Page 1 of 1

WordPress – Upload banned File Types to Media Library

WordPress – Upload banned File Types to Media Library
   11

WordPress handles media files through it’s Media Library and in it’s default installation only certain file types, or better said: MIME-types, are allowed to be uploaded.

The current selection of allowed file types (ie.the file types that are not banned) can be rather limiting specially when you’re using bbPress as a forum wiht your WordPress setup. I’m not sure about the need for additional formats for all bbPress forums, but in the Tweaking4All forum I most certainly would like to be able to upload RAR, 7z, GZIP, XML and CSV files (amongst others).

Unfortunately WordPress does not offer a straight forward interface in the Admin Pages to modify the allowed Files Types.
In this article a short piece of code to allow you to add other file types or so called mime-types.




Standard Support File Types in WordPress

WordPress supports a standard set of file or MIME types (a.k.a. file types or Internet Media types) – I’m sure this list changes over time, so consider looking at the source of this information when looking for what files to add or not in the WordPress Accepted FileTypes page or the WordPress Codex on Uploading Files.

Currently, at the time that I’m writing this article, these formats are allowed:

Images: .gif, .jpg, .jpeg, .png

Documents.pdf, .doc, .docx, .ppt, .pptx, .pps, .ppsx, .odt, .xls, .xlsx, .zip

Audio: .mp3, .m4a, .ogg, .wav

Video: .mp4, .m4v, .mov, .wmv, .avi, .mpg, .ogv, .3gp, .3g2

Please keep in mind that files might be rejected based on other criteria, for example lack of disk space, because the file is larger than the maximum allowed file size or because your web-host does not allow particular files.

Note : If you’d like to allow larger files, you’ll need to edit the PHP configuration file (php.ini) and add or set the following lines in php.ini (the example allows files up to 32 Mb):


1
2
upload_max_filesize = 32M
post_max_size = 32M

Add Allowed File Types to WordPress

The approach in this article is straight forward: We will ADD file/MIME types to the existing list of allowed file types.

PAY ATTENTION TO SECURITY RISKS 

Before adding random file/MIME types: please think about possible security issues.

For example HTML (.htm, .html), JavaScript (.js) and PHP (.php) file are types you’d better avoid as they can be “executed” on your server where you really would not want that to happen. For most of these kind of files, this should not be a problem though as these files are better off being compressed into a ZIP file anyway.

Only add file types that you REALLY need and that you are comfortable with.

A full list, maintained by IANA, of MIME types can be found in the Media Types Overview.

The following code must be added to the functions.php file of your theme.

It will add the following file types:

Data files: CSV, XML,
Compressed files: 7z, RAR, TAR, TGZ, ZIP, GZ, GZIP
Application packages: APK, DEB, RPM
Disk images: IMG, ISO
Fonts: TTF, WOFF


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
add_filter('upload_mimes', 't4a_add_custom_upload_mimes');

function t4a_add_custom_upload_mimes($existing_mimes){
    return array_merge($existing_mimes, array(
        'csv' => 'application/octet-stream',
        'xml' => 'application/atom+xml',
        '7z' => 'application/x-7z-compressed',
        'rar' => 'package/rar',
        'tar' => 'package/x-tar',
        'tgz' => 'application/x-tar-gz',
        'apk' => 'application/vnd.android.package-archive',
        'zip' => 'package/zip',
        'img|iso' => 'package/img',
        'gz|gzip' => 'package/x-gzip',
        'deb|rpm' => 'package/x-app',
        'ttf|woff' => 'application/x-font') );
    return $existing_mimes;
}

In essence it takes the existing array of allowed file types ($existing_mimes) and we simply add the ones we want additionally. The “new” array will then be returned to WordPress.

  Don’t forget that this is only EXAMPLE code – you’ll have to modify it to match your needs.

And that’s all folks … 

Donation options


Donations are very much appreciated, but not required. Donations will be used for web-hosting expenses, project hardware or a motivational boost (a drink or snack). Thank you very much for those have donated already! It's truly AwEsOmE to see that folks like our articles and small applications.

Comments


There are 11 comments. You can read them below.
You can post your own comments by using the form below, or reply to existing comments by using the "Reply" button.

  • Nov 26, 2014 - 8:22 AM - Kamiyab Comment Link

    can i upload ‘xap’ windows app file

    plz give me code of ‘xap’ app

    Reply

    Kamiyab

    • Nov 26, 2014 - 8:52 AM - hans - Author: Comment Link

      Hi Kamiyab,

      according to the xap Wiki information you simple add:

      'xap' => 'application/x-silverlight-app',

      (for example right after line #15)

      Note that they also state that xap will be replaced with APPX (wiki) – I presume it will have the same MIME code, but I cannot verify this. So that could potentially be:

      'appx' => 'application/x-silverlight-app',

      Hope this helps …

      Reply

      hans

  • Nov 29, 2014 - 6:32 AM - Kamiyab Comment Link

    know say me about ‘obb’  file …..code

    Reply

    Kamiyab

    • Nov 30, 2014 - 3:06 AM - hans - Author: Comment Link

      To find out what to do for a file, I simply Google the extension with the phrase “mime” added. So in this example:

      obb mime

      This way you’ll find a description of the filetype and it’s mime type. In the example of an “obb” file:

      Category: Archive files
      Application: Android SDK
      Mime-type: application/octet-stream

      Based on this you can compile your own file type exception:

      'obb' => 'application/octet-stream',

      Repeat this for all file extensions you need … 

      Please feel free to post them here so others might be saved the work as well … 
      Hope this helps!

      Reply

      hans

  • Jan 6, 2016 - 9:03 AM - Keith Comment Link

    What about .ai and .indd

    Reply

    Keith

    • Jan 6, 2016 - 11:46 AM - hans - Author: Comment Link

      Hi Keith,

      you can look those up at Dottoro Web Reference (I have to admit that I had to Google it as well).

      So the code would become (adding .ai and .indd):

      add_filter('upload_mimes', 't4a_add_custom_upload_mimes');
      
      function t4a_add_custom_upload_mimes($existing_mimes){
          return array_merge($existing_mimes, array(
              'ai' => 'application/postscript',     // Adobe Illustrator
              'indd' => 'application/x-indesign', // Adobe Indesign
              'csv' => 'application/octet-stream',
              'xml' => 'application/atom+xml',
              '7z' => 'application/x-7z-compressed',
              'rar' => 'package/rar',
              'tar' => 'package/x-tar',
              'tgz' => 'application/x-tar-gz',
              'apk' => 'application/vnd.android.package-archive',
              'zip' => 'package/zip',
              'img|iso' => 'package/img',
              'gz|gzip' => 'package/x-gzip',
              'deb|rpm' => 'package/x-app',
              'ttf|woff' => 'application/x-font') );
          return $existing_mimes;
      }

      Reply

      hans

  • Oct 20, 2016 - 2:04 AM - Johng906 Comment Link

    Thanks for sharing it ebbbeadaadeb

    Reply

    Johng906

    • Oct 20, 2016 - 8:35 AM - hans - Author: Comment Link

      Thanks for taking the time to post a “thank-you” – it’s much appreciated 

      Reply

      hans



Your Comment …

Friendly request to not post large files here (like source codes, log files or config files). Please use the Forum for that purpose.

Please share:
*
*
Notify me about new comments (email).
       You can also use your RSS reader to track comments.


Tweaking4All uses the free Gravatar service for Avatar display.
Tweaking4All will never share your email address with others.