Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Not a member yet? Click here to register.
Forgot Password?
  1. Home
  2. Discussion Forum
  3. PHPFusion 8 Support
  4. Suspected Bugs and Errors - 8
  5. Installation

Installation

Asked Modified Viewed 3,119 times
Back to Forum Index Previous Topic Next Topic
Print
F
flyfisherman
F
  • Junior Member, joined since
  • Contributed 18 posts on the community forums.
  • Started 6 threads in the forums
  • Started this discussions
asked
Junior Member

Can anyone help, I have little or no knowledge of php, I run a fusion website that was already installed so know basics when its running.

I booked a new domain and did an automatic install using Softaculous software, the install looks fine, but testing so far it refuses to allow picture uploads, a white screen comes up saying " Prevented an unwanted file upload attempt! ".
I am in process of checking everything else, but can anyone help with my problem ????
Thanks
0 replies

5 posts

F
Falk
F
Falk 146
Need help?, Having trouble?
• View our Documentation for Guides, Standards and Functions
• Name and Organize your Topics and Content correctly in the corresponding Forums for best support results
• Attaching Log Files and Screenshots when reporting issues will help
• Provide with an URL to live example if one exists
• Please read the How to Report an Error post
• Please read and comply with the Code of Conduct

(¯·._.·(¯°·._.·°º*[ Project Manager ]*º°·._.·°¯)·._.·¯)
  • Super Admin, joined since
  • Contributed 6,201 posts on the community forums.
  • Started 639 threads in the forums
  • Answered 12 questions
answered
Super Admin

Hello,

Please see this one : https://www.php-fusion.co.uk/forum/viewthread.php?thread_id=32886&rowstart=40#post_187123
What you can try here is to download the code snippet ( Download source ) Save the file as mimetypes_include.php
replace the current mimetypes_include.php in the directory includes.
0 replies
— 1 month later —
F
flyfisherman
F
  • Junior Member, joined since
  • Contributed 18 posts on the community forums.
  • Started 6 threads in the forums
  • Started this discussions
answered
Junior Member

Hi Thanks for the reply...... I tried this but still wont work, in fact I have installed a second site and have same problem.... could it be a permissions thing that I have missed ????
Appreciate all the help I am receiving.
Colin
0 replies
F
Falk
F
Falk 146
Need help?, Having trouble?
• View our Documentation for Guides, Standards and Functions
• Name and Organize your Topics and Content correctly in the corresponding Forums for best support results
• Attaching Log Files and Screenshots when reporting issues will help
• Provide with an URL to live example if one exists
• Please read the How to Report an Error post
• Please read and comply with the Code of Conduct

(¯·._.·(¯°·._.·°º*[ Project Manager ]*º°·._.·°¯)·._.·¯)
  • Super Admin, joined since
  • Contributed 6,201 posts on the community forums.
  • Started 639 threads in the forums
  • Answered 12 questions
answered
Super Admin

The MIME check tool try to ensure that your file type are of the correct type.
What you can do is to disable the function if you have a lot of files with issues.
open maincore.php

find and remove

Code Download source
// Checking file types of the uploaded file with known mime types list to prevent uploading unwanted files
if(isset($_FILES) && count($_FILES)) {
   require_once BASEDIR.'includes/mimetypes_include.php';
   $mime_types = mimeTypes();
   foreach($_FILES as $each) {
      if(isset($each['name']) && strlen($each['tmp_name'])) {
         $file_info = pathinfo($each['name']);
         $extension = $file_info['extension'];
         if(array_key_exists($extension, $mime_types)) {
            //An extension may have more than one mime type
            if(is_array($mime_types[$extension])) {
               //We should check each extension one by one
               $valid_mimetype = false;
               foreach($mime_types[$extension] as $each_mimetype) {
                  //If we have a match, we set the value to true and break the loop
                  if($each_mimetype==$each['type']) {
                     $valid_mimetype = true;
                     break;
                  }
               }

               if(!$valid_mimetype) {
                  die('Prevented an unwanted file upload attempt!');
               }
               unset($valid_mimetype);
            } else {
               if($mime_types[$extension]!=$each['type']) {
                  die('Prevented an unwanted file upload attempt!');
               }
            }
         } /*else { //Let's disable this for now
            //almost impossible with provided array, but we throw an error anyways
            die('Unknown file type');
         }*/
         unset($file_info,$extension);
      }
   }
   unset($mime_types);
}
0 replies
F
flyfisherman
F
  • Junior Member, joined since
  • Contributed 18 posts on the community forums.
  • Started 6 threads in the forums
  • Started this discussions
answered
Junior Member

Sorry to be such a pain, as I have little or no knowledge of php, how do I go about doing this.
My Problem is if I or a member attempts to upload a file. All you get is a full white screen with the message in top left hand corner ( Prevented an unwanted file upload attempt! )
I am totally confused with all or any coding etc.
I do really appreciate the help you are trying to give but I am lost.
Sorry Colin
0 replies
— 10 months later —
I
ImproperUsername
I
  • Member, joined since
  • Contributed 90 posts on the community forums.
  • Started 19 threads in the forums
answered
Member

I searched and found several threads relating to the issue of "Prevented an unwanted file upload attempt!" I am commenting with what I did, in case it helps someone else. I was getting the error only with PDF files, so I guess it had something to do with my PDF files not presenting the correct mimetype to the script or something? Anyhow, I modified maincore.php like this:

at line 73 or so, where it is
Code Download source
if(!$valid_mimetype) {


I modified so that an exception is made for PDF:
Code Download source
if(!$valid_mimetype && !$extension=="pdf") {


I don't allow uploads from anyone but myself; PDFs can contain malicious code.
0 replies

Category Forum

Suspected Bugs and Errors - 8

Labels

None yet

Statistics

  • Views 0 views
  • Posts 5 posts
  • Votes 0 votes
  • Topic users 3 members

3 participants

F
F
Falk 146
Need help?, Having trouble?
• View our Documentation for Guides, Standards and Functions
• Name and Organize your Topics and Content correctly in the corresponding Forums for best support results
• Attaching Log Files and Screenshots when reporting issues will help
• Provide with an URL to live example if one exists
• Please read the How to Report an Error post
• Please read and comply with the Code of Conduct

(¯·._.·(¯°·._.·°º*[ Project Manager ]*º°·._.·°¯)·._.·¯)
  • Super Admin, joined since
  • Contributed 6,201 posts on the community forums.
  • Started 639 threads in the forums
  • Answered 12 questions
I
I
  • Member, joined since
  • Contributed 90 posts on the community forums.
  • Started 19 threads in the forums
F
F
  • Junior Member, joined since
  • Contributed 18 posts on the community forums.
  • Started 6 threads in the forums
  • Started this discussions

Notifications

Track thread

You are not receiving notifications from this thread.

Related Questions

Not yet