When uploading files my clients get an error

When my clients try to upload doc or ppt files it doesn't allow them to send documents.
They get this error:
Error uploading filename.docx file: Sorry, this file type is not permitted for security reasons.

  • Panos

    Hi Phillip Roru ,

    Could you please add the following snippet in a mu-plugin:

    add_filter( 'incsub_support_allowed_mime_types', function( $mime_types ){
    
    	$additional_mime_types = array(
    		'doc' 		=> 'application/msword',
    		'docx'		=> 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
    		'ppt' 		=> 'application/vnd.ms-powerpoint'
    	);
    
    	return array_merge( $mime_types, $additional_mime_types );
    
    }, 10, 1 );

    You could add it in your theme's functions.php file, but since you are using multisite it is better you use mu-plugin. Simply create a folder called "mu-plugins" in your wp-content filder if it doesn't exist. In the mu-plugins folder create a new php file ( eg support-mimes.php ). Open that file and add the "<?php" tag, add a new line and then paste the above code.

    You may still have issues with docx, in such case try adding:

    add_filter( 'upload_mimes', function( $mimes ){
    
    	$mimes['docx'] = 'application/vnd.openxmlformats-officedocument.wordprocessingml.document';
    	return $mimes;
    
    }, 20 );

    If it still doesn't accept docx you should ask your host if there is any limitation for that mime type.

    Hope this helps!

    Cheers!

  • Phillip Roru

    Hi Panos,

    I have done everything you ask but nothing works. I have contacted my hosting provider and they confirmed that they support all those mimes. They think that is something with the application (Support plugin) that is not recognizing or accepting those mimes.

    Can you please re-test and see why this is happening? By the image, I attached you I see clearly that the plugin does not support those files.

    I have attached two files (docx and pptx) so you can test on your side.

    Let me know.
    Thanks!

  • Panos

    Hi Phillip Roru ,

    It doesn't seem to be related to plugin. By default plugin does have some limitations regarding mime types, but the filter above should fix this. However you should be able to notice same limitation on your admin > Media > Add new, so the limitation is not from plugin.

    Currently I have added the above snippets in file wp-content/mu-plugins/support-mimes.php included with some cap addition:

    add_filter( 'incsub_support_allowed_mime_types', function( $mime_types ){
    
    	$additional_mime_types = array(
    		'doc' 		=> 'application/msword',
    		'docx'		=> 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
    		'ppt' 		=> 'application/vnd.ms-powerpoint'
    	);
    
    	return array_merge( $mime_types, $additional_mime_types );
    
    }, 10, 1 );
    
    add_filter( 'upload_mimes', function( $mimes ){
    
    	$mimes['docx'] = 'application/vnd.openxmlformats-officedocument.wordprocessingml.document';
    	return $mimes;
    
    }, 20 );
    
    add_filter( 'map_meta_cap', function( $caps, $cap, $user_id, $args ){
    
    	if ( $cap == 'unfiltered_upload' ) {
    		$caps = array();
    		$caps[] = $cap;
    	}
    
    	return $caps;
    
    }, 10, 4 );

    I tested on your site and seems to be working. Could you please try on your side? In order to test please open that file to edit and un-comment the code. After testing let us know how it went so we add some limitation on the caps, perhaps check if user has subscription.

    Thanks!

  • Panos

    Hi Phillip Roru ,

    This limitation is to increase security by not allowing specific file types to be uploaded which could harm your site in any way, eg a php file can contain code to delete you database entries etc.

    For some reason the "upload_mimes" filter doesn't affect the allowed mimes for non-admins. Therefor I used the "map_meta_cap" and gave the "unfiltered_upload" capability so files are not filtered. This is unsafe so I have changed it to:

    add_filter( 'map_meta_cap', function( $caps, $cap, $user_id, $args ){
    
    	if( ! isset( $_FILES['support-attachment'] ) ){
    		return $caps;
    	}
    
    	$allowed_mimes = array(
    		'jpg' =>'image/jpg',
    		'jpeg' =>'image/jpeg',
    		'gif' => 'image/gif',
    		'png' => 'image/png',
    		'zip' => 'application/zip',
    		'gz|gzip' => 'application/x-gzip',
    		'rar' => 'application/rar',
    		'pdf' => 'application/pdf',
    		'txt' => 'text/plain',
    		'doc' => 'application/msword',
    		'docx' => 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
    		'ppt' => 'application/vnd.ms-powerpoint',
    		'pptx' => 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
    	);
    
    	$allowed_extensions = array( 'jpg', 'jpeg', 'gif', 'png', 'zip', 'gz|gzip', 'rar', 'pdf', 'txt', 'doc', 'docx', 'ppt', 'pptx' );
    
    	$filename = $_FILES['support-attachment']['name'][0];
    	$filetype = $_FILES['support-attachment']['type'][0];
    	$ext = pathinfo( $filename, PATHINFO_EXTENSION );	
    
    	if( ! in_array( $ext, $allowed_extensions ) || ! isset( $allowed_mimes[ $ext ] ) || $allowed_mimes[ $ext ] != $filetype ) {
    	    return $caps;
    	}
    
    	if ( $cap == 'unfiltered_upload' ) {
    		$args = array(
                		'user_id' => $user_id,
            	);
    
        		$args['meta_query']['status'] = array(
                            'key' => 'status',
                            'value' => array( 'trial_expired', 'expired' ),
                            'compare' => 'NOT IN',
                    );    
    
        		$user_subscriptions = MS_Model_Relationship::get_subscriptions( $args );
    
        		if( ! empty( $user_subscriptions ) ){
    			$caps = array();
    			$caps[] = $cap;
    		}
    	}
    
    	return $caps;
    
    }, 99999, 4 );

    This does a custom filtering for allowed mimes. It also checks if user has active subscription as I noticed the support index page is protected by Membership2. Please let me know if you do not need this condition.

    I have also kept the :

    add_filter( 'incsub_support_allowed_mime_types', function( $mime_types ){
    
    	$mime_types[ 'doc' ] = 'application/msword';
    	$mime_types[ 'docx' ] = 'application/vnd.openxmlformats-officedocument.wordprocessingml.document';
    	$mime_types[ 'ppt' ] = 'application/vnd.ms-powerpoint';
    	$mime_types[ 'pptx' ] = 'application/vnd.openxmlformats-officedocument.presentationml.presentation';
    
    	return $mime_types;
    
    }, 99999, 1 );

    so the file extensions are visible in the support ticket form.

    Please do some tests and let us know how it goes

    Cheers!