Prohibit certain files for uploading


I would like to add a list of files that we could not import in relation to the /upload file.
For example forbid the upload of .exe .js …

How can I do this?

Try adding it to this part of config.php:

'upload_badext' => 
  array (
    0 => 'php',
    1 => 'php3',
    2 => 'php4',
    3 => 'php5',
    4 => 'pl',
    5 => 'cgi',
    6 => 'py',
    7 => 'asp',
    8 => 'cfm',
    9 => 'js',
    10 => 'vbs',
    11 => 'html',
    12 => 'htm',
    13 => 'phtml',

Or put that array into config_override.php (same effect^)


I will try
thank you

hi @pgr ,

I tried the code in config.php and config_override.php but it doesn’t work.
I can still upload the files with its extensions.
The problem is that when I upload for example a .php file, the tool will add the .txt extension. ( file.php.txt)

would there be another file to modify ?

I think that is done here

which unfortunately is not easy to modify in an upgrade-safe way.