File upload to forum

4 posts / 0 new
Last post
Emil
Emil's picture
File upload to forum

Is there a way to upload normal files to the forum, not just pictures?

Paul
Paul's picture
File upload enabled

I have added a file upload field. There should be a File Upload button below the Image Upload. It lists the types of files allowed:

txt, pdf, odt, doc, docx, rtf, zip, gz, tar, vcf, odp, ppt, pptx, pps, csv, sql, ods, xls, xlsx, mp3, mpg, mp4, mov, xml, sh, php, pl, c, cpp, h, hpp, js, html

Let me know what I missed and if you have any trouble.
This is turned on in the Blogs, too. I set the limit to 5 files per blog. I haven't found a way to turn it on in the comments yet. So for now, to attach a file, it will have to be a Forum topic or blog page.

Emil
Emil's picture
Upload works, but file can't be accessed

Get this message when trying to read an attachment after upload to the forum:

Forbidden
You don't have permission to access /d/uploads/usbpower.sh on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Paul
Paul's picture
.htaccess problem?

I thought I had fixed that. The files are there and are readable by anyone. I think the problem is with the /d/.htaccess file. I think it restricts you from accessing .sh files.


#
# Apache/PHP/Drupal settings:
#

# Protect files and directories from prying eyes.
<FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\..*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock))$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig\.save)$">
  Order allow,deny

How do I over ride this in /d/uploads? Are there any security implications? I guess all the files in uploads should be non executable to avoid accidents?

Log in to post comments