File type does not meet security guidelines

  • foxmajik

    (@foxmajik)


    15 years, 9 months ago

    So I spend a couple of days setting up and customizing this WordPress blog for the small company I work for. My boss loves it, the CEO and the founder both love it.

    I go into a meeting with the department head of Sales today to show him how to post content to the blog. The first thing he wants to do is attach an Excel document to a post.

    So I show him how to browse for the file and attach it.

    Then we get this error:

    “File type does not meet security guidelines.”

    I tell him it’s just a simple configuration change; that I’ll fix it and get back to him.

    My meeting is botched and I look like an a$$.

    I shrug it off and go online to look up the solution, and find this:

    http://codex.wordpress.org/User:MichaelH/FAQ_for_2.5

    “Unknown file extensions are ‘blocked from uploading’. New extensions and their icons can be added via changes to the functions wp_check_filetype and wp_ext2type in wp-includes/functions.php.”

    Seriously? Seriously..? I have to edit the source code for WordPress to be able to upload an Excel spreadsheet?

    Why?

    Is there any sane way to fix this?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter foxmajik

    (@foxmajik)

    15 years, 9 months ago

    Answering my own question:

    http://blog.ftwr.co.uk/wordpress/mime-config/

    I see lots of angry emails in the future where people are asking why they can’t upload files.

    Moderator Samuel Wood (Otto)

    (@otto42)

    WordPress.org Admin

    15 years, 9 months ago

    What was the filetype you were trying to upload? Because WordPress allows XLS files (aka Excel spreadsheets). No editing of anything required.

    Also, if you were logged in as the administrator, you could have uploaded anything you like. There’s a Capability called “unfiltered_upload” that you can assign to Roles, which the admin user has by default. But you can use the Role Manager plugin to give that capability to any roles you like, if you want.

    Thread Starter foxmajik

    (@foxmajik)

    15 years, 9 months ago

    The filename was foo.xlsx. Microsoft Office 2007 and later use the new “open” document format which has the letter “x” added to the end. (Ex. Microsoft Word documents now end in “.docx.”)

    I don’t want the head of Sales to be an administrator but I do want him to be able to upload files with any extension. I don’t see why I can’t just turn this feature off. Telling a user that downloading an Excel spreadsheet from a private company blog is a violation of security protocol is arbitrary and counterproductive.

    How do I “assign to Roles?”

    Thread Starter foxmajik

    (@foxmajik)

    15 years, 9 months ago

    Answering my other question:

    http://www.im-web-gefunden.de/wordpress-plugins/role-manager/

    This plugin seems to do the trick.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘File type does not meet security guidelines’ is closed to new replies.