Error with MIME types?

Home \ forums/topic \ Error with MIME types?

Support Home Page Forums Joomla Software Easy File Uploader Module Error with MIME types?

Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
    Posts
  • #869
    dbn
    Participant

    I’m webmaster for my club’s site. We recently migrated to Joomla Version 3.6.2. Our server’s PHP version is 5.6.24. Our Easy File Uploader module is version 2.7.8 We’re now experiencing problems with file uploads not encountered before the version upgrade. Specifically, I see:

    ERROR: The uploaded file type is not permitted.

    MIME detected by PHP: (application/pdf; charset=binary)

    MIME detected by Browser: application/pdf

    The MIME type of application/pdf is enabled in the module configuration.

    The MIME type detected by PHP is the same as the MIME type detected by the browser (less the charset information). The file is indeed a PDF file. The summary system information shown by the Easy File Uploader Module is as follows:

    FILEINFO_MIME is defined.

    finfo_open is callable.

    finfo_file is callable.

    finfo_close is callable.

    mime_content_type is callable.

    This is a NON-Windows OS: Linux.

    escapeshellarg is callable.

    exec doesn’t exist.

    shell_exec doesn’t exist.

    I’m unsure what to check next. Can you please provide some guidance? Thanks!

    Regards,

    Dave Nelson

    #2260
    dbn
    Participant

    I tested again using a different invocation of Easy File Uploader on our site, to upload photos. This is the error message I received:

    ERROR: The uploaded file type is not permitted.

    MIME detected by PHP: (image/png; charset=binary)

    MIME detected by Browser: image/png

    I’m a bit dubious about the “charset=binary”, as images don’t have character sets, right?

    One additional thing that has changed (besides the Joomla version update) is a newer version of PHP. Should the PHP MIME type detection function be returning the “charset=binary” notation?

    #2261
    dbn
    Participant

    A little more research on the PHP side. The inclusion of “charset” in the returned string was introduced in PHP 5.3+ to make it RFC2045 compliant. I don’t know what version of PHP our host was running prior to the recent upgrade, but it does seem unlikely to have been as old as 5.2. Although, I suppose it’s possible.

    Can anyone confirm that the MIME type comparison code in Easy File Uploader 2.7.8 is written to expect the inclusion of the charset information?

    #2262
    dbn
    Participant

    OK, once again answering my own question… 🙂 No, the MIME type comparison would ignore the charset information in only some of the alternate supported methods. I was able to fix my problem by adding the code stripping out the charset information to the code path using the FILEINFO_MIME method. The code is added after line 213 in the helper function actualMime in the class modEasyFileUploaderHelper in the file helper.php.

    The relevant section of code is as follows:

    // try to use recommended functions

    if (defined(‘FILEINFO_MIME’) &&

    function_exists(‘finfo_open’) && is_callable(‘finfo_open’) &&

    function_exists(‘finfo_file’) && is_callable(‘finfo_file’) &&

    function_exists(‘finfo_close’) && is_callable(‘finfo_close’))

    {

    $finfo = finfo_open(FILEINFO_MIME);

    $mime = finfo_file($finfo, $file);

    if ($mime === ”)

    {

    $mime = false;

    }

    finfo_close($finfo);

    //this removes the charset value if it was returned with the mime type. mime is first.

    $mime = strtok($mime, ‘; ‘);

    $mime = trim($mime); //remove any remaining whitespace

    }

    The added code is emphasized.

    #2263
    Michael Gilkes
    Keymaster

    @dbn. Thanks for posting. OK. I reviewed the code you posted. However, I am confused about something. The code you posted is different from the code in Easy File Uploader version 2.7.8.

    This is the code you posted:

    However, the code in my class, modEasyFileUploaderHelper in the helper.php file from lines 201 to 214 is:

    Notice that the constant in your code listing for finfo_open is “FILEINFO_MIME”, where as the constant in my code on line 207 is “FILEINFO_MIME_TYPE”. This makes a big difference, since the constant FILEINFO_MIME will give you the mime and the encoding charset, and FILEINFO_MIME_TYPE will only give you the mime without the encoding charset.

    So the question is why is your code of my extension different from my code on my extension? Did you change that constant?

    If you notice I already have code to remove the charset from the exec and shell_exec options to detect the MIME. However, because of the constant I use for finfo_open, there is no need for that code snippet you added to remove the charset.

    You should reinstall version 2.7.8 of the Easy File Uploader.

    So, to answer your question, “Can anyone confirm that the MIME type comparison code in Easy File Uploader 2.7.8 is written to expect the inclusion of the charset information?”… Yes, the MIME type comparison code in Easy File Uploader 2.7.8 is indeed written to expect the inclusion of the charset information. However, for some reason, unknown to me, your code is not the same as the officially published code.

    Can you please confirm whether you have edited the constant applied to the finfo_open function and changed it from FILEINFO_MIME_TYPE to FILEINFO_MIME?

    #2264
    Michael Gilkes
    Keymaster

    @dbn. I forgot to mention, you can very the difference in usage of file info constants by looking at the PHP documentation for file info constants

    Hope to hear back from you, so that I can get your feedback, and so we can understand what’s going on and sort this out together.

    #2265
    dbn
    Participant

    I’m still waiting for an activation email for my new account at valorapps.com, so that I can “get” a fresh copy of the 2.7.8 package for comparison. (I don’t see a way to request a re-send.)

    I see the questionable FILEINFO_MIME used in the easydiagnostic.php file, too, so if someone changed that constant, it was done consistently. It wasn’t me, but I’m not the original webmaster for our site.

    Odd, indeed.

    #2266
    Michael Gilkes
    Keymaster

    @dbn. You don’t need to log in to valorapps.com to download Easy File Uploader. It is freely available on the webpage: https://www.valorapps.com/web-products/easy-file-uploader.html.

    Also, I don’t know what you are referring regarding the easydiagnostic.php, since that too also has FILEINFO_MIME_TYPE. So, as you said, whoever changed it, changed it everywhere in your copy of the module.

    As for the activation email, that would have been sent to you automatically. Please check your spam filter just in case the email got sent to your spam folder. If you need any direct assistance, please email me at support[at]valorapps[dot]com. I don’t want to list your email address on this forum.

    #2267
    dbn
    Participant

    Ah, I see it now. The small text hyperlink at the bottom of the page. I was looking for a big download button near the top of the page. 🙂 Thanks!

    #2268
    dbn
    Participant

    Mystery cleared up. Our third-party software services provider made the changes during the process of migrating our site from an old version of Joomla to the latest stable version, along with updating or replacing all the plugins, templates and modules that our site was using. They said the change was made to “work with older versions of PHP”. I politely explained why that was a Bad Idea ™ and that it actually broke the code. Thanks for your time and assistance. I will back out all of their changes.

Viewing 10 posts - 1 through 10 (of 10 total)
  • The topic ‘Error with MIME types?’ is closed to new replies.