Note: The second solution presented in this post consists of a core modification, which means that a future update can overwrite your changes. Always document your core modifications so that you can re-apply them after an update.
During the past weekend, we updated the website of one of our clients to Joomla 3.7.5 from Joomla 3.6.5 as we thought the former was stable enough. Yesterday, the client emailed us and told us that whenever they upload a PDF file through the media manager, they were seeing the following error…
Invalid mime type detected.
…and, of course, the upload was failing.
We investigated the issue and it turned out that there was a change in Joomla’s 3.7.x file checking process: In Joomla 3.6.5, a function called canUpload (in the media.php file which is located in the libraries/cms/helper folder) checks if the file uploaded is legal (e.g. it is allowed). If it is, then it allows the upload. In Joomla 3.7.x, the same function, canUpload, is triggered, but, in a default scenario, it also tries to guess the MIME type of the uploaded file using the function getMimeType. If it can’t (for any reason), then it returns false, and will display the above error.
Now the question is, what is a MIME type?
MIME is acronym for Multipurpose Internet Mail Extension, and it is just a string representing the type of a file and is typically used by the browser to know which type of software to launch to display a certain file. For example, if the MIME type of a file is application/pdf, then the browser will know that it needs to open the Acrobat Reader software to display the file. On the server end, the MIME type is often used to know the type of the file being uploaded, in order to decide whether to allow the upload or not.
However, the PHP function that is used to return the MIME type, which is mime_content_type, is an unstable function. In fact, this function was deprecated and then un-deprecated. There is, however, another method to return the MIME type, and it is by using the function finfo_open to return a fileinfo object out of a file and then using the function finfo_file to return the MIME type of the file. Now the problem with the last method is that it requires the PECL PHP library installed, which is not installed by default. The function getMimeType which is called by the function canUpload, first uses the first method to determine the MIME type of the uploaded file, and then it uses the second method. If it can’t determine the MIME type of the uploaded file using either method, then it returns false, leading to the Invalid mime type detected error.
So, what is the solution to the problem?
Since the MIME type check is done only when the Restrict Uploads setting in the Media Manager configuration is set to “Yes”, then a very quick solution would be to change that setting to “No” by logging in to the backend of the Joomla website, and then going to Content -> Media, and then clicking on Options on the top right, and then flipping the value of Restrict Uploads from “Yes” to “No”. Now, if someone hovers on Restrict Uploads, then he will see the following message:
Restrict uploads for lower than manager users to just images if Fileinfo or MIME Magic isn’t installed.
The problem is, however, is that the above message isn’t accurate. In fact, when Restrict Uploads is set to “Yes”, then it’ll be applied for all users, even super users, which is wrong. There is no check anywhere for the user type in the actual code. In order to fix this bug (which will also fix the original problem and will address any security implications resulting from setting the value of Restrict Uploads to “No”), you will need to do the following (note that if you change the Restrict Uploads value to “No” then you don’t need to do the below):
- Open the file media.php which is located under the libraries/cms/helper folder.
-
Change the following line:
if ($params->get('restrict_uploads', 1))
to the following line:
if ($params->get('restrict_uploads', 1) && !JFactory::getUser()->authorise('core.admin'))
-
Save the file and upload it back.
-
The problem should be solved!
Of course, there is another solution that consists of installing the proper PHP libraries, but this solution is dependent on the type of the hosting environment, so check with your host/system administrator about this (have them install the PECL PHP library or the MIME Magic library).
We hope the you found our post useful and that it did solve your problem. If it didn’t, then please contact us, we’ll help you address this problem for you in no time and for a very, very reasonable fee!