Pdf File Upload In Joomla Extensions

Pdf File Upload In Joomla Extensions Rating: 5,0/5 2560 reviews

OSDownloads and Joomla PDFs. OSDownloads is the easiest way to add downloads to Joomla. OSDownloads gives you a flexible and reliable Joomla downloads directory that you can use to store PDFs. If you have a lot of PDFs and other files, OSDownloads is a good place to start. If you'd like a full guide to OSDownloads, click this link.

  1. Upload Pdf File To Website

Join GitHub today

GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.

Sign up New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Comments

commented May 17, 2017
edited by joomla-cms-bot

Placeholder issue to catch trending issues with Joomla 3.7.1 & incoming reports with regards to uploading issues due to new mime checks

If you are having an issue with PDFs (And other files) not uploading in Joomla 3.7.1 DONT start a new issue, post here,

Please provide a FULL file of your system information from the system information page of Joomla admin (Download as text)

Is there a bug with uploading PDF files through the Media Manager? I've tried it through Media Manager and the Ark Media Manager and neither will allow me to upload PDF files anymore.

3.7.1, php 7

added the No Code Attached Yet label May 17, 2017

commented May 17, 2017
edited

I cannot upload PDFs in Joomla 3.7.1, is ther e a new bug introduced here that I need to know about? why are these things never easy

PHP 7.0.1/Joomla 3.7.1

commented May 17, 2017

Please check the allowed mine types as we now force to check on that.

commented May 17, 2017

I have application/pdf listed in the allowed MIME types. I could upload pdfs just fine before I upgraded to 7.1

commented May 17, 2017

please try your file against this checker: http://mime.ritey.com/ and told us the result.

commented May 17, 2017

File results

The MIME type for your file is: application/pdf

commented May 17, 2017

Do you not get that error when you try to upload pdfs zero?

Joomla

commented May 17, 2017

I cannot replicate the problem, I can upload PDF's with Joomla 3.7.1 (out of the box install)

@freshlookweb Please provide a FULL file of your system information from the system information page of Joomla admin (Download as text) - and what is the full content of the Legal MIME Types box on this page on your site

/administrator/index.php?option=com_config&view=component&component=com_media

commented May 17, 2017

Having same issue with pdf files - checked all the settings ...only way i was able to get it to upload a pdf through Media Manager was
to either place pdf in the 'ignored extensions' or turn off Check MIME Types..I do have 'application/pdf' under Legal MIME Types.

Joomla was updated this morning and issue started.

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/16086.

commented May 17, 2017

@tpaljr63 Please provide a FULL file of your system information from the system information page of Joomla admin (Download as text)

commented May 17, 2017

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/16086.

commented May 17, 2017

Please add application/octet-stream to the allowed mine types.

commented May 17, 2017

Please add application/octet-stream to the allowed mine types.

As a test, and then report back here if that works for you :)

commented May 17, 2017

Removed the pdf from ignored extensions - added application/octet-stream - tested uploading a pdf through Media Manager - Success!

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/16086.

commented May 17, 2017

@tpaljr63 please try your file against this checker: http://mime.ritey.com/ and tell us the result.

commented May 17, 2017

File results
The MIME type for your file is: application/pdf

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/16086.

commented May 17, 2017

ok found the problem.

it is about the ordering of the options to check. We should first check here: https://github.com/joomla/joomla-cms/blob/staging/libraries/cms/helper/media.php#L81 and than the other. Or implement some kind of checks for application/octet-stream so that in that case the other options are checked too.

I can do a PR when i'm back at home.

commented May 17, 2017

Questions: Why would adding the 'application/octet-stream' to Legal MIME Types affect pdf upload in Media Manager since 'application/pdf' was allowed already and is there a Security Risk adding 'application/octet-stream' to the Legal MIME Types?

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/16086.

commented May 17, 2017

Thanks Zero and Phil

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/16086.

commented May 17, 2017

@tpaljr63 actually is not Joomla but the server (apache I guess) that is missing some vital info (mimes): http://stackoverflow.com/questions/13847234/apache2-server-mime-types

commented May 17, 2017

actually is not Joomla but the server (apache I guess) that is missing some vital info (mimes):

saddly not http://php.net/manual/en/function.exif-imagetype.php can only detect image mimes. So it fails on PDF files or similiar and return the application/octet-stream.

commented May 17, 2017

Sorry for my ignorance...what is the solution? Do I have to addapplication/octet-stream to all my websites or will there be a Joomlaupdate to fix this?Eric SchusterFresh Look Web Design757.646.7908eric.schuster@freshlookwebdesign.comwww.freshlookwebdesign.com
On Wed, May 17, 2017 at 1:11 PM, zero-24 ***@***.***> wrote: actually is not Joomla but the server (apache I guess) that is missing some vital info (mimes): saddly not http://php.net/manual/en/function.exif-imagetype.php can only detect image mimes. So it fails on PDF files or similiar and return the application/octet-stream. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#16086 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AbbZy5RaIMu19b23YnyLNUa24lOQnM-Rks5r6ypCgaJpZM4NeCo2> .

commented May 17, 2017

This will be looked at, and then a Pull Request made to fix this behaviour, and that, if tested, will make it into Joomla 3.7.2

commented May 17, 2017

Thanks guys. With this bug, is it wise for me to delay upgrading all 60+ ofmy websites to 7.1? Could I just wait for 3.7.2?Eric SchusterFresh Look Web Design757.646.7908eric.schuster@freshlookwebdesign.comwww.freshlookwebdesign.com
On Wed, May 17, 2017 at 2:20 PM, Phil Taylor ***@***.***> wrote: This will be looked at, and then a Pull Request made to fix this behaviour, and that, if tested, will make it into Joomla 3.7.2 — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#16086 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AbbZy55ygInU3spl-0E7mXDNqNYA-od0ks5r6zp_gaJpZM4NeCo2> .

commented May 17, 2017

Hell no. You should have already upgraded ALL your site to Joomla 3.7.1 - it is a CRITICAL security release!

commented May 17, 2017

If you can risk getting hacked, feel free to delay upgrading to 3.7.1 😈

Merged

commented May 17, 2017

Please check: #16091 and sorry for any inconvenience

commented May 17, 2017
edited

I would have said leave this open a day - so that we dont get a million and one issues all created - thats the point of starting a placeholder issue to gather everyones attention and prevent duplicates...

Its proven people dont search...

commented May 17, 2017

What just helped me with other uploads after 3.7.1.: Administrator > Content > Media > Options > Check MIME Types > No

commented May 17, 2017

@PetrCo Well lets hope you have VERY trusted users then. We would never recommend running such a setting, use at your own risk

commented May 17, 2017

What just helped me with other uploads after 3.7.1.: Administrator > Content > Media > Options > Check MIME Types > No

Sure you disable all security checks but it woud help if you could check the patch. At #16091 that should fix the issue. Thanks

commented May 17, 2017

What just helped me with other uploads after 3.7.1.: Administrator > Content > Media > Options > Check MIME Types > No
Sure you disable all security checks but it woud help if you could check the patch. At #16091 that should fix the issue. Thanks

THANKS!

commented May 17, 2017

THANKS!

Did you tested the Patch? What was the result?

commented May 17, 2017
edited

THANKS!
Did you tested the Patch? What was the result?

No, I did not, too complex for me, I am afraid. Just thank you for explaining that my 'fix' is dangerous. :-) Switching Check MIME Types > Yes. Cannot wait for new update.

commented May 17, 2017
edited

@PetrCo Well lets hope you have VERY trusted users then. We would never recommend running such a setting, use at your own risk

Got it, switching back to Yes :-)

Upload Pdf File To Website

commented May 17, 2017

I just tested the patch (3files in #16091), and I can confirm a successful upload (jpg, png, pdf).

commented May 18, 2017

Set to 'closed' on behalf of @franz-wohlkoenig by The JTracker Application at issues.joomla.org/joomla-cms/16086

commented May 18, 2017

closed as having PR #16091

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/16086.

commented May 26, 2017

I am stil having issues with this. Have updated to 3.72 running php 7.0.15.
systeminfo-2017-05-26T08_28_46-05_00.txt

commented May 26, 2017

@OrignlCin see #16238

commented Apr 4, 2018

Oke, now we are more then a year further in time, and still this problem is there. I have Joomla! 3.8.6 and can't upload a PDF. I have added application/octet-stream and even set the check mimetype to NO, but still the media manager keeps saying that it's a wrong image. Is there another solution?

commented Jun 21, 2018

I have arrived here with the same problem, I can confirm @edthenet s assertion that adding application/octet-stream doesn't solve the issue.

commented Jul 3, 2018
edited

I have no idea how the Joomla developers consider this CLOSED. But I can tell you a workaround acceptable to some non-technical content contributors:

If you use JCE, you can use the LINK editor function, which allows you to browse and upload a PDF to the very same area that was determined 'illegal'. Go figure. Hopefully they won't take this away. :D


commented Jul 3, 2018

This was closed as there is nothing else to fix in Joomla.

Check the mime type of the file you are uploading with the tool at http://mime.ritey.com/ - then decide if you are happy to whitelist that mime type, and if you are then whitelist it. Simple.

Out of the box the Joomla filter is set up to be secure. But its your site, so if you want to change the settings you can. No one is stopping you!

If, as you say, JCE Editor allows uploads were Joomla doesnt, this doesnt mean Joomla is wrong, what it probably means is Joomla is more secure, and JCE is not respecting your configured MIME Types - thus is probably less secure and allowing of uploads of insecure PDF files.

commented Jul 3, 2018

@uglyeoin I can confirm [the] assertion that adding application/octet-stream doesn't solve the issue.

Of course if your file doesnt have the mime type of application/octet-stream then that is correct - adding application/octet-stream will not solve your issue.

PDF's are notorious for being badly created by all kinds of apps. Although the P D F Format is well documented, it has many many different implementations, and PDF's can generate a lot of different mime types, from application/octet-stream to application/pdf to Unknown.

Furthermore if your server doesnt correctly determine the mime type then it can also fail to validate the mime type. This can happen if you have disabled functions in php, or not included all the required PHP extensions required for correct mime identification.

Check your PDF files with http://mime.ritey.com/ and see the different results.

Then check your server meets the requirements of Joomla.

commented Jul 3, 2018

There is more technical discussion here #16238

commented Jul 3, 2018
edited

yes as you said there is the topic of

  • doing proper configuration
  • (and) about having server with proper detection of mime ...

but the problem of @uglyeoin and @goforitweb
and of many others who result in using 3rd party media manager
is

  • the false positives during the safety checks !!

Uploaded files are always treated as text even if they are binary
searching inside the file for
<?php
.php
.js

etc

The larger the file is the bigger chance you have a having a false positive

and JCE runs with $allow_unsafe = true

Relevant issues
#15563
#20618
and
#8197

zips are not uncompressed but still they are scanned as text files
pdf are not parsed as PDF but still they are scanned as text files

commented Jul 3, 2018
edited

“This was closed as there is nothing else to fix in Joomla.” -- @PhilETaylor

I respectfully disagree. An application developer's job is to provide a solution – whether it be Media Manager or something else – as a means of uploading PDFs … unless you are saying that you are completely against PDFs being on a website at all. And if that’s the case, SAY IT! And while you're at it - tell people what content contributors should use as a document object/method instead. You're not leaving us with a solution or guidance. The threads here a read by few, and it's way down in the weeds.

Obviously JCE goes around Joomla’s methods because people wanted a way, and Joomla wanted us to be safe. While it may not be ideal, and may be true, JCE is a lot closer to a user-friendly method.

commented Jul 3, 2018

unless you are saying that you are completely against PDFs being on a website at all

Nobody's saying that. What is being said is that Joomla must be explicitly configured to support PDF uploads for various reasons and that we are not enabling this out-of-the-box. Extensions may be bypassing the Joomla upload checks, which is fine if they are doing their own checks. That's all it boils down to.

The absolute safest file upload method is to send the file to an authorized individual to perform a rudimentary virus scan and FTP upload. As a security measure, Joomla does not just arbitrarily allow any user to upload any file, there are checks in place to try and safely limit what kinds of files can be uploaded through the application since it cannot do an in-depth file scan like an offline scanner would to ensure you aren't uploading something malicious.

commented Jul 3, 2018
edited

So I'm telling my non-technical content contributors (the clients!) to 'send the file to an authorized individual (me??) to perform a rudimentary virus scan and FTP upload?' Exactly how do I do that with a straight face? 🗡

commented Jul 3, 2018

I said that's the safest, not that it would be the best option for everyone. File uploads are an inherent security risk in any application and if you're supporting them generally there should be explicit configuration about who can do them and what types of files are allowed (with appropriate server side checks before processing the upload). All I can do is say why we have our code set up in the way we do and why extensions which bypass those checks or other CMS' which don't make checks at all might be problematic down the road (not to say that any Joomla extension which bypasses the core upload processing is unsafe, they can be performing their own checks separately, I don't know the code of every extension and can't speak on it without proper audits).

commented Jul 3, 2018
edited

I understand your point of view, i.e. of the developer. I really do. I used to be one many moons ago. :D

But you also know that DropBox still has ~45% of the market share with its shoddy security despite losing masssive amounts to its competitors. I won't even mention WP. Oops!

I think the happy medium here is to provide visible guidance (possibly in the Media Manager?) where content contributors learn and decide which route they want to take.

Leaving it up to the front line support people to do the unenviable task of explaining the almost-unexplainable is Chicken $hit. We're your promoters! Why hang us? Show the right way. Design a real solution and then market the difference!

commented Jul 4, 2018

I added one more solution #20968

Open
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
20 reviews

Introduction

Did you know that you can embed PDF files in content just like you put flash and other media? Well, this plugin from Techjoomla does exactly that - it allows you to embed PDF files in your content.

You can load an external PDF file in your content very easily using this plugin.
1. Google Viewer Support: This feature is offered by Google Docs. With this you can embed PDF files in a web page. And, the pretty part is - you don't have to be upload PDF files to Google Docs, but those files need to be available online somewhere.

  1. PDF.js Support: It is a community-driven Portable Document Format (PDF) viewer that is built with HTML5 and supported by Mozilla Labs. It is a general-purpose, web standards-based platform for parsing and rendering PDFs.

  2. Editor button plugin for embedding PDF files quickly using PDF Embed plugin.

For our other extensions, visit our Techjoomla website.

PDF Embed

Version:
2.1.8
Developer:
Techjoomla
Last updated:
Oct 10 2018
Date added:
Nov 19 2014
License:
GPLv2 or later
Type:
Free download
Includes:
Compatibility:
3
Download

Uses Joomla! Update System


Write a review