Jump to:

23371 Posts in 18161 Topics by 2865 members

General Questions

SilverStripe Forums » General Questions » FileIFrame "Ignoring" Allowed Extensions

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 1404 Views
  • Ben Gribaudo
    Avatar
    Community Member
    181 Posts

    FileIFrame "Ignoring" Allowed Extensions Link to this post

    Hello,

    How do you get FileIFrame->setAllowedExtensions() to work?

    While using trunk (revision 74232) today, I noticed that even though I had a call to $fileField->setAllowedExtensions(array('pdf')); appropriately located in getCMSFields(), uploads weren't constrained to files with the pdf extension. Upon further investigation, I found that getCMSFields() is only called when the given page is loaded into the editor. Subsequent FileIFrame activity (such processing an upload) doesn't reload the entire page, meaning that getCMSFields() is not called. When uploading a file, a new FileIFrame instance is created which does not know about the call to setAllowedExtensions() in getCMSFields(). So we have a problem.

    Any ideas on how to work around this?

    Thanks,
    Ben

  • ajshort
    Avatar
    Community Member
    244 Posts

    Re: FileIFrame "Ignoring" Allowed Extensions Link to this post

    It's a known bug - FileIFrameField and ImageField are currently based on a hacky Image_Uploader class that is completely decoupled from the original form (they were created before the nested controller stuff). This means that setAllowedExtensions, setMaxFileSize() and setFolderName() won't work. Permissions are a bit fudgy as well.

    There's currently a couple of tickets in trac about getting this sorted - and I'm waiting for a patch of mine to fix this to be reviewed (and hopefully merged ).

  • Ben Gribaudo
    Avatar
    Community Member
    181 Posts

    Re: FileIFrame "Ignoring" Allowed Extensions Link to this post

    Thanks for the info, AJ! What's your patch's ticket #?

    Ben

  • Judge
    Avatar
    Community Member
    79 Posts

    Re: FileIFrame "Ignoring" Allowed Extensions Link to this post

    Is this issue still open? I'm finding setFolderName() and other limits are being ignored when the AJAX uploads are used with FileField and FileIFrameField. I'm using SS 2.3.4

    Seems like a bit of a security hole too...?

    -- Jason

    1404 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.