WikiDocs icon indicating copy to clipboard operation
WikiDocs copied to clipboard
verified publisher icon Zavy86

Upload other file types 7z and zip

Open ffiesta opened this issue 1 year ago • 0 comments

Please review the code and the security

Autorize 7z files

 "application/x-7z-compressed",  
 "application/octet-stream",

Autorize zip files

 "application/zip",
 "application/zip-compressed",
 "application/x-zip-compressed",

Mime type List Url: https://mimetype.io/all-types

Change /submit.php

  • Change line 488 from:
// check extensions
if(!in_array($attachment['ext'],array("pdf","doc","docx","xls","xlsx","ppt","pptx"))){

to:

if(!in_array($attachment['ext'],array("zip","pdf","doc","docx","xls","xlsx","ppt","pptx"))){
  • Change line 495 to include array type from:
// check file type
	if(!in_array($attachment["type"],array(
		"application/pdf",
		"application/msword",
		"application/vnd.ms-excel",
		"application/vnd.ms-powerpoint",
		"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
		"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
		"application/vnd.openxmlformats-officedocument.presentationml.presentation"
	))){

to:

// check file type
	if(!in_array($attachment["type"],array(
               "application/x-7z-compressed",
		"application/octet-stream",
		"application/zip",
		"application/zip-compressed",
                "application/x-zip-compressed",
		"application/pdf",
		"application/msword",
		"application/vnd.ms-excel",
		"application/vnd.ms-powerpoint",
		"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
		"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
		"application/vnd.openxmlformats-officedocument.presentationml.presentation"
	))){

Change /template.inc.php

  • Change line 488 from:
<input type="text" id="uploader-path" class="file-path validate" placeholder="<?= $TXT->AttachmentsSelect ?>.. (pdf, doc/x, xls/x, ppt/x)">

to:

<input type="text" id="uploader-path" class="file-path validate" placeholder="<?= $TXT->AttachmentsSelect ?>.. (7z, zip, pdf, doc/x, xls/x, ppt/x)">

Change /classes/Document.class.php

  • Change line 205 from:
// check extensions
if(!in_array(end($file_extension),array("pdf","doc","docx","xls","xlsx","ppt","pptx"))){continue;}

to

if(!in_array(end($file_extension),array("zip","zip","pdf","doc","docx","xls","xlsx","ppt","pptx"))){continue;}

ffiesta avatar Mar 05 '24 17:03 ffiesta