension, please search "mime type [file extension name] using a search engine.<br/>Ex. epub = application/epub+zip<br/>Reference: <a href="http://www.iana.org/assignments/media-types/media-types.xhtml" target="_blank">Media Types on the Internet Assigned Numbers Authority (IANA)</a><br/>* If the added mime type does not work, please deactivate other mime type plugins or the setting of other mime type plugins.','wp-add-mime-types'); ?>
|
129 |
<br/><?php _e('* Ignore to the right of "#" on a line. ','wp-add-mime-types'); ?></p>
|
includes/network-admin.php
CHANGED
@@ -40,6 +40,19 @@ function network_admin_settings_page(){
|
|
40 |
}else
|
41 |
$mime_type_values = unserialize($settings['mime_type_values']);
|
42 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
43 |
// Update on wp_sitemeta
|
44 |
update_site_option('wp_add_mime_types_network_array', $settings);
|
45 |
|
@@ -93,6 +106,22 @@ if(!empty($allowed_mime_values)){
|
|
93 |
</fieldset>
|
94 |
<br/>
|
95 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
96 |
<fieldset style="border:1px solid #777777; width: 750px; padding-left: 6px;">
|
97 |
<legend><h3><?php _e('Add Values','wp-add-mime-types'); ?></h3></legend>
|
98 |
<p><?php _e('* About the mime type value for the file extension, please search "mime type [file extension name] using a search engine.<br/>Ex. epub = application/epub+zip<br/>Reference: <a href="http://www.iana.org/assignments/media-types/media-types.xhtml" target="_blank">Media Types on the Internet Assigned Numbers Authority (IANA)</a><br/>* If the added mime type does not work, please deactivate other mime type plugins or the setting of other mime type plugins.','wp-add-mime-types'); ?>
|
40 |
}else
|
41 |
$mime_type_values = unserialize($settings['mime_type_values']);
|
42 |
|
43 |
+
if(!isset($settings['security_attempt_enable']))
|
44 |
+
$settings['security_attempt_enable'] = "no";
|
45 |
+
else{
|
46 |
+
if(isset($_POST['security_attempt_enable']))
|
47 |
+
$settings['security_attempt_enable'] = wp_strip_all_tags($_POST['security_attempt_enable']);
|
48 |
+
}
|
49 |
+
if(!isset($settings['filename_sanitized_enable']))
|
50 |
+
$settings['filename_sanitized_enable'] = "no";
|
51 |
+
else{
|
52 |
+
if(isset($_POST['filename_sanitized_enable']))
|
53 |
+
$settings['filename_sanitized_enable'] = wp_strip_all_tags($_POST['filename_sanitized_enable']);
|
54 |
+
}
|
55 |
+
|
56 |
// Update on wp_sitemeta
|
57 |
update_site_option('wp_add_mime_types_network_array', $settings);
|
58 |
|
106 |
</fieldset>
|
107 |
<br/>
|
108 |
|
109 |
+
<fieldset style="border:1px solid #777777; width: 750px; padding-left: 6px; padding-bottom: 1em;">
|
110 |
+
<legend><h3><?php _e('Security Options','wp-add-mime-types'); ?></h3></legend>
|
111 |
+
<?php _e('* The plugin avoids some security checks by WordPress core. If you do not want to avoid them, please turn on the following setting.','wp-add-mime-types'); ?></p>
|
112 |
+
<p><span style="color:red;"><?php if(is_multisite() && is_plugin_active_for_network($plugin_basename)) _e('* The site administrator cannot add the value for mime type because the multisite is enabled. <br/>Please contact the multisite administrator if you would like to add the value.','wp-add-mime-types'); ?></span></p>
|
113 |
+
|
114 |
+
<?php // ?>
|
115 |
+
<p>
|
116 |
+
<input type="hidden" name="security_attempt_enable" value="no" />
|
117 |
+
<input type="checkbox" name="security_attempt_enable" value="yes" <?php if( isset($settings['security_attempt_enable']) && $settings['security_attempt_enable'] === "yes" ) echo "checked"; ?> <?php if(!$permission || (is_multisite() && is_plugin_active_for_network($plugin_basename))) echo "disabled"; ?>/> <?php _e('Enable the attempt to determine the real file type of a file by WordPress core.','wp-add-mime-types'); ?>
|
118 |
+
</p>
|
119 |
+
<p>
|
120 |
+
<input type="hidden" name="filename_sanitized_enable" value="no" />
|
121 |
+
<input type="checkbox" name="filename_sanitized_enable" value="yes" <?php if( isset($settings['filename_sanitized_enable']) && $settings['filename_sanitized_enable'] === "yes" ) echo "checked"; ?> <?php if(!$permission || (is_multisite() && is_plugin_active_for_network($plugin_basename))) echo "disabled"; ?>/> <?php _e('Enable to sanitize the multiple file extensions within the filename by WordPress core.','wp-add-mime-types'); ?>
|
122 |
+
</p>
|
123 |
+
</fieldset>
|
124 |
+
|
125 |
<fieldset style="border:1px solid #777777; width: 750px; padding-left: 6px;">
|
126 |
<legend><h3><?php _e('Add Values','wp-add-mime-types'); ?></h3></legend>
|
127 |
<p><?php _e('* About the mime type value for the file extension, please search "mime type [file extension name] using a search engine.<br/>Ex. epub = application/epub+zip<br/>Reference: <a href="http://www.iana.org/assignments/media-types/media-types.xhtml" target="_blank">Media Types on the Internet Assigned Numbers Authority (IANA)</a><br/>* If the added mime type does not work, please deactivate other mime type plugins or the setting of other mime type plugins.','wp-add-mime-types'); ?>
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Tags: mime,file extention
|
|
4 |
Requires at least: 4.0
|
5 |
Requires PHP: 5.6
|
6 |
Tested up to: 5.3.2
|
7 |
-
Stable tag: 2.
|
8 |
License: GPL v2
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
@@ -40,7 +40,12 @@ You can see the list of allowed mime types and file extensions by WordPress.
|
|
40 |
|
41 |
== Frequently Asked Questions ==
|
42 |
|
43 |
-
|
|
|
|
|
|
|
|
|
|
|
44 |
Yes. The function was supported by Version 2.4.0.
|
45 |
WordPress sanitizes the filename in case of 2 or more extensions.
|
46 |
ex. XXX.YYY.ZZZ --> XXX_.YYY.ZZZ.
|
@@ -48,15 +53,12 @@ The plugin fixes the sanitized extension when a file is uploaded in the media in
|
|
48 |
ex. XXX.YYY.ZZZ -- sanitized --> XXX_.YYY.ZZZ -- fixed the plugin --> XXX.YYY.ZZZ
|
49 |
In detail, please see sanitize_file_name function in "wp-includes/formatting.php".
|
50 |
|
51 |
-
|
52 |
Yes. You can comment out above version 2.3.0.
|
53 |
|
54 |
-
|
55 |
-
|
56 |
-
|
57 |
-
If the added mime type does not work, please deactivate other mime type plugins or the setting of other mime type plugins.
|
58 |
-
|
59 |
-
For example, if you install Media Library Assistant plugin, please turn off "Enable Upload MIME Type Support" in the Upload tag in this plugin setting.
|
60 |
|
61 |
= How do the plugin behave when it is installed and activated on the multisite network administration dashboard? =
|
62 |
The setting in the multisite network administration dashboard is taken precedence. The setting in each site administration dashboard is displayed, but the values aren't applied.
|
@@ -76,12 +78,14 @@ Yes, each setting values are saved as the other setting items.
|
|
76 |
|
77 |
|
78 |
== Changelog ==
|
|
|
|
|
|
|
79 |
|
80 |
= 2.4.1 =
|
81 |
* Changed remove_underscore function name to wpaddmimetypes_remove_underscore because of the avoidance of the name conflict.
|
82 |
* Tested up to WordPress 5.2.2 and PHP 7.4.
|
83 |
|
84 |
-
|
85 |
= 2.4.0 =
|
86 |
* Support of the multi extension. Even if the file extension is "XXX.ZZZ", "XXX.YYY.ZZZ", "AAA.XXX.YYY.ZZZ" or more, it always picks up the tail of the extensions.
|
87 |
|
4 |
Requires at least: 4.0
|
5 |
Requires PHP: 5.6
|
6 |
Tested up to: 5.3.2
|
7 |
+
Stable tag: 2.5.0
|
8 |
License: GPL v2
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
40 |
|
41 |
== Frequently Asked Questions ==
|
42 |
|
43 |
+
= Cannot work =
|
44 |
+
If the added mime type does not work, please deactivate other mime type plugins or the setting of other mime type plugins.
|
45 |
+
|
46 |
+
For example, if you install Media Library Assistant plugin, please turn off "Enable Upload MIME Type Support" in the Upload tag in this plugin setting.
|
47 |
+
|
48 |
+
= Can the plugin support the multi extensions? =
|
49 |
Yes. The function was supported by Version 2.4.0.
|
50 |
WordPress sanitizes the filename in case of 2 or more extensions.
|
51 |
ex. XXX.YYY.ZZZ --> XXX_.YYY.ZZZ.
|
53 |
ex. XXX.YYY.ZZZ -- sanitized --> XXX_.YYY.ZZZ -- fixed the plugin --> XXX.YYY.ZZZ
|
54 |
In detail, please see sanitize_file_name function in "wp-includes/formatting.php".
|
55 |
|
56 |
+
= Can I comment out in the setting value? =
|
57 |
Yes. You can comment out above version 2.3.0.
|
58 |
|
59 |
+
= Can the plugin avoid the security check for a file content by WordPress core? =
|
60 |
+
Yes. WordPress core has implemented the security check for a file content since version 4.7.1.
|
61 |
+
The plugin's default setting disables this security check .
|
|
|
|
|
|
|
62 |
|
63 |
= How do the plugin behave when it is installed and activated on the multisite network administration dashboard? =
|
64 |
The setting in the multisite network administration dashboard is taken precedence. The setting in each site administration dashboard is displayed, but the values aren't applied.
|
78 |
|
79 |
|
80 |
== Changelog ==
|
81 |
+
= 2.5.0 =
|
82 |
+
* Added the security option item in the admin menu for enabling the security check for a file content and for sanitizing the multiple file extensions within the filename by WordPress core.
|
83 |
+
* Supported the new language setting regarding load_plugin_textdomain function.
|
84 |
|
85 |
= 2.4.1 =
|
86 |
* Changed remove_underscore function name to wpaddmimetypes_remove_underscore because of the avoidance of the name conflict.
|
87 |
* Tested up to WordPress 5.2.2 and PHP 7.4.
|
88 |
|
|
|
89 |
= 2.4.0 =
|
90 |
* Support of the multi extension. Even if the file extension is "XXX.ZZZ", "XXX.YYY.ZZZ", "AAA.XXX.YYY.ZZZ" or more, it always picks up the tail of the extensions.
|
91 |
|
wp-add-mime-types.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
Plugin Name: WP Add Mime Types
|
4 |
Plugin URI:
|
5 |
Description: The plugin additionally allows the mime types and file extensions to WordPress.
|
6 |
-
Version: 2.
|
7 |
Author: Kimiya Kitani
|
8 |
Author URI: http://kitaney-wordpress.blogspot.jp/
|
9 |
Text Domain: wp-add-mime-types
|
@@ -19,7 +19,7 @@ add_action('plugins_loaded', 'enable_language_translation');
|
|
19 |
$plugin_basename = plugin_basename ( __FILE__ );
|
20 |
|
21 |
$default_var = array(
|
22 |
-
'wp_add_mime_types' => '2.
|
23 |
);
|
24 |
|
25 |
// Add Setting to WordPress 'Settings' menu for Multisite.
|
@@ -34,8 +34,9 @@ require_once( dirname( __FILE__ ) . '/includes/admin.php');
|
|
34 |
function add_allow_upload_extension( $mimes ) {
|
35 |
global $plugin_basename;
|
36 |
$mime_type_values = false;
|
|
|
37 |
if ( ! function_exists( 'is_plugin_active_for_network' ) )
|
38 |
-
|
39 |
|
40 |
if(is_multisite() && is_plugin_active_for_network($plugin_basename))
|
41 |
$settings = get_site_option('wp_add_mime_types_network_array');
|
@@ -59,50 +60,72 @@ function add_allow_upload_extension( $mimes ) {
|
|
59 |
$mimes[trim($line_value[0])] = trim(str_replace(" ", " ", $line_value[1]));
|
60 |
}
|
61 |
}
|
62 |
-
|
|
|
|
|
|
|
|
|
63 |
return $mimes;
|
64 |
}
|
65 |
|
66 |
// Register the Procedure process to WordPress.
|
67 |
add_filter( 'upload_mimes', 'add_allow_upload_extension');
|
68 |
|
|
|
|
|
|
|
|
|
69 |
// Exception for WordPress 4.7.1 file contents check system using finfo_file (wp-includes/functions.php)
|
70 |
// In case of custom extension in this plugins' setting, the WordPress 4.7.1 file contents check system is always true.
|
71 |
-
function add_allow_upload_extension_exception( $
|
72 |
global $plugin_basename;
|
73 |
$mime_type_values = false;
|
74 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
75 |
$ext = $type = $proper_filename = false;
|
76 |
-
if(isset($
|
77 |
-
if(isset($
|
78 |
-
if(isset($
|
79 |
-
if($ext != false && $type != false) return $
|
80 |
|
81 |
// If file extension is 2 or more
|
82 |
-
$f_sp = explode(".", $
|
83 |
$f_exp_count = count ($f_sp);
|
84 |
|
85 |
// Filename type is "XXX" (There is not file extension).
|
86 |
if($f_exp_count <= 1){
|
87 |
-
return $
|
88 |
/* Even if the file extension is "XXX.ZZZ", "XXX.YYY.ZZZ", "AAA.XXX.YYY.ZZZ" or more, it always picks up the tail of the extensions.
|
89 |
*/
|
90 |
}else{
|
91 |
$f_name = $f_sp[0];
|
92 |
$f_ext = $f_sp[$f_exp_count - 1];
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
93 |
}
|
94 |
-
|
95 |
-
if ( ! function_exists( 'is_plugin_active_for_network' ) )
|
96 |
-
require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
|
97 |
|
98 |
-
|
99 |
-
|
100 |
-
|
101 |
-
|
102 |
-
|
103 |
-
if(!isset($settings['mime_type_values']) || empty($settings['mime_type_values'])) return compact( 'ext', 'type', 'proper_filename' );
|
104 |
-
else
|
105 |
-
$mime_type_values = unserialize($settings['mime_type_values']);
|
106 |
|
107 |
$flag = false;
|
108 |
if(!empty($mime_type_values)){
|
@@ -123,22 +146,11 @@ function add_allow_upload_extension_exception( $file, $filename, $mimes ) {
|
|
123 |
}
|
124 |
}
|
125 |
}
|
126 |
-
// WordPress sanitizes the filename in case of 2 or more extensions.
|
127 |
-
// ex. XXX.YYY.ZZZ --> XXX_.YYY.ZZZ.
|
128 |
-
// The following function fixes the sanitized extension when a file is uploaded in the media in case of allowed extensions.
|
129 |
-
// ex. XXX.YYY.ZZZ -- sanitized --> XXX_.YYY.ZZZ -- fixed the plugin --> XXX.YYY.ZZZ
|
130 |
-
// In detail, please see sanitize_file_name function in "wp-includes/formatting.php".
|
131 |
-
if($f_exp_count > 2){
|
132 |
-
function wpaddmimetypes_remove_underscore($filename, $filename_raw){
|
133 |
-
return str_replace("_.", ".", $filename);
|
134 |
-
}
|
135 |
-
add_filter( 'sanitize_file_name', 'wpaddmimetypes_remove_underscore', 10, 2 );
|
136 |
-
}
|
137 |
|
138 |
if($flag)
|
139 |
return compact( 'ext', 'type', 'proper_filename' );
|
140 |
else
|
141 |
-
return $
|
142 |
}
|
143 |
|
144 |
-
add_filter( 'wp_check_filetype_and_ext', 'add_allow_upload_extension_exception',10,
|
3 |
Plugin Name: WP Add Mime Types
|
4 |
Plugin URI:
|
5 |
Description: The plugin additionally allows the mime types and file extensions to WordPress.
|
6 |
+
Version: 2.5.0
|
7 |
Author: Kimiya Kitani
|
8 |
Author URI: http://kitaney-wordpress.blogspot.jp/
|
9 |
Text Domain: wp-add-mime-types
|
19 |
$plugin_basename = plugin_basename ( __FILE__ );
|
20 |
|
21 |
$default_var = array(
|
22 |
+
'wp_add_mime_types' => '2.5.0',
|
23 |
);
|
24 |
|
25 |
// Add Setting to WordPress 'Settings' menu for Multisite.
|
34 |
function add_allow_upload_extension( $mimes ) {
|
35 |
global $plugin_basename;
|
36 |
$mime_type_values = false;
|
37 |
+
|
38 |
if ( ! function_exists( 'is_plugin_active_for_network' ) )
|
39 |
+
require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
|
40 |
|
41 |
if(is_multisite() && is_plugin_active_for_network($plugin_basename))
|
42 |
$settings = get_site_option('wp_add_mime_types_network_array');
|
60 |
$mimes[trim($line_value[0])] = trim(str_replace(" ", " ", $line_value[1]));
|
61 |
}
|
62 |
}
|
63 |
+
|
64 |
+
if($f_exp_more2_flag === true){
|
65 |
+
add_filter( 'sanitize_file_name', 'wpaddmimetypes_remove_underscore', 10, 2 );
|
66 |
+
}
|
67 |
+
|
68 |
return $mimes;
|
69 |
}
|
70 |
|
71 |
// Register the Procedure process to WordPress.
|
72 |
add_filter( 'upload_mimes', 'add_allow_upload_extension');
|
73 |
|
74 |
+
// Using in add_allow_upload_extension_exception function.
|
75 |
+
function wpaddmimetypes_remove_underscore($filename, $filename_raw){
|
76 |
+
return str_replace("_.", ".", $filename);
|
77 |
+
}
|
78 |
// Exception for WordPress 4.7.1 file contents check system using finfo_file (wp-includes/functions.php)
|
79 |
// In case of custom extension in this plugins' setting, the WordPress 4.7.1 file contents check system is always true.
|
80 |
+
function add_allow_upload_extension_exception( $data, $file, $filename,$mimes,$real_mime) {
|
81 |
global $plugin_basename;
|
82 |
$mime_type_values = false;
|
83 |
|
84 |
+
if(is_multisite() && is_plugin_active_for_network($plugin_basename))
|
85 |
+
$settings = get_site_option('wp_add_mime_types_network_array');
|
86 |
+
else
|
87 |
+
$settings = get_option('wp_add_mime_types_array');
|
88 |
+
|
89 |
+
if ( ! function_exists( 'is_plugin_active_for_network' ) )
|
90 |
+
require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
|
91 |
+
|
92 |
+
if(!isset($settings['mime_type_values']) || empty($settings['mime_type_values']))
|
93 |
+
return compact( 'ext', 'type', 'proper_filename' );
|
94 |
+
else
|
95 |
+
$mime_type_values = unserialize($settings['mime_type_values']);
|
96 |
+
|
97 |
$ext = $type = $proper_filename = false;
|
98 |
+
if(isset($data['ext'])) $ext = $data['ext'];
|
99 |
+
if(isset($data['type'])) $ext = $data['type'];
|
100 |
+
if(isset($data['proper_filename'])) $ext = $data['proper_filename'];
|
101 |
+
if($ext != false && $type != false) return $data;
|
102 |
|
103 |
// If file extension is 2 or more
|
104 |
+
$f_sp = explode(".", $filename);
|
105 |
$f_exp_count = count ($f_sp);
|
106 |
|
107 |
// Filename type is "XXX" (There is not file extension).
|
108 |
if($f_exp_count <= 1){
|
109 |
+
return $data;
|
110 |
/* Even if the file extension is "XXX.ZZZ", "XXX.YYY.ZZZ", "AAA.XXX.YYY.ZZZ" or more, it always picks up the tail of the extensions.
|
111 |
*/
|
112 |
}else{
|
113 |
$f_name = $f_sp[0];
|
114 |
$f_ext = $f_sp[$f_exp_count - 1];
|
115 |
+
// WordPress sanitizes the filename in case of 2 or more extensions.
|
116 |
+
// ex. XXX.YYY.ZZZ --> XXX_.YYY.ZZZ.
|
117 |
+
// The following function fixes the sanitized extension when a file is uploaded in the media in case of allowed extensions.
|
118 |
+
// ex. XXX.YYY.ZZZ -- sanitized --> XXX_.YYY.ZZZ -- fixed the plugin --> XXX.YYY.ZZZ
|
119 |
+
// In detail, please see sanitize_file_name function in "wp-includes/formatting.php".
|
120 |
+
if(!(isset($settings['filename_sanitized_enable']) && $settings['filename_sanitized_enable'] === "yes")){
|
121 |
+
add_filter( 'sanitize_file_name', 'wpaddmimetypes_remove_underscore', 10, 2 );
|
122 |
+
}
|
123 |
}
|
|
|
|
|
|
|
124 |
|
125 |
+
// If "security_attempt_enable" option disables (default) in the admin menu, the plugin avoids the security check regarding a file extension by WordPress core because of flexible management.
|
126 |
+
if(isset($settings['security_attempt_enable']) && $settings['security_attempt_enable'] === "yes"){
|
127 |
+
return $data;
|
128 |
+
}
|
|
|
|
|
|
|
|
|
129 |
|
130 |
$flag = false;
|
131 |
if(!empty($mime_type_values)){
|
146 |
}
|
147 |
}
|
148 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
149 |
|
150 |
if($flag)
|
151 |
return compact( 'ext', 'type', 'proper_filename' );
|
152 |
else
|
153 |
+
return $data;
|
154 |
}
|
155 |
|
156 |
+
add_filter( 'wp_check_filetype_and_ext', 'add_allow_upload_extension_exception',10,5);
|