Upload file which contain no extension into wordpress?

Question

Wordpress version:4.7.9.

define('ALLOW_UNFILTERED_UPLOADS', true);

The statement was written into wp-includes/functions.php.
Edit a simple file named test which contain no any extension.

vim test
to upload the file which contain no file extension.

Get the error when to upload the file test.

This file type is not allowed. Please try another.

Rename the file test into test.txt.
And add the following into wp-includes/functions.php.

add_filter('upload_mimes','custom_upload_mimes');
function custom_upload_mimes ( $existing_mimes=array() ) {
     $existing_mimes['txt'] = 'application/txt';
     return $existing_mimes;
     }

The file test.txt can be uploaded successfully.
It is no use to set in the configure file wp-config.php.

define('ALLOW_UNFILTERED_UPLOADS', true);

I am using a child of twentyfourteen.

Here is my /var/www/html//wp-content/themes/twentyfourteen-child/functions.php

<?php
define('ALLOW_UNFILTERED_UPLOADS', true);
function my_theme_enqueue_styles() {

$parent_style = 'twentyfourteen-style'; // This is 'twentyfourteen-style' for the Twenty Fourteen theme.


wp_enqueue_style( $parent_style, get_template_directory_uri() . '/style.css' );
wp_enqueue_style( 'child-style',
get_stylesheet_directory_uri() . '/style.css',
array( $parent_style ),
wp_get_theme()->get('Version')
);
}
add_action( 'wp_enqueue_scripts', 'my_theme_enqueue_styles' );
remove_filter('the_content', 'wptexturize');
remove_filter('the_excerpt', 'wptexturize');
remove_filter('comment_text', 'wptexturize');
?>

It can't take any effect.

Answer 1

The real problem is not with WordPress's backend but it's frontend validation. The uploader is handled by Plupload and by default, WordPress is only checking if you have defined ALLOW_UNFILTERED_UPLOADS in the uploading progress, without really tweaking the frontend plugin's filter validation with the value. Perhaps a small frontend glitch.

As you can see, WordPress is always rendering the following default settings:

var _wpPluploadSettings = {"defaults":{"file_data_name":"async-upload","url":"\/wp-admin\/async-upload.php","filters":{"max_file_size":"268435456b","mime_types":[{"extensions":"jpg,jpeg,jpe,gif,png,bmp,tiff,tif,ico,asf,asx,wmv,wmx,wm,avi,divx,flv,mov,qt,mpeg,mpg,mpe,mp4,m4v,ogv,webm,mkv,3gp,3gpp,3g2,3gp2,txt,asc,c,cc,h,srt,csv,tsv,ics,rtx,css,htm,html,vtt,dfxp,mp3,m4a,m4b,ra,ram,wav,ogg,oga,flac,mid,midi,wma,wax,mka,rtf,js,pdf,class,tar,zip,gz,gzip,rar,7z,psd,xcf,doc,pot,pps,ppt,wri,xla,xls,xlt,xlw,mdb,mpp,docx,docm,dotx,dotm,xlsx,xlsm,xlsb,xltx,xltm,xlam,pptx,pptm,ppsx,ppsm,potx,potm,ppam,sldx,sldm,onetoc,onetoc2,onetmp,onepkg,oxps,xps,odt,odp,ods,odg,odc,odb,odf,wp,wpd,key,numbers,pages"}]},"multipart_params":{"action":"upload-attachment","_wpnonce":"9ee7fbf228"}},"browser":{"mobile":false,"supported":true},"limitExceeded":false};

A temporary fix to the problem before they fix it on their end would be hooking in the filters WordPress is calling to generate the frontend settings, plupload_default_settings.

Add the filter in your functions.php:

add_filter('plupload_default_settings', function ($settings) {
    if (defined('ALLOW_UNFILTERED_UPLOADS') && ALLOW_UNFILTERED_UPLOADS) {
        unset($settings['filters']['mime_types']);
    }

    return $settings;
});

This will allow you to upload your test via the uploader. Since WordPress is checking already in the backend, as long as you have defined it in your wp-config.php that ALLOW_UNFILTERED_UPLOADS is true, it should be uploaded properly.

Answer 2

Chin Leung answer works quite nicely, the only caveat is that any file extension can be uploaded.

The method below needs ALLOW_UNFILTERED_UPLOADS set to false (or simply not set on wp-config or functions.php) and it allows file without extensions and blocks extensions not allowed:

add_filter('upload_mimes', function ( $mimes ) {
    $mimes['*'] = 'text/plain';
    return $mimes;
});

add_filter( 'wp_check_filetype_and_ext', function ( $types, $file, $filename, $mimes) {
    # If filename doesn't containg a dot '.', allow upload
    if( false === strpos( $filename, '.' ) ) {
        $types['ext'] = '*';
        $types['type'] = 'text/plain';
    }
    return $types;
}, 10, 4 );

Answer 3

Add below code at the head of your wp-config.php file:

define('ALLOW_UNFILTERED_UPLOADS', true);

Note: For upload new file in media, go to below URL:

http://example.com/wp-admin/media-new.php

Instead of:

http://example.com/wp-admin/upload.php

Because in upload.php, mime type validation is done by Javascript.

Answer 4

Make sure there isn't a security plugin or other plugin that overrides your define('ALLOW_UNFILTERED_UPLOADS', true); :)

I would suggest first to scan for ALLOW_UNFILTERED_UPLOADS through your site files and see what pops up.

Also update to latest version of WordPress if you haven't already, since the error message you are getting is different from the one I get.

Answer 5

You do not want to paste this into your /functions.php file but in your /wp-config.php file.

Alternatively, you can create MIME's for specific file types by pasting this into your /functions.php file, like you have done.