Uploading files

From StampWantsWiki

There are several potential stumbling blocks in getting file upload working correctly

• php.ini file usually is here /usr/local/lib/php.ini

Frequently Asked Questions

Q: How do Wikipedia and other Wikimedia projects have a "Select a License" menu on the file upload page? How do we add a similar menu to our own wiki?

A: The Mediawiki:Licenses page is where the contents of the menu are defined. If you add options to that page the menu will magically appear.

Q: Fatal error: mime_magic could not be initialized, magic file is not available in /opt/lampp/htdocs/includes/MimeMagic.php on line 506

Why do I get this error, what can I do? Is there something I can put into LocalSettings.php?

Fatal error: mime_magic could not be initialized, magic file is not available in /opt/lampp/htdocs/includes/MimeMagic.php on line 506

A: Try adding the following line to the LocalSettings.php:

 $wgMimeDetectorCommand = "file -bi";

Q: After setting $wgEnableUploads = true, I still can't upload any image files. I get the following error (using MW 1.5.6):
Could not copy file "/tmp/phpWdGsMs" to "/var/www/vhosts/railgunn.com/httpdocs/pipelinewiki/images/temp/20060317020027!Weird_uvs.jpg".

A: Make sure the permission in all the files below images are all set to rwx on linux/unix chmod -R777 images/ (-R recursively)

and - if php safe_mode is on - that /images and all its subdirectories are owned by the same owner as the main script (index.php)

Q: How do I enable uploading files on my MediaWiki installation? Template:MW 1.5Template:MW 1.4

• Add "$wgEnableUploads = true;" to your LocalSettings.php. This causes an "Upload File" link to be displayed in the "toolbox" menu.
  • Note that in versions up to 1.4 this used to be add "$wgDisableUploads = false;"

• Make sure the 'uploads' or 'images' directory is writable by the web server

Don't forget to log-out and log-in again to see the "Upload file" link (this happens with 1.4.7 version)

Q: How do I enable uploading files on my MediaWiki install for IIS6 and mediawiki 1.5?

Q: But it says it has to be "specially set up to be secure"... how can I be secure?

• I'd highly recommend you clean up your config, yes...
• Also, I'd recommend you upgrade to the latest version... 1.2.0 has tighter controls on uploaded filetypes. See the RELEASE_NOTES file.

Q: Why do I get the message: "The file you uploaded seems to be empty. This might be due to a typo in the file name. Please check whether you really want to upload this file."

One reason for this is that something below mediawiki such as PHP or the web server is limiting the size of http requests. See the next question.

Q: What affects the maximum file size that can be uploaded?

• Change "upload_max_filesize = <Number>M" in your php.ini file, where <Number> is the limit in MBytes.
• Change "post_max_size =<Number>M" in your php.ini file as well and restart apache.
• If this php4 parameter is too low, you get the error message "The file you uploaded seems to be empty. This might be due to a typo in the file name. Please check whether you really want to upload this file."
• Apache has a directive "LimitRequestBody", which controls the maximum number of bytes allowed in ANY http request. If this limit is not somewhat larger than upload_max_filesize, the above message will appear for files near or above this limit. This directive may appear in various places in the apache configuration files, or in an .htaccess file. The effect of this directive may be global, or limited to a particular virtual host or directory, depending on where it occurs. Consulting the Apache documentation is advised if you run across this directive to understand how it is being used.

Some distributions use this directive to guard against denial of service attacks. For example the php module configuration for Apache2 on RedHat limits the request body size to 524288 bytes. Look at /etc/httpd/conf.d/php.conf. -- Other distributions may place the directive in other places according to their individual configuration file policies.

• MediaWiki's SpecialImport.php page has a hardcoded MAX_FILE_SIZE on the form that you may need to increase manually. You'll get a message saying This file is bigger than the server is configured to allow if you encounter this problem. Fix it by grepping includes/SpecialImport.php for MAX_FILE_SIZE and increase it from 2000000 on up to whatever you need. Note that if 'whatever you need' exceeds the sizes set in php.ini for POST size, Upload Size, and Memory that a script can use - then it worn't work, and you'll have to go in there and increase the limits accordingly.[1]

<legend>" . wfMsgHtml('upload') . "</legend>
        <form enctype='multipart/form-data' method='post' action=\"$action\">
                <input type='hidden' name='action' value='submit' />
                <input type='hidden' name='source' value='upload' />
                <input type='hidden' name='MAX_FILE_SIZE' value='20000000' />

One way to tell where the problem lies, is to check your logs. If you're seeing messages about memory being exhausted, and the like - then go check out your php.ini. If you're not seeing anything in the logs, then chances are it's the SpecialImport.php that's the sticking point...

• PHP's memory_limit may also place a limit on the maximum file size. See the note below if you find that you are getting a memory exhausted error in the Apache error log.
• If you're using Apache2, and PHP is loaded as a module (in my case it was PHP5), then the phpinfo() function will tell you where it expects the php.ini file to be located at. That's all good - except that it doesn't read the php.ini file!!!! You'll know this because when you look at the results returned from the phpinfo() you'll see that the local value hasn't been updated to reflect the change you made in php.ini !!!! After much hair-pulling, gnashing of teeth, and lots and lots of Caffeine, I discovered the workaround to be putting the php values that I wanted to change in the php.ini file into the httpd.conf file. Restart httpd, and it's all good... Here's a sample of what I had to add to the httpd.conf file (I put them right after the loadmodule statements that load up the various modules I'm using (including php5):

 php_value upload_max_filesize "25M"
 php_value post_max_size "25M"
 php_value memory_limit "64M"
 php_value file_uploads "On"

(Hopefully this will keep some other hapless Sysadmin from having to visit the Hair Club...)

One other thing I noticed is that the upload routine appears to be a memory hog. I had the memory_limit set to "25M", and it died with a "overloading of the server..." error when I was uploading a 6MB file. Oddly enough, I didn't see anything logged. For giggles I upped it to 64M, and it worked fine. I should probably dig into this some day to figure out what's going on...

Cautions

• The main thing you want to be sure of is that if someone uploads a .php file or other script it won't execute on your webserver!
• The second thing you want to be sure of is that if someone uploads a .html (or .htm or .shtm or...) file with embedded javascript, it won't execute (potentially able to steal session and password cookies from visitors).

Q: How do I do that?

In httpd.conf, add these lines:

Alias /upload /..../upload

<Directory "/..../upload">

Options None

php_flag engine off

</Directory>

Replace "...." with your path name.

Safe Mode Restrictions

If you get a safe mode Restrictions in effect error, it is caused by your host running php in safe mode. PHPO will not be able to create directories for the uploaded files.

Q: Is there a workaround to this safe mode problem? I would like to be able to use images in my wiki. Embedding external images is nice but it requires absolute URL's, which I hate. Couldn't Mediawiki handle some sort of "static-images" folder?

## If you want to use image uploads under safe mode, 
## create the directories images/archive, images/thumb and 
## images/temp, and make them all writable, along with images/ . Then uncomment 
## this, if it's not already uncommented:
# $wgHashedUploadDirectory = false;

(you can find this variable in includes/DefaultSettings.php)

See the PHP manual entry on safe mode for details.

A quote from a comment to the PHP manual: Beware: Safe mode will not permit you to create new files in directories which have different owner than the owner of the script. That is, in safe mode, images/archive, images/thumb and images/temp must be owned by the user who also owns the apache process. [for /images itself it is not the owner of the apache process but the owner of the script, ie index.php]

A small note: After adding the the additional directories, and chmodding them to 777, I still had a problem with safe mode where it failed to upload because the scripts could not access the uploaded files that apache was making (in safe mode, scripts owned by one user cannot access scripts owned by another). To get around this, I did the following from shell as root:

• Find the default owner for files on your site - I use ensim, so the first site admin, is the user 'admin1'
• Create a new group called 'wiki_users': 'groupadd wiki_users'
• Add admin1 (or whatever your admin user is) to that group: 'usermod -G wiki_users admin1'
• CD to the wiki root folder and: 'chown -R apache:wiki_users *'
• That makes all files owned by apache and members of the wiki_users group. So, apache should be able to upload and move files about, and admin1 should be able to access all scripts.

I'm not sure how secure this is - I use it on a private server, but it worked for me.

Another small note: After I tried these suggestions, my upload still didn't work. I set $wgHashedUploadDirectory to false, but made the directories writable. This worked for me.

Another HowTo
This worked for me(with a shared host under safe_mode):

 # wikiroot/images, wikiroot/images/temp, wikiroot/images/archive, wikiroot/images/thumb
 # all set to 0777 to allow apache to write to them
 $wgHashedUploadDirectory = false;
 $wgUploadPath       = "$wgScriptPath/images";
 $wgUploadDirectory  = "/absolute_path_to_wiki_root/images";

Images Not Working

Q: Can anyone help with this problem?? http://meta.wikimedia.org/wiki/Talk:Uploading_files#Images_Not_Viewable

A: I found guidance here: http://www.linuxquestions.org/questions/showthread.php?postid=1722568 . I added an index.html file to the images directory, and double-checked that my permissions were set, and it started working. Elonka 03:11, 11 November 2005 (UTC)

Fatal error: Allowed memory size of 8388608 bytes exhausted

Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 80629 bytes) in .../includes/Parser.php on line 206

Editing pages with lots of content.

php.ini -- memory_limit = 8M -- increase it.

This also resolves "The file you uploaded seems to be empty. This might be due to a typo in the file name. Please check whether you really want to upload this file." when uploading files, when all other things mentioned on this page do not work.

The memory_limit set in php.ini may be overridden by LocalSettings.php. Check for a line that says something like:

ini_set( 'memory_limit', '20M' );

In this case, update the LocalSettings.php file instead.

A related error is

PHP Fatal error:  Allowed memory size of 20971520 bytes exhausted (tried to allocate 9088 bytes) in
.../includes/Image.php on line 1230

This can happen when the specified memory limit is exhausted while the PHP function imagecreatefromjpeg operates on image files in the EXIF variant of the JPEG format as used by many digital cameras. One result of this is that the wiki will generate a blank page for the image description page.

Besides increasing the memory limit it often helps to strip the metadata that the camera inserted into the image file, for example using a tool like jhead. The discussion section in the php manual for imagecreatefromjpeg has some more info on this problem.

"Sorry, not logged in" when uploading files

If having trouble uploading files, it could be a permissions issue.

How to Upload Non Image Files?

I have to upload non image files like *.xls, *.doc etc. How to do this?

Add

$wgFileExtensions = array('gif','png','jpg','jpeg','xls','doc');

to the LocalSettings.php.

Certains types of files are banned from upload (exe, php, html, etc).

See $wgFileBlacklist in DefaultSettings.php -- Uploading Non Image File

It doesn't work --Testperson 08:07, 11 July 2006 (UTC)

Try adding $wgCheckFileExtensions = false;

It doesn't work either, but what it's explained under does: -- dgil 28 July 2006

$wgFileExtensions = array('gif','png','jpg','jpeg','xls','doc','ppt','wmv','swf');
$wgVerifyMimeType = false;
$wgStrictFileExtensions = false;
$wgCheckFileExtensions = false;

Verified. Appears to work --Graham

Template for showing links to files with appropriate icons

For a template to enable files to be shown as links with relevant icons, as well as a link to the file's wiki page, see here.

This is for wikis that support embedding external images - which is most personal, corporate and organisational wikis based on MediaWiki. Notable exceptions are Wikipedia and Meta. Because Meta can't render this template, here is an image of how the template appears: Image:PDF file example.png

Is it possible to let only some users upload Images?

Yes. The easiest way to do this, under 1.5, is to remove the upload access from users, and assign it to a separate group.

Add the line

$wgGroupPermissions['uploadaccess' ]['upload']          = true;

to the end of your /LocalSettings.php file. This overrides the following line in your /includes/DefaultSettings.php file (don't edit that file!):

$wgGroupPermissions['user' ]['upload']          = true;

Anyone you want to give upload access to, add them to the uploadaccess group (Special:Userrights). This gives them global upload access, but you can restrict it. Sysops, under this change, still keep upload access.

The file is corrupt or has an incorrect extension. Please check the file and upload again.

Q: What should I do? I add $wgFileExtensions = array( 'png', 'gif', 'jpg', 'jpeg', 'txt', 'bin', 'rpm', 'pdf', 'java', 'doc', 'ppt', 'tar.gz', 'zip', 'rar' ); but some files (such as .doc and .zip files) will not upload.

A: Mediawiki is trying to validate the mime type of your upload. You can either turn this feature off or fix it.

To turn it off:

• See: http://mail.wikipedia.org/pipermail/mediawiki-l/2005-July/005878.html , http://www.mediawiki.org/wiki/Help:%24wgVerifyMimeType
• Add $wgVerifyMimeType = false; # to LocalSettings.php

To fix it:

• See: Uploading of 'corrupt' files, http://www.mediawiki.org/wiki/Help:%24wgMimeDetectorCommand
• Add $wgMimeDetectorCommand= "file -bi"; # to LocalSettings.php on Linux
• Add $wgMimeDetectorCommand = "c:\cygwin\bin\file.exe -bi"; # to LocalSettings.php on Windows with Cygwin

Or to fix otherwise:

• Check the MIME Magic file used by PHP. In a phpinfo() section, check the mime_magic section to see if it's a) switched on (the mime_magic.magicfile exists in the php.ini & points to a correct magic-formatted file) and b) doesn't produce any errors. To check the latter, add (or alter if they exist) the lines "mime_magic.debug = On" and "display_startup_errors = On" to the php.ini & then run one of the wiki's maintenance scripts from the command line (rebuildImages.php is a good candidate) - redirect the error output to a file & check if there are any errors in the magic file. --Barthax 12:41, 31 January 2006 (UTC)
• The MIME type detection depends upon the fileinfo PECL extension. Instructions for fedora core 5 are:

yum install php-devel
pecl install fileinfo
chcon -t httpd_sys_script_exec_t  /usr/lib/php/modules/fileinfo.so
cat <<EOF > /etc/php.d/fileinfo.ini
; Enable fileinfo extension module
extension=fileinfo.so
EOF

I get a Blank Screen (IE) and a Blank Upload Form (FireFox) after uploading an image

Q: I am using apache 1.3 and wiki 1.5. Looking at the directory, the file is not uploaded. Any suggestions?

A: Check the limit of upload_max_filesize and post_max_size in your php.ini.

I did as your instruct but I still can't upload files. A blank screen is always displayed after uploading images.

• I'm experiencing the same problem. I can upload small .wmv files (which were added to the allowed uploads), but not large ones... somehow it all must be related... Jcobbers 18:40, 30 January 2006 (UTC)
• Large (>3meg) wmv files won't work (This page cannot be displayed IE error). However, small wmv's work, and large (>10meg) flash or mp3 files do work. Also, the small wmv files that upload are claimed to be MIME type: text/plain (it is not!). In LocalSettings.php I have set:

# enable other files to be uploaded
$wgFileExtensions = array('gif','png','jpg','jpeg','xls','doc','ppt','wmv','swf');
$wgVerifyMimeType = false;
$wgStrictFileExtensions = false;
$wgCheckFileExtensions = false;

I suspect the MIME type encoding is wrong. So something related to that is either choking or disabling uploads for WMV files. Jcobbers 13:53, 31 January 2006 (UTC)

I fixed it! I'm running on a linux environment, so 'file -bi <name of file>' is a valid command. When I turned ON this method of identifying the mime type in LocalSettings.php, it worked.

# Sets external mime detector program. B/c using mime_content_type($file) did not work for wmv types (returned text/plain, 
# and then it was searched for malicious code in the file--causing something to hang).
$wgMimeDetectorCommand= "file -bi"; #use external mime detector (linux)

Why did I need to do this? Because wmv files were recognized as text/plain when not using 'file -bi' -- and the Sanitizer in SpecialUpload tries to scan the file for malicious code. It is too big of a file, and it choked. For more details, read this thread [2] or contact me Jcobbers 20:58, 2 February 2006 (UTC)

I get the blank upload form too, but it's not just Firefox but all browsers (including IE and Safari). Is this a different problem or is this related? I'm not using Apache, though, and I have to use "ugly" URL's.—Gniw 20:20, 14 February 2006 (UTC)

I had this problem with large files (under Fedora Core 4 and Apache) and fixed it by increasing the memory limits in LocalSettings.php:

ini_set( 'memory_limit', '64M' ); # Did not work when set to 20M

and in php.ini

memory_limit = 64M      ; Maximum amount of memory a script may consume (8MB)
...
upload_max_filesize = 100M

15:48, 25 February 2006 (UTC)

I have it installed locally to organize my work (apache on windows,php,mysql), I did all that, still, doesn't work, cannot upload files larger than 5 or 6 megs, get a blank upload form. Ideas?

I had the same problem, tried everything above but it still didn't work. Increase the 'post_max_size' variable in php.ini.