This is my first post–I’m a new Kirby user, and I love it! Thanks to everyone involved!
I ran into a problem uploading images to a page, namely, I receive the exec() has been disabled for security reasons message. My website is on shared hosting, and I’d rather try to keep it there before exploring alternatives, so I’m trying to see whether I’m able to work around having to use exec().
I notice in this thread that this is likely due to my PHP installation “missing the finfo extension and the mime_content_type function”. I contacted my shared hosting provider and asked them to enable these, and I received a response that said that mime_content_type is deprecated and to use Fileinfo instead, which was enabled for me.
I tried uploading an image, and the result was the same (i.e. “exec() has been disabled for security reasons”). So I’m wondering if maybe I need to force Kirby to use the newly installed Fileinfo? If so, how might I go about doing that?
Thanks in advance for your time and your help. Cheers!
If fileinfo is really enabled on your server, Kirby wouldn’t fall back to mime_content_type. The order used to determine the mime type is this:
fileinfo
mime_content_type
shell_exec
as you can see here in the mime function:
public static function mime($file) {
// use the standard finfo extension
$mime = static::mimeFromFileInfo($file);
// use the mime_content_type function
if(!$mime) {
$mime = static::mimeFromMimeContentType($file);
}
// try to get it via cli
if(!$mime) {
$mime = static::mimeFromSystem($file);
}
// use the mime sniffer class
if(!$mime) {
$mime = static::mimeFromSniffer($file);
}
// try to guess the mime type at least
if(!$mime) {
$mime = static::extensionToMime(static::extension($file));
}
// fix broken mime detection for svg files with style attribute
if($mime === 'text/html' && static::extension($file) === 'svg') {
libxml_use_internal_errors(true);
$svg = new SimpleXMLElement(static::read($file));
if($svg !== false && $svg->getName() === 'svg') {
return 'image/svg+xml';
}
}
return $mime;
}
