+/** Files with these extensions will never be allowed as uploads. */
+$wgFileBlacklist = array(
+ # HTML may contain cookie-stealing JavaScript and web bugs
+ 'html', 'htm', 'js', 'jsb', 'mhtml', 'mht', 'xhtml', 'xht',
+ # PHP scripts may execute arbitrary code on the server
+ 'php', 'phtml', 'php3', 'php4', 'php5', 'phps',
+ # Other types that may be interpreted by some servers
+ 'shtml', 'jhtml', 'pl', 'py', 'cgi',
+ # May contain harmful executables for Windows victims
+ 'exe', 'scr', 'dll', 'msi', 'vbs', 'bat', 'com', 'pif', 'cmd', 'vxd', 'cpl' );
+
+/**
+ * Files with these mime types will never be allowed as uploads
+ * if $wgVerifyMimeType is enabled.
+ */
+$wgMimeTypeBlacklist = array(
+ # HTML may contain cookie-stealing JavaScript and web bugs
+ 'text/html', 'text/javascript', 'text/x-javascript', 'application/x-shellscript',
+ # PHP scripts may execute arbitrary code on the server
+ 'application/x-php', 'text/x-php',
+ # Other types that may be interpreted by some servers
+ 'text/x-python', 'text/x-perl', 'text/x-bash', 'text/x-sh', 'text/x-csh',
+ # Client-side hazards on Internet Explorer
+ 'text/scriptlet', 'application/x-msdownload',
+ # Windows metafile, client-side vulnerability on some systems
+ 'application/x-msmetafile',
+ # A ZIP file may be a valid Java archive containing an applet which exploits the
+ # same-origin policy to steal cookies
+ 'application/zip',
+
+ # MS Office OpenXML and other Open Package Conventions files are zip files
+ # and thus blacklisted just as other zip files. If you remove these entries
+ # from the blacklist in your local configuration, a malicious file upload
+ # will be able to compromise the wiki's user accounts, and the user
+ # accounts of any other website in the same cookie domain.
+ 'application/x-opc+zip',
+ 'application/msword',
+ 'application/vnd.ms-powerpoint',
+ 'application/vnd.msexcel',
+);
+
+/**
+ * This is a flag to determine whether or not to check file extensions on upload.
+ *
+ * WARNING: setting this to false is insecure for public wikis.
+ */
+$wgCheckFileExtensions = true;
+
+/**
+ * If this is turned off, users may override the warning for files not covered
+ * by $wgFileExtensions.
+ *
+ * WARNING: setting this to false is insecure for public wikis.
+ */
+$wgStrictFileExtensions = true;
+
+/** Warn if uploaded files are larger than this (in bytes), or false to disable*/
+$wgUploadSizeWarning = false;
+
+/**
+ * list of trusted media-types and mime types.
+ * Use the MEDIATYPE_xxx constants to represent media types.
+ * This list is used by File::isSafeFile
+ *
+ * Types not listed here will have a warning about unsafe content
+ * displayed on the images description page. It would also be possible
+ * to use this for further restrictions, like disabling direct
+ * [[media:...]] links for non-trusted formats.
+ */
+$wgTrustedMediaFormats = array(
+ MEDIATYPE_BITMAP, //all bitmap formats
+ MEDIATYPE_AUDIO, //all audio formats
+ MEDIATYPE_VIDEO, //all plain video formats
+ "image/svg+xml", //svg (only needed if inline rendering of svg is not supported)
+ "application/pdf", //PDF files
+ #"application/x-shockwave-flash", //flash/shockwave movie
+);
+
+/**
+ * Plugins for media file type handling.
+ * Each entry in the array maps a MIME type to a class name
+ */
+$wgMediaHandlers = array(
+ 'image/jpeg' => 'BitmapHandler',
+ 'image/png' => 'PNGHandler',
+ 'image/gif' => 'GIFHandler',
+ 'image/tiff' => 'TiffHandler',
+ 'image/x-ms-bmp' => 'BmpHandler',
+ 'image/x-bmp' => 'BmpHandler',
+ 'image/svg+xml' => 'SvgHandler', // official
+ 'image/svg' => 'SvgHandler', // compat
+ 'image/vnd.djvu' => 'DjVuHandler', // official
+ 'image/x.djvu' => 'DjVuHandler', // compat
+ 'image/x-djvu' => 'DjVuHandler', // compat
+);
+
+/**
+ * Resizing can be done using PHP's internal image libraries or using
+ * ImageMagick or another third-party converter, e.g. GraphicMagick.
+ * These support more file formats than PHP, which only supports PNG,
+ * GIF, JPG, XBM and WBMP.
+ *
+ * Use Image Magick instead of PHP builtin functions.
+ */
+$wgUseImageMagick = false;
+/** The convert command shipped with ImageMagick */
+$wgImageMagickConvertCommand = '/usr/bin/convert';
+
+/** Sharpening parameter to ImageMagick */
+$wgSharpenParameter = '0x0.4';
+
+/** Reduction in linear dimensions below which sharpening will be enabled */
+$wgSharpenReductionThreshold = 0.85;
+
+/**
+ * Temporary directory used for ImageMagick. The directory must exist. Leave
+ * this set to false to let ImageMagick decide for itself.
+ */
+$wgImageMagickTempDir = false;
+
+/**
+ * Use another resizing converter, e.g. GraphicMagick
+ * %s will be replaced with the source path, %d with the destination
+ * %w and %h will be replaced with the width and height.
+ *
+ * Example for GraphicMagick:
+ * <code>
+ * $wgCustomConvertCommand = "gm convert %s -resize %wx%h %d"
+ * </code>
+ *
+ * Leave as false to skip this.
+ */
+$wgCustomConvertCommand = false;
+
+/**
+ * Scalable Vector Graphics (SVG) may be uploaded as images.
+ * Since SVG support is not yet standard in browsers, it is
+ * necessary to rasterize SVGs to PNG as a fallback format.
+ *
+ * An external program is required to perform this conversion.
+ */
+$wgSVGConverters = array(
+ 'ImageMagick' => '$path/convert -background white -thumbnail $widthx$height\! $input PNG:$output',
+ 'sodipodi' => '$path/sodipodi -z -w $width -f $input -e $output',
+ 'inkscape' => '$path/inkscape -z -w $width -f $input -e $output',
+ 'batik' => 'java -Djava.awt.headless=true -jar $path/batik-rasterizer.jar -w $width -d $output $input',
+ 'rsvg' => '$path/rsvg -w$width -h$height $input $output',
+ 'imgserv' => '$path/imgserv-wrapper -i svg -o png -w$width $input $output',
+ );
+/** Pick a converter defined in $wgSVGConverters */
+$wgSVGConverter = 'ImageMagick';
+/** If not in the executable PATH, specify the SVG converter path. */
+$wgSVGConverterPath = '';
+/** Don't scale a SVG larger than this */
+$wgSVGMaxSize = 2048;
+/** Don't read SVG metadata beyond this point.
+ * Default is 1024*256 bytes */
+$wgSVGMetadataCutoff = 262144;
+
+/**
+ * MediaWiki will reject HTMLesque tags in uploaded files due to idiotic browsers which can't
+ * perform basic stuff like MIME detection and which are vulnerable to further idiots uploading
+ * crap files as images. When this directive is on, <title> will be allowed in files with
+ * an "image/svg+xml" MIME type. You should leave this disabled if your web server is misconfigured
+ * and doesn't send appropriate MIME types for SVG images.
+ */
+$wgAllowTitlesInSVG = false;
+
+/**
+ * Don't thumbnail an image if it will use too much working memory.
+ * Default is 50 MB if decompressed to RGBA form, which corresponds to
+ * 12.5 million pixels or 3500x3500
+ */
+$wgMaxImageArea = 1.25e7;
+/**
+ * Force thumbnailing of animated GIFs above this size to a single
+ * frame instead of an animated thumbnail. As of MW 1.17 this limit
+ * is checked against the total size of all frames in the animation.
+ * It probably makes sense to keep this equal to $wgMaxImageArea.
+ */
+$wgMaxAnimatedGifArea = 1.25e7;
+/**
+ * Browsers don't support TIFF inline generally...
+ * For inline display, we need to convert to PNG or JPEG.
+ * Note scaling should work with ImageMagick, but may not with GD scaling.
+ *
+ * Example:
+ * <code>
+ * // PNG is lossless, but inefficient for photos
+ * $wgTiffThumbnailType = array( 'png', 'image/png' );
+ * // JPEG is good for photos, but has no transparency support. Bad for diagrams.
+ * $wgTiffThumbnailType = array( 'jpg', 'image/jpeg' );
+ * </code>
+ */
+ $wgTiffThumbnailType = false;
+
+/**
+ * If rendered thumbnail files are older than this timestamp, they
+ * will be rerendered on demand as if the file didn't already exist.
+ * Update if there is some need to force thumbs and SVG rasterizations
+ * to rerender, such as fixes to rendering bugs.
+ */
+$wgThumbnailEpoch = '20030516000000';
+
+/**
+ * If set, inline scaled images will still produce <img> tags ready for
+ * output instead of showing an error message.
+ *
+ * This may be useful if errors are transitory, especially if the site
+ * is configured to automatically render thumbnails on request.
+ *
+ * On the other hand, it may obscure error conditions from debugging.
+ * Enable the debug log or the 'thumbnail' log group to make sure errors
+ * are logged to a file for review.
+ */
+$wgIgnoreImageErrors = false;
+
+/**
+ * Allow thumbnail rendering on page view. If this is false, a valid
+ * thumbnail URL is still output, but no file will be created at
+ * the target location. This may save some time if you have a
+ * thumb.php or 404 handler set up which is faster than the regular
+ * webserver(s).
+ */
+$wgGenerateThumbnailOnParse = true;
+
+/**
+* Show thumbnails for old images on the image description page
+*/
+$wgShowArchiveThumbnails = true;
+
+/** Obsolete, always true, kept for compatibility with extensions */
+$wgUseImageResize = true;
+
+
+/**
+ * Internal name of virus scanner. This servers as a key to the
+ * $wgAntivirusSetup array. Set this to NULL to disable virus scanning. If not
+ * null, every file uploaded will be scanned for viruses.
+ */
+$wgAntivirus= null;
+
+/**
+ * Configuration for different virus scanners. This an associative array of
+ * associative arrays. It contains one setup array per known scanner type.
+ * The entry is selected by $wgAntivirus, i.e.
+ * valid values for $wgAntivirus are the keys defined in this array.
+ *
+ * The configuration array for each scanner contains the following keys:
+ * "command", "codemap", "messagepattern":
+ *
+ * "command" is the full command to call the virus scanner - %f will be
+ * replaced with the name of the file to scan. If not present, the filename
+ * will be appended to the command. Note that this must be overwritten if the
+ * scanner is not in the system path; in that case, plase set
+ * $wgAntivirusSetup[$wgAntivirus]['command'] to the desired command with full
+ * path.
+ *
+ * "codemap" is a mapping of exit code to return codes of the detectVirus
+ * function in SpecialUpload.
+ * - An exit code mapped to AV_SCAN_FAILED causes the function to consider
+ * the scan to be failed. This will pass the file if $wgAntivirusRequired
+ * is not set.
+ * - An exit code mapped to AV_SCAN_ABORTED causes the function to consider
+ * the file to have an usupported format, which is probably imune to
+ * virusses. This causes the file to pass.
+ * - An exit code mapped to AV_NO_VIRUS will cause the file to pass, meaning
+ * no virus was found.
+ * - All other codes (like AV_VIRUS_FOUND) will cause the function to report
+ * a virus.
+ * - You may use "*" as a key in the array to catch all exit codes not mapped otherwise.
+ *
+ * "messagepattern" is a perl regular expression to extract the meaningful part of the scanners
+ * output. The relevant part should be matched as group one (\1).
+ * If not defined or the pattern does not match, the full message is shown to the user.
+ */
+$wgAntivirusSetup = array(
+
+ #setup for clamav
+ 'clamav' => array (
+ 'command' => "clamscan --no-summary ",
+
+ 'codemap' => array (
+ "0" => AV_NO_VIRUS, # no virus
+ "1" => AV_VIRUS_FOUND, # virus found
+ "52" => AV_SCAN_ABORTED, # unsupported file format (probably imune)
+ "*" => AV_SCAN_FAILED, # else scan failed
+ ),
+
+ 'messagepattern' => '/.*?:(.*)/sim',
+ ),
+
+ #setup for f-prot
+ 'f-prot' => array (
+ 'command' => "f-prot ",