See phab:T268667.
Extension talk:MultiUpload
Appearance
A great extension, but unfortunately unmainted and now, with MediaWiki 1.34, it isn't working any longer. :-(
This post was hidden by TiltedCerebellum (history)
For applications where you want a quick upload to a private Wiki this extension might be a '''much''' better alternative. It has less complexity (and thus less bugs), it does not require editor integration, the workflow is much faster and the UI is lean. It might be worth checking it out.
https://github.com/j-yun/mediawiki-extension-QuickUploadZone
I see an extension which is far more likely to have security issues than this one: it's only had three commits, there's a single fork which appears to have been created by accident, there are no reported issues, and there's virtually no documentation. The presence of a minified JS file (modules/clipboad.min.js) without an unminified version available for inspection is suspicious as well.
Hi. I'm not getting multi upload working. When I load the SpecialPage I get some text telling me about the type of files I can upload and under that is a spinner which must be running on Duracel because it just keeps on going.
The same is happening to me - the page is http://coasterpedia.net/wiki/Special:MultiUpload and I'm running 1.23.0 - does anyone have a fix?
I managed to get it working using the GIT master rather than the extension distributor. No idea why this worked but it did.
I too am getting the spinning wheel in IE8. Seems to be a javascript error. Browser Mode IE8, Document Mode: IE8 Standards
LOG: Exception thrown by special.upload.patched TypeError: Object doesn't support this property or method
Tried IE8 Compatibility mode - no change.
If I set Document Mode to IE7 Standards or Quirks mode, no spinners, and it works but this error:
Expected identifier, string or number load.php?debug=false&lang=en&modules=ext.multiupload.top%7Cjquery.client%2Ccookie%2CmwExtension%2Cthrottle-debounce%7Cmediawiki.legacy.ajax%2Cwikibits%7Cmediawiki.notify%2Ctoc%2Cutil%7Cmediawiki.page.startup%7Cskins.vector.js&skin=vector&version=20140825T193003Z&*, line 1 character 515
Works great in Chrome of course.
MediaWiki 1.23.2
I have this on 1.27 also after migrating from 1.24. If you refresh the page you can see the form loading, especially in Firefox but also in Chrome. The spinner then takes over.
I found a replacement for MultiUpload, discussion here: https://www.mediawiki.org/w/index.php?title=Topic:T7yx4mwklvybsklp&topic_showPostId=tap1hr0ekmr5ozz0#flow-post-tap1hr0ekmr5ozz0.
The replacement is called SimpleBatchUpload, and can be found here: https://github.com/s7eph4n/SimpleBatchUpload.
Upon accessing Special:SpecialPages, it thows: Fatal error: Cannot redeclare class SpecialMultiUpload in /home/www/lib/mediawiki-1.25.1/extensions/MultiUpload/SpecialMultiUpload.php on line 120
Hi.
I've fixed this errors with this patch, preventing the class to be loaded again:
diff -r MultiUpload/SpecialMultiUpload.php MultiUpload.orig/SpecialMultiUpload.php
42,47d41
< /* IGGL */
< /* Try to fix
< * PHP Fatal error: Cannot redeclare class SpecialMultiUpload in /usr/local/mediawiki-extensions/MultiUpload/SpecialMultiUpload.php on line 0, referer: https://wiki03.terma.com/sandbox/index.php/Special:Upload
< */
< if(!class_exists('SpecialMultiUpload')){
<
127,135d120
< /* IGGL */
< }
<
< /* IGGL */
< /* Try to fix
< * PHP Fatal error: Cannot redeclare class MultiUploadForm in /usr/local/mediawiki-extensions/MultiUpload/SpecialMultiUpload.php on line 0, referer: https://wiki03.terma.com/sandbox/index.php/Special:Upload
< */
< if(!class_exists('MultiUploadForm')){
<
208,209d192
< /* IGGL */
< }
233,237d215
<
< /* Try to fix
< * PHP Fatal error: Cannot redeclare class DerivativeRequest in /usr/local/mediawiki-extensions/MultiUpload/SpecialMultiUpload.php on line 0, referer: https://wiki03.terma.com/sandbox/index.php/Special:Upload
< */
< if ( !class_exists( 'DerivativeRequestWithFiles' ) ) {
254,255d231
< /* IGGL */
< }
260,263d235
< /* Try to fix
< * PHP Fatal error: Cannot redeclare class DerivativeRequest in /usr/local/mediawiki-extensions/MultiUpload/SpecialMultiUpload.php on line 0, referer: https://wiki03.terma.com/sandbox/index.php/Special:Upload
< */
< if ( !class_exists( 'DerivativeRequestWithFiles' ) ) {
265,266d236
< /* IGGL */
< }
269,274d238
< /* IGGL */
< /* Try to fix
< * PHP Fatal error: Cannot redeclare class UploadRow in /usr/local/mediawiki-extensions/MultiUpload/SpecialMultiUpload.php on line 0, referer: https://wiki03.terma.com/sandbox/index.php/Special:Upload
< */
< if(!class_exists('UploadRow')){
<
497,504d460
< /* IGGL */
< }
<
< /* IGGL */
< /* Try to fix
< * PHP Fatal error: Cannot redeclare class UploadFormRow in /usr/local/mediawiki-extensions/MultiUpload/SpecialMultiUpload.php on line 0, referer: https://wiki03.terma.com/sandbox/index.php/Special:Upload
< */
< if(!class_exists('UploadFormRow')){
634,636d589
< /* IGGL */
< }
<
This seems to fix the form display, but sadly still do not works.
When trying to upload files, I always get the error:
The file you uploaded seems to be empty. This might be due to a typo in the filename. Please check whether you really want to upload this file.
I'm not able to find the problem. The debug information:
Start request POST /sandbox/index.php/Special:MultiUpload HTTP HEADERS: HOST: <HOSTNAME> USER-AGENT: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.6.0 ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 ACCEPT-LANGUAGE: en-US,en;q=0.5 ACCEPT-ENCODING: gzip, deflate REFERER: https://<HOSTNAME>/sandbox/index.php/Special:MultiUpload COOKIE: wikisandboxdbUserID=3; wikisandboxdbUserName=Iggl; wikisandboxdb_session=<SESSION>; uls-previous-languages=%5B%22en%22%5D CONNECTION: keep-alive CONTENT-TYPE: multipart/form-data; boundary=---------------------------38489103911317133881752535727 CONTENT-LENGTH: 22936 [caches] main: EmptyBagOStuff, message: SqlBagOStuff, parser: SqlBagOStuff Connected to database 0 at localhost Connected to database 0 at localhost [caches] LocalisationCache: using store LCStoreDB Fully initialised User: cache miss for user 3 User: loading options for user 3 from database. User: logged in from session User: loading options for user 3 from override cache. [MessageCache] MessageCache::load: Loading en... got from global cache Unstubbing $wgParser on call of $wgParser::firstCallInit from MessageCache::getParser Parser: using preprocessor: Preprocessor_DOM Unstubbing $wgLang on call of $wgLang::_unstub from ParserOptions::__construct User::getBlockedStatus: checking... UploadBase::createFromRequest: class name: UploadFromFile UploadBase::createFromRequest: class name: UploadFromFile [GlobalTitleFail] MessageCache::parse called by FileIndexer::addCheckboxToUploadForm/Message::__toString/Message::toString/Message::parseText/MessageCache::parse with no title set. [GlobalTitleFail] MessageCache::parse called by MultiUploadForm::__construct/Message::parse/Message::toString/Message::parseText/MessageCache::parse with no title set. [Preprocessor] Saved preprocessor XML to memcached (key wikisandboxdb:preprocess-xml:<HASH>:0) [Preprocessor] Saved preprocessor XML to memcached (key wikisandboxdb:preprocess-xml:<HASH>:0) [GlobalTitleFail] MessageCache::parse called by MultiUploadForm::getLegend/Message::parse/Message::toString/Message::parseText/MessageCache::parse with no title set. [GlobalTitleFail] MessageCache::parse called by MultiUploadForm::getLegend/Message::parse/Message::toString/Message::parseText/MessageCache::parse with no title set. [GlobalTitleFail] MessageCache::parse called by MultiUploadForm::getLegend/Message::parse/Message::toString/Message::parseText/MessageCache::parse with no title set. DatabaseBase::query: Writes done: REPLACE INTO `objectcache` (keyname,value,exptime) VALUES ('X') OutputPage::sendCacheControl: private caching; ** LoadBalancer::reuseConnection: this connection was not opened as a foreign connection [runJobs] Running 1 job(s) via '/sandbox/index.php?title=Special%3ARunJobs&tasks=jobs&maxjobs=1&sigexpiry=1435317559&signature=<SIGNATURE>' [runJobs] Failed to start cron API: received 'HTTP/1.1 403 Forbidden ' Request ended normally
Same information using builtin upload form:
Start request POST /sandbox/index.php/Special:Upload HTTP HEADERS: HOST: <HOSTNAME> USER-AGENT: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.6.0 ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 ACCEPT-LANGUAGE: en-US,en;q=0.5 ACCEPT-ENCODING: gzip, deflate REFERER: https://<HOSTNAME>/sandbox/index.php/Special:Upload COOKIE: wikisandboxdbUserID=3; wikisandboxdbUserName=Iggl; wikisandboxdb_session=<SESSION>; uls-previous-languages=%5B%22en%22%5D CONNECTION: keep-alive CONTENT-TYPE: multipart/form-data; boundary=---------------------------1832873965988468950239988269 CONTENT-LENGTH: 175165 [caches] main: EmptyBagOStuff, message: SqlBagOStuff, parser: SqlBagOStuff Connected to database 0 at localhost Connected to database 0 at localhost [caches] LocalisationCache: using store LCStoreDB Fully initialised User: cache miss for user 3 User: loading options for user 3 from database. User: logged in from session User: loading options for user 3 from override cache. [MessageCache] MessageCache::load: Loading en... got from global cache Unstubbing $wgParser on call of $wgParser::firstCallInit from MessageCache::getParser Parser: using preprocessor: Preprocessor_DOM Unstubbing $wgLang on call of $wgLang::_unstub from ParserOptions::__construct User::getBlockedStatus: checking... UploadBase::createFromRequest: class name: UploadFromFile WebRequestUpload::getName: <FILE>.png normalized to '<FILE>.png' WebRequestUpload::getName: <FILE>.png normalized to '<FILE>.png' WebRequestUpload::getName: <FILE>.png normalized to '<FILE>.png' FSFile::getProps: Getting file info for /tmp/phpQWmUQm MimeMagic::__construct: loading mime types from <MWPATH>/sandbox/includes/mime.types MimeMagic::__construct: loading mime info from <MWPATH>/sandbox/includes/mime.info MimeMagic::doGuessMimeType: analyzing head and tail of /tmp/phpQWmUQm for magic numbers. MimeMagic::doGuessMimeType: getimagesize detected /tmp/phpQWmUQm as image/png MimeMagic::guessMimeType: guessed mime type of /tmp/phpQWmUQm: image/png MimeMagic::improveTypeFromExtension: improved mime type for .png: image/png [XMP] XMPReader::doAttribs Ignoring unrecognized element <http://ns.adobe.com/xap/1.0/mm/:InstanceID>. [XMP] XMPReader::doAttribs Ignoring unrecognized element <http://ns.adobe.com/xap/1.0/mm/:DocumentID>. [XMP] XMPReader::startElementModeInitial Ignoring unrecognized element <http://ns.adobe.com/xap/1.0/mm/:DerivedFrom>. FSFile::getProps: /tmp/phpQWmUQm loaded, 173826 bytes, image/png. mime: <image/png> extension: <png> UploadBase::detectScript: checking for embedded scripts and HTML stuff UploadBase::detectScript: no scripts found ZipDirectoryReader: Fatal error: zip file lacks EOCDR signature. It probably isn't a zip file. UploadBase::detectVirus: virus scanner disabled FSFile::getProps: Getting file info for /tmp/phpQWmUQm MimeMagic::doGuessMimeType: analyzing head and tail of /tmp/phpQWmUQm for magic numbers. MimeMagic::doGuessMimeType: getimagesize detected /tmp/phpQWmUQm as image/png MimeMagic::guessMimeType: guessed mime type of /tmp/phpQWmUQm: image/png MimeMagic::improveTypeFromExtension: improved mime type for .png: image/png [XMP] XMPReader::doAttribs Ignoring unrecognized element <http://ns.adobe.com/xap/1.0/mm/:InstanceID>. [XMP] XMPReader::doAttribs Ignoring unrecognized element <http://ns.adobe.com/xap/1.0/mm/:DocumentID>. [XMP] XMPReader::startElementModeInitial Ignoring unrecognized element <http://ns.adobe.com/xap/1.0/mm/:DerivedFrom>. FSFile::getProps: /tmp/phpQWmUQm loaded, 173826 bytes, image/png. UploadBase::verifyExtension: mime type image/png matches extension png, passing file UploadBase::verifyFile: all clear; passing. FileBackendStore::getFileStat: File mwstore://local-backend/local-public/f/fc/<FILE>.png does not exist. FileBackendStore::getFileStat: File mwstore://local-backend/local-public/archive/f/fc/20150626111255!<FILE>.png does not exist. DatabaseBase::query: Writes done: INSERT IGNORE INTO `image` (img_name,img_size,img_width,img_height,img_bits,img_media_type,img_major_mime,img_minor_mime,img_timestamp,img_description,img_user,img_user_text,img_metadata,img_sha1) VALUES ('X') [ContentHandler] Created handler for wikitext: WikitextContentHandler [StashEdit] No cache value for key 'wikisandboxdb:prepared-edit:<HASH>'. [GlobalTitleFail] MessageCache::parse called by FileIndexer::articleSave/Message::__toString/Message::toString/Message::parseText/MessageCache::parse with no title set. [GlobalTitleFail] MessageCache::parse called by FileIndexer::articleSave/Message::__toString/Message::toString/Message::parseText/MessageCache::parse with no title set. WikiPage::doEditUpdates: No vary-revision, using prepared edit... Saved in parser cache with key wikisandboxdb:pcache:idhash:43-0!*!*!*!*!*!* and timestamp 20150626111255 and revision id 69 DatabaseBase::query: Writes done: REPLACE INTO `objectcache` (keyname,value,exptime) VALUES ('X') BacklinkCache::queryLinks: got results from DB BacklinkCache::queryLinks: got results from DB BacklinkCache::queryLinks: got results from DB LoadBalancer::reuseConnection: this connection was not opened as a foreign connection Title::getRestrictionTypes: applicable restrictions to [[File:<FILE>.png]] are {edit,move,upload} LoadBalancer::reuseConnection: this connection was not opened as a foreign connection LoadBalancer::reuseConnection: this connection was not opened as a foreign connection Job with hash '<HASH>' is a duplicate. BacklinkCache::partition: got from full result cache LoadBalancer::reuseConnection: this connection was not opened as a foreign connection IP: <HOSTIP> BacklinkCache::partition: got from full result cache OutputPage::sendCacheControl: private caching; ** LoadBalancer::reuseConnection: this connection was not opened as a foreign connection [runJobs] Running 1 job(s) via '/sandbox/index.php?title=Special%3ARunJobs&tasks=jobs&maxjobs=1&sigexpiry=1435317180&signature=<SIGNATURE>' [runJobs] Failed to start cron API: received 'HTTP/1.1 403 Forbidden ' Request ended normally
Same error I have here,
MediaWiki version 1.25,
MultiUpload version 1.25 MultiUpload: REL1_25 2015-06-16T21:13:04
db0c9d4
The solution seems more simple:
Comment out this line in MultiUpload.php by adding a #
character in front of it:
$wgAutoloadClasses['FauxWebRequestUpload'] = __DIR__ . '/SpecialMultiUpload.php';
Once done, it works for me.
That got me past the error also. Now have to fix forever spinning gif.
For me, the error was, when accessing http://<mymediawikiinstallation>:Especial:PáginasEspeciales
Fatal error: Cannot redeclare class SpecialMultiUpload in /var/www/mediawiki-1.25.2/extensions/MultiUpload/SpecialMultiUpload.php on line 0
The solution I found from @Ciencia Al Poder's:
sudo sed -i "s/\(\$wgSpecialPages\['MultiUpload'\] = 'SpecialMultiUpload';\)/# \1/" /var/www/mediawiki-1.25.2/extensions/MultiUpload/MultiUpload.php
I think it's easy, just need to add more URL upload bar.
May be you need to find whether the system use URL upload.
I want bulkupload image by URL too.
The problem occurs when a user tries to upload multiple files and mistakenly adds one file twice. Then you get a warning that the file already exist, but after uploading other files. Then weird thing happen and notices/warning are thrown at you (if you happen to have notices on in PHP config). Looks like a bug.
Just add the below to multiupload.js and you are ready to go.
// should probably be in i18n
wgAddMoreName = 'Add next file'; // en
//wgAddMoreName = 'Dodaj następny plik'; // pl
/**
* Enable showing one file at first and add more
*
* This will hide all files input but the first one
* and will add an add more button.
*
* @note $wgMaxUploadFiles param sets maximum number of files uploaded at once
*/
function wgUploadHideSetup() {
var eRows;
try {
eRows = document.getElementById( 'mw-htmlform-source' ).getElementsByTagName('tr');
} catch (e) {
return;
}
if( eRows ) {
//
// get rows array
//
var arrRows = new Array();
var iLastRow;
var oRow = new Object();
for (var i=0; i<eRows.length; i++) {
var e = eRows[i];
if (e.className.search(/(^| )mw-htmlform-field-UploadSourceField( |$)/)>=0) {
oRow.rIn = e;
iLastRow = i;
} else if (e.className.search(/(^| )mw-htmlform-field-HTMLTextField( |$)/)>=0) {
oRow.rOut = e;
iLastRow = i;
arrRows.push(oRow);
oRow = new Object();
}
}
if (arrRows.length <= 0)
{
if (typeof(console) != 'undefined' && typeof(console.log) == 'function')
{
console.log ('wgUploadHideSetup: no form fields found - class name changed?');
}
return;
}
//
// hide all but first
//
var strRowNormalDisplay = arrRows[0].rIn.style.display;
for (var i=1; i<arrRows.length; i++) {
arrRows[i].rIn.style.display = 'none';
arrRows[i].rOut.style.display = 'none';
}
//
// add button
//
// cells
var nel = document.createElement('tr');
var nelTd = document.createElement('td');
nel.appendChild(nelTd);
nelTd = document.createElement('td');
nel.appendChild(nelTd);
// the button
var nelInp = document.createElement('input');
nelInp.setAttribute('type', 'button');
var lastVisible = 0;
nelInp.onclick = function () {
if (lastVisible<arrRows.length-1) {
lastVisible++;
arrRows[lastVisible].rIn.style.display = strRowNormalDisplay;
arrRows[lastVisible].rOut.style.display = strRowNormalDisplay;
}
if (lastVisible>=arrRows.length-1) {
this.style.display = 'none';
}
}
nelInp.value = wgAddMoreName;
nelTd.appendChild(nelInp);
if (iLastRow == eRows.length-1) {
eRows[iLastRow].parentNode.appendChild(nel);
} else {
eRows[iLastRow+1].parentNode.insertBefore(nel, eRows[iLastRow+1]);
}
}
}
addOnloadHook( wgUploadHideSetup );
Regards,
Just edited (added the hide-setup function behind the normal setup) multiupload.js but did not affected anything. I still have my maxupload fields (I use default which is 5- therfore not explicit value in wgMaxUpload in LocalSettings). I wanted to try that to see if i can get rid of the warnings in case you only upload one and not the max number allowed.
Is adding the function to multiupload.js the really the only thing to do?
I must be missing something here. I appended the above code to the end of the .js but I didn't see what apparently is working... am I supposed to search and replace? Or is there a specific line it should be inserted at?
Fixed above. As seems HTML changed. And yes - you just paste the code at the end of "multiupload.js" (this is AFTER `addOnloadHook( wgUploadSetup );`).
Excellent, it works! Thx.
Reiteration!!!
This extension DOES HAVE SEVERE MEDIA RELATED VULNERABILITIES and is advise against installing unto your hard drive.
Problems: This extension has a HIGH LEVEL VULNERABILITY(HLV) to parser based attacks and a high propensity to become susceptible to HTTP/Directory events and server-related incidents. Probable causes that may contribute to these errors would be heavy media loads or other upload content already on the server. Various MW 1.19 directory files, especially maintenance files such as HipHop have been known to cause extensive server related incompatibility issues.
Another possible approach in recognizing the problems may be in the GIT repository, whereby older extensions (possibly over 90%) of the GIT populated files may have compatibility issues due to maintenance updates. The repository hosts multiple types of files for download (zip, 7z, tar, etc.) from which possible vulnerability attacks may be instigated. Accordingly, a growing number of inclusion files are being targeted for removal from the repository; due to the High Level Vulnerability ratings and lack of supported extension content such as variable/parser functions.
Solution:
As of Habatchii (talk) 17:33, 30 July 2012 (UTC); the most effective solution for the vulnerability issue is to contact the [desk] and
- Notify of attacks against one or more of your sites
- Request for Review of the GIT process
- Apply to one or more volunteer programs to police known HLV extensions
- Use existing templates to document as many broken or vandalized extensions possible
- Maintain and adopt extensions that you can modify to re-submit to the repository.
- Arrange for discussion page conferences such as this to be included in a final petition for review.
Additional Solutions:
Warning: The code or configuration described here poses a major security risk.
Site administrators: You are advised against using it until this security issue is resolved. Problem: Vulnerable to code injection attacks, because it passes user input directly to executable statements, such as exec(), passthru() or include(). This may lead to arbitrary code being run on your server, among other things. Solution: Strictly validate user input and/or apply escaping to all characters that have a special meaning in executable statements. |
If I upload a zipfile with a bunch of images, the filesize of all but one file (the first) is set to 0 bytes, although the image is present and has a larger than 0 filesize on the server.