HESK Allow All attachments

[techuser]

Script URL:
Version of script: 2.2
Hosting company: Self
URL of phpinfo.php:
URL of session_test.php:
What terms did you try when SEARCHING for a solution: attachments, attach, file types, allow all file types

Write your message below:
Is it possible to set HESK to use all file types. I have tried clearing the empty box, I have tried "*.*", ",.*", ".*", "." ?

I would like to have the ability to accept All possible file types so that the users do not get an error and the data on the previous screen is erased.

[mblevins]

I'm assuming your php.ini file has uploads enabled since you're hosting it yourself. If not it needs to be enabled in php.ini like this:

Code: Select all

;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;

; Whether to allow HTTP file uploads.
; http://php.net/file-uploads
file_uploads = On

; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
; http://php.net/upload-tmp-dir
;upload_tmp_dir =

; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 8M

; Maximum number of files that can be uploaded via a single request
max_file_uploads = 20

assuming your php is configure to allow uploads, in theory you could just remove the check to see if it's an allowed filetype from attachments.inc.php in your inc directory. The code I'm talking about looks like this:

Code: Select all

        if (!in_array($ext,$hesk_settings['attachments']['allowed_types']))^M
        {^M
            hesk_error(sprintf($hesklang['type_not_allowed'],$_FILES['attachment']['name'][$i]));^M
        }^M

that is the only code I see that checks file types, enabling all file types is a huge security risk though, I'm not totally sure this would work, but it's the only code I saw in the system that even checked. You also need to make sure your attachments directory is writable by everyone.

[techuser]

Well, I was trying to come up with a work around since the Open Dialogue box defaults to "All File Types", I know in .NET you can specify the extensions that it allows in the Open Dialogue Box (The box for selecting the file to upload), however not sure how it's accomplished via PHP in HESK. I would prefer to limit the files that are selectable in the Open Dialog box. What ends up happening is users will type info about a ticket, and then click the attachment and then attempt to attach an unsupported file type and then all of this information is gone. I was looking for a way to prevent that occurrence from happening. possible solutions that I could come up with.. (1) adjust open dialogue box to have specify and only allow allowed extensions, (2) allow all file types, so they never get the error, (3) Find some way of caching the ticket data so if they do select an invalid file type, they can hit back and the ticket data will still be available for typing. and also (4) User training. Any thoughts?

[techuser]

This did seem to work. As mentioned though, it would be better if I could devise a way to prevent them from selecting the file type without loosing their typed data should the file type they select be wrong. Is there any way in PHP code to change the open dialog from "All files" when selecting the file to ".whatever", so they would only see files of that extension.

[Klemen]

techuser there isn't a way to allow all extension and I also wouldn't advise you to allow all file types for security reasons.

But I know what you mean with the error, Hesk version 2.3 will have this fixed (the data will not be erased if a file attachment fails).

[Raven]

Hi, just reading through the comments and thought that maybe something like this http://www.dynamicdrive.com/dynamicinde ... member.htm could be of use...

Just a thought

[techuser]

In looking at the index.php, I see a javascript declare section for the knowledge base stuff, but not seeing where one can use the memorize class that was referenced on the previous form. Any way to apply a quick fix to the current 2.2 version to make it memorize the submit form data.