I did RTFM and I did what it said, and still my Mediawiki complained when I tried to upload executable files and things with funny file extensions or mime types. if $wgFileExtensions is empty but $wgEnableUploads = true and $wgStrictFileExtensions = false it should just let me upload anything. I can't think what other behaviour one would expect there, but set like that I can't upload my dodgy files.
So I've removed the code it uses to check.
Here's a pair of diffs if you'd also like to do this. These are on version 1.17.0 but I suspect it's not changed very much.
This just comments out the two blocks of code in UploadBase.php which check whether files are considered safe and warn if they're not - it prevents the checking and the warning:
wiki:/home/wiki/public_html# diff includes/upload/UploadBase.php includes/upload/UploadBase.php.bak 447,455c447,454 < // ## Avi Commented this out so that we can upload whatever we like to our server. That was nice of him < // // Check whether the file extension is on the unwanted list < // global $wgCheckFileExtensions, $wgFileExtensions; < // if ( $wgCheckFileExtensions ) { < // if ( !$this->checkFileExtension( $this->mFinalExtension, $wgFileExtensions ) ) { < // $warnings['filetype-unwanted-type'] = $this->mFinalExtension; < // } < // } < // --- > // Check whether the file extension is on the unwanted list > global $wgCheckFileExtensions, $wgFileExtensions; > if ( $wgCheckFileExtensions ) { > if ( !$this->checkFileExtension( $this->mFinalExtension, $wgFileExtensions ) ) { > $warnings['filetype-unwanted-type'] = $this->mFinalExtension; > } > } > 557,570c556,569 < // ## Avi Commented this out so that we can upload whatever we like to our server. That was nice of him < // /* Don't allow users to override the blacklist (check file extension) */ < // global $wgCheckFileExtensions, $wgStrictFileExtensions; < // global $wgFileExtensions, $wgFileBlacklist; < // if ( $this->mFinalExtension == '' ) { < // $this->mTitleError = self::FILETYPE_MISSING; < // return $this->mTitle = null; < // } elseif ( $this->checkFileExtensionList( $ext, $wgFileBlacklist ) || < // ( $wgCheckFileExtensions && $wgStrictFileExtensions && < // !$this->checkFileExtension( $this->mFinalExtension, $wgFileExtensions ) ) ) { < // $this->mTitleError = self::FILETYPE_BADTYPE; < // return $this->mTitle = null; < // } < // --- > > /* Don't allow users to override the blacklist (check file extension) */ > global $wgCheckFileExtensions, $wgStrictFileExtensions; > global $wgFileExtensions, $wgFileBlacklist; > if ( $this->mFinalExtension == '' ) { > $this->mTitleError = self::FILETYPE_MISSING; > return $this->mTitle = null; > } elseif ( $this->checkFileExtensionList( $ext, $wgFileBlacklist ) || > ( $wgCheckFileExtensions && $wgStrictFileExtensions && > !$this->checkFileExtension( $this->mFinalExtension, $wgFileExtensions ) ) ) { > $this->mTitleError = self::FILETYPE_BADTYPE; > return $this->mTitle = null; > } >
And this just stops Setup.php making-safe the $wgFileExtensions array by removing whatever's in $wgFileBlacklist from it, which I think wouldn't complain had I not already done Bad Things to those two variables, but it's late and it can't hurt to turn this off, too:
wiki:/home/wiki/public_html# diff includes/Setup.php includes/Setup.php.bak 296,298c296,297 < // ## Avi Commented this out so we can upload whatever we like to our server. That was nice of him < //# Blacklisted file extensions shouldn't appear on the "allowed" list < //$wgFileExtensions = array_diff ( $wgFileExtensions, $wgFileBlacklist ); --- > # Blacklisted file extensions shouldn't appear on the "allowed" list > $wgFileExtensions = array_diff ( $wgFileExtensions, $wgFileBlacklist );