Difference between revisions of "Mediawiki Notes"

From PeformIQ Upgrade
Jump to navigation Jump to search
 
(4 intermediate revisions by the same user not shown)
Line 27: Line 27:
http://en.wikipedia.org/wiki/Help:Images_and_other_uploaded_files#Embedding_internal_images
http://en.wikipedia.org/wiki/Help:Images_and_other_uploaded_files#Embedding_internal_images


[[Category:Mediawiki]]
<pre>
# This is the list of preferred extensions for uploading files. Uploading
# files with extensions not in this list will trigger a warning.
$wgFileExtensions = array( 'png', 'jpg', 'jpeg', 'ogg' );
 
# Files with these extensions will never be allowed as uploads.
$wgFileBlacklist = array(
# HTML may contain cookie-stealing JavaScript and web bugs
'html', 'htm',
# PHP scripts may execute arbitrary code on the server
'php', 'phtml', 'php3', 'php4', 'phps',
# Other types that may be interpreted by some servers
'shtml', 'jhtml', 'pl', 'py',
# May contain harmful executables for Windows victims
'exe', 'scr', 'dll', 'msi', 'vbs', 'bat', 'com', 'pif', 'cmd', 'vxd', 'cpl' );
 
# This is a flag to determine whether or not to check file extensions on
# upload.
$wgCheckFileExtensions = true;
 
# If this is turned off, users may override the warning for files not
# covered by $wgFileExtensions.
$wgStrictFileExtensions = true;
 
# Warn if uploaded files are larger than this
$wgUploadSizeWarning = 150000;
</pre>
 
==Uploading Files==
 
http://meta.wikimedia.org/wiki/Uploading_files
 
Q: What affects the maximum file size that can be uploaded?
 
* Change "upload_max_filesize = <Number>M" in your php.ini file, where <Number> is the limit in MBytes.
* Change "post_max_size =<Number>M" in your php.ini file as well and restart apache.
* If this php4 parameter is too low, you get the error message "The file you uploaded seems to be empty. This might be due to a typo in the file name. Please check whether you really want to upload this file."
* Apache has a directive "LimitRequestBody", which controls the maximum number of bytes allowed in ANY http request. If this limit is not somewhat larger than upload_max_filesize, the above message will appear for files near or above this limit. This directive may appear in various places in the apache configuration files, or in an .htaccess file. The effect of this directive may be global, or limited to a particular virtual host or directory, depending on where it occurs. Consulting the Apache documentation is advised if you run across this directive to understand how it is being used.
 
Some distributions use this directive to guard against denial of service attacks. For example the php module configuration for Apache2 on RedHat limits the request body size to 524288 bytes. Look at /etc/httpd/conf.d/php.conf. -- Other distributions may place the directive in other places according to their individual configuration file policies.
 
* MediaWiki's SpecialImport.php page has a hardcoded MAX_FILE_SIZE on the form that you may need to increase manually. You'll get a message saying This file is bigger than the server is configured to allow if you encounter this problem. Fix it by grepping includes/SpecialImport.php for MAX_FILE_SIZE and increase it from 2000000 on up to whatever you need. Note that if 'whatever you need' exceeds the sizes set in php.ini for POST size, Upload Size, and Memory that a script can use - then it won't work, and you'll have to go in there and increase the limits accordingly.[1]
 
The code that you're searching for in SpecialImport.php is this:
 
<pre>
<legend>" . wfMsgHtml('upload') . "</legend>
        <form enctype='multipart/form-data' method='post' action=\"$action\">
                <input type='hidden' name='action' value='submit' />
                <input type='hidden' name='source' value='upload' />
                <input type='hidden' name='MAX_FILE_SIZE' value='20000000' />
</pre>
 
One way to tell where the problem lies, is to check your logs. If you're seeing messages about memory being exhausted, and the like - then go check out your php.ini. If you're not seeing anything in the logs, then chances are it's the SpecialImport.php that's the sticking point...
 
* PHP's memory_limit may also place a limit on the maximum file size. See the note below if you find that you are getting a memory exhausted error in the Apache error log.
* If you're using Apache2, and PHP is loaded as a module (in my case it was PHP5), then the phpinfo() function will tell you where it expects the php.ini file to be located at. That's all good - except that it doesn't read the php.ini file!!!! You'll know this because when you look at the results returned from the phpinfo() you'll see that the local value hasn't been updated to reflect the change you made in php.ini !!!! After much hair-pulling, gnashing of teeth, and lots and lots of Caffeine, I discovered the workaround to be putting the php values that I wanted to change in the php.ini file into the httpd.conf file. Restart httpd, and it's all good... Here's a sample of what I had to add to the httpd.conf file (I put them right after the loadmodule statements that load up the various modules I'm using (including php5):
 
php_value upload_max_filesize "25M"
php_value post_max_size "25M"
php_value memory_limit "64M"
php_value file_uploads "On"
 
(Hopefully this will keep some other hapless Sysadmin from having to visit the Hair Club...)
 
One other thing I noticed is that the upload routine appears to be a memory hog. I had the memory_limit set to "25M", and it died with a "overloading of the server..." error when I was uploading a 6MB file. Oddly enough, I didn't see anything logged. For giggles I upped it to 64M, and it worked fine. I should probably dig into this some day to figure out what's going on...
 
[[Category:MediaWiki]]

Latest revision as of 15:29, 27 May 2008

Mediawiki Notes

Manipulating Navigation Menus

Adding the following code to the buildSidebar() function in include/Skins.php will cause an empty menu to be used when no use is logged in.

 (Around line 1608 in include/Skins.php)

        function buildSidebar() {
                global $parserMemc, $wgEnableSidebarCache;
                global $wgLang, $wgContLang;

                #----- PLH 20070728 --------------------------------------

                global $wgUser;

                if (!$wgUser->isLoggedIn()) {
                        return array();
                }

                #---------------------------------------------------------

Embedding Images

http://en.wikipedia.org/wiki/Help:Images_and_other_uploaded_files#Embedding_internal_images

# This is the list of preferred extensions for uploading files. Uploading
# files with extensions not in this list will trigger a warning.
$wgFileExtensions = array( 'png', 'jpg', 'jpeg', 'ogg' );

# Files with these extensions will never be allowed as uploads.
$wgFileBlacklist = array(
 # HTML may contain cookie-stealing JavaScript and web bugs
 'html', 'htm',
 # PHP scripts may execute arbitrary code on the server
 'php', 'phtml', 'php3', 'php4', 'phps',
 # Other types that may be interpreted by some servers
 'shtml', 'jhtml', 'pl', 'py',
 # May contain harmful executables for Windows victims
 'exe', 'scr', 'dll', 'msi', 'vbs', 'bat', 'com', 'pif', 'cmd', 'vxd', 'cpl' );

# This is a flag to determine whether or not to check file extensions on
# upload.
$wgCheckFileExtensions = true;

# If this is turned off, users may override the warning for files not
# covered by $wgFileExtensions.
$wgStrictFileExtensions = true;

# Warn if uploaded files are larger than this
$wgUploadSizeWarning = 150000;

Uploading Files

http://meta.wikimedia.org/wiki/Uploading_files

Q: What affects the maximum file size that can be uploaded?

  • Change "upload_max_filesize = <Number>M" in your php.ini file, where <Number> is the limit in MBytes.
  • Change "post_max_size =<Number>M" in your php.ini file as well and restart apache.
  • If this php4 parameter is too low, you get the error message "The file you uploaded seems to be empty. This might be due to a typo in the file name. Please check whether you really want to upload this file."
  • Apache has a directive "LimitRequestBody", which controls the maximum number of bytes allowed in ANY http request. If this limit is not somewhat larger than upload_max_filesize, the above message will appear for files near or above this limit. This directive may appear in various places in the apache configuration files, or in an .htaccess file. The effect of this directive may be global, or limited to a particular virtual host or directory, depending on where it occurs. Consulting the Apache documentation is advised if you run across this directive to understand how it is being used.

Some distributions use this directive to guard against denial of service attacks. For example the php module configuration for Apache2 on RedHat limits the request body size to 524288 bytes. Look at /etc/httpd/conf.d/php.conf. -- Other distributions may place the directive in other places according to their individual configuration file policies.

  • MediaWiki's SpecialImport.php page has a hardcoded MAX_FILE_SIZE on the form that you may need to increase manually. You'll get a message saying This file is bigger than the server is configured to allow if you encounter this problem. Fix it by grepping includes/SpecialImport.php for MAX_FILE_SIZE and increase it from 2000000 on up to whatever you need. Note that if 'whatever you need' exceeds the sizes set in php.ini for POST size, Upload Size, and Memory that a script can use - then it won't work, and you'll have to go in there and increase the limits accordingly.[1]

The code that you're searching for in SpecialImport.php is this:

<legend>" . wfMsgHtml('upload') . "</legend>
        <form enctype='multipart/form-data' method='post' action=\"$action\">
                <input type='hidden' name='action' value='submit' />
                <input type='hidden' name='source' value='upload' />
                <input type='hidden' name='MAX_FILE_SIZE' value='20000000' />

One way to tell where the problem lies, is to check your logs. If you're seeing messages about memory being exhausted, and the like - then go check out your php.ini. If you're not seeing anything in the logs, then chances are it's the SpecialImport.php that's the sticking point...

  • PHP's memory_limit may also place a limit on the maximum file size. See the note below if you find that you are getting a memory exhausted error in the Apache error log.
  • If you're using Apache2, and PHP is loaded as a module (in my case it was PHP5), then the phpinfo() function will tell you where it expects the php.ini file to be located at. That's all good - except that it doesn't read the php.ini file!!!! You'll know this because when you look at the results returned from the phpinfo() you'll see that the local value hasn't been updated to reflect the change you made in php.ini !!!! After much hair-pulling, gnashing of teeth, and lots and lots of Caffeine, I discovered the workaround to be putting the php values that I wanted to change in the php.ini file into the httpd.conf file. Restart httpd, and it's all good... Here's a sample of what I had to add to the httpd.conf file (I put them right after the loadmodule statements that load up the various modules I'm using (including php5):
php_value upload_max_filesize "25M"
php_value post_max_size "25M"
php_value memory_limit "64M"
php_value file_uploads "On"

(Hopefully this will keep some other hapless Sysadmin from having to visit the Hair Club...)

One other thing I noticed is that the upload routine appears to be a memory hog. I had the memory_limit set to "25M", and it died with a "overloading of the server..." error when I was uploading a 6MB file. Oddly enough, I didn't see anything logged. For giggles I upped it to 64M, and it worked fine. I should probably dig into this some day to figure out what's going on...