Remove upload extensions htm, html, css, swf, epub, files with no extension. Fix mime types for wmf, psd.

git-svn-id: svn://pmwiki.org/pmwiki/trunk@4725 524c5546-5005-0410-9a3e-e25e191bd360

1 files changed, 6 insertions, 11 deletions

diff --git a/scripts/upload.php b/scripts/upload.php
index 08d30ce0..ed28198a 100644
--- a/scripts/upload.php
+++ b/scripts/upload.php
@@ -27,7 +27,6 @@ SDVA($UploadExts,array(
   'gif' => 'image/gif', 'jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg',
   'png' => 'image/png', 'apng' => 'image/apng', 'bmp' => 'image/bmp', 'ico' => 'image/x-icon',
   'wbmp'=> 'image/vnd.wap.wbmp', 'xcf' => 'image/x-xcf', 'webp' => 'image/webp',
-  'svg' => 'image/svg+xml', 'svgz' => 'image/svg+xml',
   'avif'=> 'image/avif', 'avifs' => 'image/avif',
   'mp3' => 'audio/mpeg', 'm4a' => 'audio/mp4', 'au' => 'audio/basic', 'wav' => 'audio/x-wav', 
   'ogg' => 'audio/ogg', 'flac' => 'audio/x-flac', 'opus' => 'audio/opus', 
@@ -35,35 +34,31 @@ SDVA($UploadExts,array(
   'mpg' => 'video/mpeg', 'mpeg' => 'video/mpeg', 'mkv' => 'video/x-matroska',
   'm4v' => 'video/x-m4v', '3gp' => 'video/3gpp',
   'mov' => 'video/quicktime', 'qt' => 'video/quicktime',
-  'wmf' => 'text/plain', 'avi' => 'video/x-msvideo',
+  'wmf' => 'image/wmf', 'avi' => 'video/x-msvideo',
   'zip' => 'application/zip', '7z' => 'application/x-7z-compressed',
   'gz'  => 'application/x-gzip', 'tgz' => 'application/x-gzip',
   'rpm' => 'application/x-rpm', 
-  'hqx' => 'application/mac-binhex40', 'sit' => 'application/x-stuffit',
+  'hqx' => 'application/mac-binhex40', 'sit' => 'application/x-stuffit', 
+  'csv' => 'text/csv', 'xls' => 'application/vnd.ms-excel', 'mdb' => 'application/x-msaccess',
   'doc' => 'application/msword', 'ppt' => 'application/vnd.ms-powerpoint',
-  'csv' => 'text/csv',
-  'xls' => 'application/vnd.ms-excel', 'mdb' => 'text/plain',
   'docx' => 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
   'pptx' => 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
   'xlsx' => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
   'exe' => 'application/octet-stream',
-  'pdf' => 'application/pdf', 'psd' => 'text/plain', 
+  'pdf' => 'application/pdf', 'psd' => 'image/vnd.adobe.photoshop', 
   'ps'  => 'application/postscript', 'ai' => 'application/postscript',
   'eps' => 'application/postscript',
-  'htm' => 'text/html', 'html' => 'text/html', 'css' => 'text/css', 
-  'fla' => 'application/x-shockwave-flash', 
-  'swf' => 'application/x-shockwave-flash',
+  'fla' => 'application/x-shockwave-flash',
   'txt' => 'text/plain', 'rtf' => 'application/rtf', 
   'tex' => 'application/x-tex', 'dvi' => 'application/x-dvi',
   'odt' => 'application/vnd.oasis.opendocument.text',
   'ods' => 'application/vnd.oasis.opendocument.spreadsheet',
   'odp' => 'application/vnd.oasis.opendocument.presentation',
   'odg' => 'application/vnd.oasis.opendocument.graphics',
-  'epub'=> 'application/epub+zip',
   'kml' => 'application/vnd.google-earth.kml+xml',
   'kmz' => 'application/vnd.google-earth.kmz',
   'vtt' => 'text/vtt',
-  '' => 'text/plain'));
+  ));
 
 # Array containing forbidden strings in a filename, array('.php', '.cgi')
 SDV($UploadBlacklist, array());