Multi File Upload and restricted filetypes
-
Hey,
the multi file upload field is not checking the file type restrictions.
- Add “Multi file upload” Field into your form
- Set the allowed file types (.pdf, .jpg, .jpeg, .png) in my example
- Try to upload a file and change in the Explorer Screen (Windows) on the bottom right corner the Filetype Restriction to all Files
- Upload a XLXM File … and see the world burning in HR
The single file upload checks the selected file and pops a js alert box.
Is this the intended way?
Greetings
Danny[Moderator note: Please, No bumping].
-
Hey Stefan,
ich hab in einem anderem Projekt eine API an die Formulare angebunden und prinzipiell könnte man mit mit diesem Hook sich einklinken und prüfen was für Dateien übermittelt worden sind. Bevor das Plugin überhaupt etwas davon mitbekommt, ist aber jetzt kein fertiger Code aber ein Entwickler weiß was zu machen wäre.
Unsere Kunden haben da bisher noch nicht so das Spam Problem gehabt, daher hab ich es noch nicht für nötig gehalten aktiv einzugreifen.
Grüße
Dannyadd_action( 'wp_ajax_nopriv_jobslisting_apply_now', 'job_entry_store_tmp_files', 9); add_action( 'wp_ajax_jobslisting_apply_now', 'job_entry_store_tmp_files', 9); function job_entry_store_tmp_files(){ $allowed_file_types = array( 'png' => 'image/png', 'jpe' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'jpg' => 'image/jpeg', 'gif' => 'image/gif', 'tiff' => 'image/tiff', 'tif' => 'image/tiff', 'pdf' => 'application/pdf', 'xlsx' => 'application/vnd.ms-excel', 'docx' => 'application/msword', ); // Check for files extension and throw error for form foreach($_FILES as $key => &$file){ // Grab MIME type $mime_type = mime_content_type($file['tmp_name']); if (! in_array($mime_type, $allowed_file_types)) { // File type is NOT allowed. // Throw Error msg for the the form } } }
The topic ‘Multi File Upload and restricted filetypes’ is closed to new replies.
