We're getting a file upload error for .msg files. They are in the file attachment filter and the file is below the maximum file size threshold. I just updated to 1.17.3 yesterday.
Thanks.
File Upload Error - Undefined 500
Do you have the php-fileinfo extension installed/enabled? If not, I'd highly recommend doing so.
Cheers.
- Edited
It is installed/enabled, yes. KevinTheJedi
Inspect the page from the browser, go to the Network tab, upload the file, let it fail, click the request in the Network tab, and click the Response tab. What does it say there?
Cheers.
KevinTheJedi Invalid File
For verification:
Your browser is sending a MIME type that doesn’t match what PHP sees as the real MIME type. You will need to do some debugging. I’ll post a diff soon that will help you debug.
Cheers.
Here is a diff:
diff --git a/include/class.forms.php b/include/class.forms.php
index 19f825c2d..caa8fb7cc 100644
--- a/include/class.forms.php
+++ b/include/class.forms.php
@@ -3973,6 +3973,7 @@ class FileUploadField extends FormField {
}
static function isValidFile($file) {
+ var_dump($file['type'], FileObject::mime_type($file['tmp_name']));die;
// Make sure mime type is valid
if (strcasecmp(FileObject::mime_type($file['tmp_name']),
$file['type']) !== 0)When you apply these changes, inspect the page and everything like the above, and look at the response you get in the Network tab. The first value will be the mime-type your browser is sending and the second value is what PHP is determining the mime type is (by scanning the file itself).
Cheers.
KevinTheJedi This is what I get:
string(0) ""
string(26) "application/vnd.ms-outlook"
- Best Answerset by dsmcdonough
KevinTheJedi You are correct, that fixed it! Thanks Kev.
5 days later
- Edited
KevinTheJedi
We have this issue too wit zip-files. We added the line and check the network tab. When i upload a zip files this appears in the network tab:
string(28) "application/x-zip-compressed"
string(15) "application/zip"
When i add the file from your pull request, the file is added to the ticket, but no email was sent to the customer...
Applying the changes shouldn’t affect email sending unless you messed something up.
Cheers.
I'm having almost the same problem after the 1.17.3 version upgrade.
On our configuration we dont have any excepcion about MIME types and no exclusion list, but we now cant upload files with .png extension. All the other file extension we can upload without any problem. only .png returns "undefined 500" error on upload. With version 1.17.2 it was working just fine.
I've tried the fix posted here but the problem remains the same.
- Edited
Then that means the MIME type your browser is sending does not match what PHP sees as the actual MIME type. You can run the debug statements mentioned above to confirm. If so there is nothing you can do except disable the check but you will open yourself up to security vulnerabilities. Do so at your own risk. We are looking into what else we can do as it appears the magic database compiled with PHP doesn't have all file mime types which is ass.
Cheers.
Hi Kevin,
First of all, thanks for your reply. I'm using the latest version of Microsoft Edge, If i go back to my backup version on 1.17.2 i dont have that "problem", php and mysql on the server are all the same versions. On my osTicket instalation this only happens on this new version. Should we wait for "fix"?
Thanks once again.
Correct, in v1.17.3 we added further checks on file uploads for security reasons. I will quote my previous reply below:
If so there is nothing you can do except disable the check but you will open yourself up to security vulnerabilities. Do so at your own risk. We are looking into what else we can do as it appears the magic database compiled with PHP doesn't have all file mime types which is ass.
Cheers.
KevinTheJedi
Understood Kevin. Thanks for your support and work!
KevinTheJedi What lines do we remove for the checks?
Is it the two functions "isValidFileType"?