Melodeon.net Forums

Forum and website admin => Support => Topic started by: Ollie on November 04, 2012, 02:54:01 PM

Title: Jpegs
Post by: Ollie on November 04, 2012, 02:54:01 PM
Is there a reason why we can't attach .jpeg files to posts?
Title: Re: Jpegs
Post by: Steve_freereeder on November 04, 2012, 11:07:56 PM
Is there a reason why we can't attach .jpeg files to posts?

But we can...
The file extension to use is .jpg (not .jpeg). Works OK for me.

Attached herewith is a photo of my Manfrini D/G which is for sale  ;)
See http://forum.melodeon.net/index.php/topic,10764.msg133024.html#msg133024
Title: Re: Jpegs
Post by: Ollie on November 05, 2012, 12:09:21 AM
Ahhh, ok, that makes sense! Cheers Steve.  (:)
Title: Re: Jpegs
Post by: IanD on November 05, 2012, 01:36:00 PM
Ahhh, ok, that makes sense! Cheers Steve.  (:)
Does that mean the file type checker only uses the suffix after the dot?

In which case you can post anything by renaming it -- hmm, let's see...

(don't worry, it's a harmless text file really :-)
Title: Re: Jpegs
Post by: Steve_freereeder on November 05, 2012, 01:49:20 PM
Ahhh, ok, that makes sense! Cheers Steve.  (:)
Does that mean the file type checker only uses the suffix after the dot?

In which case you can post anything by renaming it -- hmm, let's see...

(don't worry, it's a harmless text file really :-)
Yes Ian, you are probably correct, and we did it last year to upload Excel .xls files. But Theo takes a dim view of this, as this could potentially introduce viruses or malware hidden in Excel macros. We had our wrists gently but firmly slapped over this.
Title: Re: Jpegs
Post by: Theo on November 05, 2012, 02:51:42 PM
Yes please don't rename files to get round the restrictions.  They are there for a reason.  We have had one instance where malware took melnet offline, and I don't want another. It is not a trivial issue.
There are steps that can be taken if the facilities here are abused but I really don't want to use them.
Title: Re: Jpegs
Post by: ladydetemps on November 05, 2012, 02:57:11 PM
Ahhh, ok, that makes sense! Cheers Steve.  (:)
Does that mean the file type checker only uses the suffix after the dot?

In which case you can post anything by renaming it -- hmm, let's see...

(don't worry, it's a harmless text file really :-)
Yes Ian, you are probably correct, and we did it last year to upload Excel .xls files. But Theo takes a dim view of this, as this could potentially introduce viruses or malware hidden in Excel macros. We had our wrists gently but firmly slapped over this.

If you want to do word or excel files using google docs and linking to that is a good alternative solution.
Title: Re: Jpegs
Post by: IanD on November 05, 2012, 11:12:18 PM
Yes please don't rename files to get round the restrictions.  They are there for a reason.  We have had one instance where malware took melnet offline, and I don't want another. It is not a trivial issue.
There are steps that can be taken if the facilities here are abused but I really don't want to use them.
I wouldn't dream of doing it, just pointing out a possible security hole (which Theo is obviously aware of) -- sometimes sites that allow file upload check to see if the file is what it claims to be, melnet obviously doesn't.
Title: Re: Jpegs
Post by: Chris Ryall on November 06, 2012, 10:28:44 AM
Interesting, and sensible, but doesn't address why .jpg is permitted any the more Unixy .jpeg isn't ???

As for word/excel - I thought the new .xslx .xslm doctype suffixes protected?
But unless that is 100% sure - agree we daren't touch it.