|Allow images and other files to be uploaded through the wiki.
|Introduced in version:||1.5.0|
|Removed in version:||still in use|
|Other settings: Alphabetical | By function|
Found in the LocalSettings.php file, when set to
true, users will be allowed to upload images and other enabled files.
Users will see an 'Upload file' link appearing in the toolbox on the bottom-left (usually), linking to the Special:Upload page.
This link appears for users with the 'upload' right (logged-in users by default).
Destination filenamefield there in Special:Upload page is a case sensitive field and should be used to give descriptive filename instead of using the default one populated from source file name.
- If a file already exists in the system with name
Destination filename, uploading this file without changing
Destination filenamewill create a archive file and store the older version in
imagesdirectory writable by the web server, otherwise you will just see an error such as
failed to open stream: Operation not permittedor
Could not create directory "mwstore://local-backend/local-public/0/00". Note that a web server writable directory is not insecure in itself, but can be thought of as the first half of a successful attack to your web server, as such you might like to explore alternatives using img_auth.php
IMPORTANT: Uploads need to be set up properly in order to be secure! There are several related configuration settings. It is recommended to read the more complete instructions at Manual:Configuring file uploads
Prior to v1.5.0, $wgDisableUploads was used instead.
- Manual:$wgUploadDirectory - if one wants to change default upload folder, which is
- Manual:$wgMaxUploadSize - default is 100 MB, change it if needed.
- Manual:Configuring file uploads
- Manual:Configuration settings#Uploads - a list of all configuration variables related to file uploads
- Category:Upload variables - similar list as a category (ordered alphabetically)
- Manual:Interface/Uploaddisabledtext - message at Special:Upload if uploads disabled
- file_uploads php.ini directive. This must be enabled for uploads to work