Filter uncanny-automator

automator_email_attachment_allowed_file_extensions

Filters the allowed file extensions for email attachments before they are processed.

add_filter( 'automator_email_attachment_allowed_file_extensions', $callback, 10, 1 );

Description

Allows developers to filter the list of allowed file extensions for email attachments. Modify this filter to permit or deny specific file types, enhancing security and control over uploaded content within the WordPress Automator plugin's email functionality.

Usage

add_filter( 'automator_email_attachment_allowed_file_extensions', 'your_function_name', 10, 1 );

Return Value

The filtered value.

Examples

/**
 * Add support for uploading .webp image files as email attachments.
 *
 * By default, the plugin might not allow certain image formats. This filter
 * hooks into the allowed file extensions and adds '.webp' to the list.
 *
 * @param array $allowed_extensions An array of allowed file extensions.
 * @return array The modified array of allowed file extensions.
 */
function my_automator_add_webp_attachment_extension( $allowed_extensions ) {
    // Ensure $allowed_extensions is an array before using in_array
    if ( ! is_array( $allowed_extensions ) ) {
        $allowed_extensions = array();
    }

    // Add .webp if it's not already in the list
    if ( ! in_array( '.webp', $allowed_extensions, true ) ) {
        $allowed_extensions[] = '.webp';
    }

    return $allowed_extensions;
}
add_filter( 'automator_email_attachment_allowed_file_extensions', 'my_automator_add_webp_attachment_extension', 10, 1 );

Placement

This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.

Source Code

src/core/services/email/attachment/class-upload-directory-sanitizer.php:92
src/core/services/email/attachment/handler.php:143
src/core/services/email/attachment/handler.php:245

private function delete_unsafe_files( $dir ) {

		$files     = glob( trailingslashit( $dir ) . '*' ) ?: array();
		$allowed   = apply_filters( 'automator_email_attachment_allowed_file_extensions', automator_get_allowed_attachment_ext() );
		$protected = array( '.htaccess', 'index.php' );

		foreach ( $files as $file ) {

			if ( ! is_file( $file ) ) {
				continue;
			}

			if ( in_array( basename( $file ), $protected, true ) ) {
				continue;
			}

			$extension = strtolower( pathinfo( $file, PATHINFO_EXTENSION ) );

			if ( empty( $extension ) || ! in_array( $extension, $allowed, true ) ) {
				wp_delete_file( $file );
				automator_log( sprintf( 'Deleted unsafe file: %s', basename( $file ) ), 'Upload_Directory_Sanitizer' );
			}
		}
	}
Scroll to Top