Function and usage of check_upload_mimes() in wordpress


Answers ( 1 )


    The check_upload_mimes() function in WordPress is a utility used to check an array of MIME (Multipurpose Internet Mail Extensions) types against the list of allowed types for file uploads. This is particularly relevant for ensuring that files uploaded through WordPress adhere to a predefined set of acceptable formats, enhancing both security and compatibility.


    check_upload_mimes( array $mimes ): array


    WordPress has a predefined list of allowed file types for uploads, which is defined in the get_allowed_mime_types() function located in wp-includes/functions.php. The check_upload_mimes() function plays a crucial role in filtering these MIME types.

    This function is particularly important in a WordPress Multisite environment. In such a setup, the Super Admins have the ability to define a list of allowed file types for the entire network. This list can be managed through the Network Admin interface, specifically at wp-admin/network/settings.php.

    The primary use of check_upload_mimes() is to cross-reference any given array of MIME types with the allowed list, ensuring that any file uploads conform to the network-wide settings established by Super Admins.


    • $mimes (array) (required): This parameter is an array of MIME types to be checked. Each MIME type in this array is compared against the list of allowed MIME types.


    • array: The function returns an array. This returned array contains only those MIME types (from the provided $mimes array) that are allowed according to the WordPress settings or the Multisite network settings.

    Sample Usage:

    Suppose you have a custom file upload mechanism in your WordPress plugin or theme, and you need to ensure that the files being uploaded are of types allowed by WordPress or the network settings. You might use check_upload_mimes() like this:

    // Example array of MIME types you want to check
    $my_mime_types = array(
        'jpg' => 'image/jpeg',
        'png' => 'image/png',
        'pdf' => 'application/pdf'
    // Check against allowed MIME types in WordPress
    $allowed_mimes = check_upload_mimes( $my_mime_types );
    // $allowed_mimes now contains only those MIME types allowed by WordPress

    In this example, $my_mime_types is an array of MIME types that you want to check. The check_upload_mimes() function compares these MIME types against the allowed list in WordPress, and the resulting array $allowed_mimes contains only those types that are permitted. You can then use this array to validate file uploads in your application.

Leave an answer