Restrict WordPress Users from Uploading Audio & Video Media File Types


New versions of WordPress are usually a good thing. They bring improvements and new features. But when I saw the changes that came in WP 3.3 recently, I knew it was going to cause me problems in one area – the media uploader in the visual editor.

The media uploader in old version of WordPress had separate buttons for each media type (images, audio, video).

This was a good thing for me because I have site where users are allowed to post content. I was fine with having them upload images but didn’t want them uploading audio or video. And so I used a plugin called Adminimize that let me remove whatever media icons I wanted from the visual editor for certain users.

The Problem with WordPress 3.3

In WordPress 3.3, however, the separate media buttons have all been combined into one button.

Removing the one and only button wasn’t an option, of course, and so I had to go in search for a solution.

In the process, I found a lot of people had this request to restrict audio and video uploads. I also came across a few options that would seem to do the trick (with limitations).

Plugin Solution

The first option is a plugin called Restrict Uploads. This plugin restricts uploads to image files (jpg, gif, png). This plugin has no settings page. Simply activate it, and it will begin restricting file uploads to those three “MIME” types.

Code Solution

I also found a number of snippets of code across the web that would do the same thing. And so if you prefer adding code to your functions file, then this code (from WPSnipp) will do the same thing as the plugin above.

Put this at the bottom of the functions file in your theme –  Appearance >> Editor >> Theme Functions (functions.php)

add_filter('upload_mimes','restrict_mime');

function restrict_mime($mimes) {

$mimes = array(

'jpg|jpeg|jpe' => 'image/jpeg',

'gif' => 'image/gif',

);

return $mimes;

}

The Limitations of These Solutions

Both of these solutions have the same limitation, however. Neither allows ANYONE to upload other file types, not even the Administrator.

For some this won’t matter. But if you need an Administrator or an Editor to have unlimited permission (“unfiltered upload” capability), then you’re out of luck.

I looked and looked for a solution that would allow more flexibility, but I haven’t found one yet. If anyone knows of a solution, please mention it in the comments.

Photo: Closed Area from BigStock

7 Responses

    • Author

      Terran – That’s what I was thinking. But I just copy code, I don’t write it. So I thought I’d put this out there to see what readers suggested. (Didn’t want to bother WPMUDev tech guys until I saw what kind of feedback I got.)

      Do you know exactly how it would go in order to let Admins and Editors upload files?

  • Design Lord, Child of Thor

    Gotcha. Try this:

    add_filter(‘upload_mimes’,’restrict_mime’);
    function restrict_mime($mimes) {
    if(!current_user_can(‘administrator’)){
    $mimes = array(
    ‘jpg|jpeg|jpe’ => ‘image/jpeg’,
    ‘gif’ => ‘image/gif’,
    );
    return $mimes;
    {
    }

    If that’s unclear, I just put if(!current_user_can(‘administrator’)){ } around everything inside the function

    This should make the filter only do something (ie restrict the file types) when the current user is NOT an admin.

    • @Terran. thanks for the advice.

      I was having a similar issue – I wanted to restrict MIME types as I added upload functions to my forum (bbpress attachments plugin). I found a guy who wrote a plugin, but never submitted it – it’s just in code. Not being a coder, but understanding logic, I realized that it was pretty easy to edit, and it made sense to add it as a plugin, so it could be deactivated or easily deleted from the server.

      he didn’t have restrictions by admin, just for everyone. He also limited it to just jpeg and doc. Here’s my modification:

      'application/pdf',
      'doc|docx' => 'application/msword',
      'jpg|jpeg|jpe' => 'image/jpg',
      'tif|tiff' => 'image/tiff',
      'png' => 'image/png',
      'gif' => 'image/gif',
      'mp3|m4a|m4b' => 'audio/mpeg',

      );
      return $mime_types;
      }}
      }
      // If the function exists this file is called as post-upload-ui.
      // We don't do anything then.
      if ( ! function_exists( 'fb_restrict_mime_types_hint' ) ) {
      // add to wp
      add_action( 'post-upload-ui', 'fb_restrict_mime_types_hint' );
      /**
      * Get an Hint about the allowed mime types
      *
      * @return void
      */
      function fb_restrict_mime_types_hint() {
      echo '';
      _e( 'Accepted MIME types: PDF, DOC/DOCX, JPG/JPEG, TIF/TIFF, PNG, GIF, MP3/M4A/M4B' );
      }
      }

      Now it worked fine, except I’m not sure that the part I grabbed from the above comment (to allow admins any upload) worked. Of course, as an admin, I can deactivate the plugin, add the needed files, and reactivate it again, but I’m thinking I just missed something in putting the (simple I know) codes together.

      Do you see what/if I’ve done something wrong?

  • Solution :
    Step 1 : Change the theme
    Step 2 : Clear the cache
    Step 3 : Go to your editor
    Step 4 : Change to ‘HTML’
    Step 5 : Change to ” Visual Editor’
    Step 6 : Now you can find the Visual Editor Options
    Step 7 : Change to your original theme

    If Problem Persists, Add ‘ WP-Super Edit / Use Google Library ‘ Plugins, then check it. :)

Comments are closed.