Hello everybody,
I am trying to upload new plugins in my OJS administration through Site settings > Plugins > Upload A New Plugin, but it always ends up with the error message “Files of this type can not be uploaded”.
I am uploading the plugins in a tar.gz archive.
I checked my server settings to see if these files are disabled at the Apache or PHP level, but this was not the case (our hosting technical support also confirmed that uploading files of this type is allowed on the server). Do I need to change something in the OJS settings? Am I missing something? Is there anything I should check?
Hi @kaitlin, thanks for your reply. However, I’m not sure if the problem is in the plugin packages themselves. I download them from the official website—e.g., Releases · pkp/orcidProfile · GitHub. There, I select the version corresponding to my OJS and download it in tar.gz format (on the mentioned page, for example, it is orcidProfile-v1_1_3_14.tar.gz). I also get the same error (“Files of this type cannot be uploaded”) when I install plugins via the plugin gallery.
Hi @jiri, it sounds like the issue isn’t the file packages. Is anything appearing in your PHP error log at the point when you try to install a plugin? And what do you have set in your config.inc.php file for tar (under the [cli] section)?
The Most Likely Cause: PHP [fileinfo] Extension
OJS 3.3 relies on a PHP extension called fileinfo to determine the real MIME type of a file (e.g., to confirm a .tar.gz file is actually application/x-gzip).
If the fileinfo extension is disabled on your server, OJS cannot verify any uploaded file. It rejects the file because it cannot confirm it’s safe. This also explains why the Plugin Gallery fails: OJS downloads the .tar.gz file from the PKP server, tries to validate it using fileinfo, fails, and gives you the exact same error.
Manual Installation - New Installation Plugin
If you still can’t get the uploader to work, you can always install the plugin manually. This method bypasses the upload check entirely.
On your local computer, unzip the .tar.gz file. You should get a folder (e.g., quickSubmit, googleAnalytics, etc.).
Using an FTP/SFTP client (like FileZilla) or your hosting cPanel File Manager, connect to your server.
Navigate to your OJS plugins/ directory.
Inside the plugins/ directory, find the correct sub-directory for your plugin type. (e.g., generic/, themes/, importexport/). The plugin’s documentation will tell you which one.
Upload the entire plugin folder (from Step 1) into that directory.
Example: Upload the orcidProfile folder to plugins/generic/ so the final path is plugins/generic/orcidProfile/.
Go back to your OJS admin dashboard: Site settings > Plugins.
Find the new plugin in the list. It will be disabled.
Click the Enable checkbox next to it.
Manual Installation - Upgrade Plugins
*Warning: Always backup your database and files, before this progress
After Replace Plugin Files
Run Database Upgrade: You must update the database to match the new code.
Recommended Method (SSH): Access your server via command line and run:
Bash
php tools/upgrade.php upgrade
This is a safe command. It checks all plugin versions and runs the necessary database scripts for the plugin you just updated.
Alternative Method: Set installed = Off in config.inc.php and execute run upgrade. back to installed = On if finished.
For the second time I remind you to always backup the database and files before this process is carried out.
Thanks for that confirmation. Okay, so we can rule out the fileinfo extension as the cause.
You mentioned in your earlier reply (to @kaitlin) that you also get the same error when installing from the Plugin Gallery. This is a very important clue.
A failure in both places (manual upload and the Plugin Gallery) strongly suggests that OJS is failing at the step after getting the file: the unpacking process.
As you suspected, the most likely cause for this is the exec function being disabled in your PHP configuration.
Here is the process:
OJS needs to execute the server command for tar (which is defined in your config.inc.php as /bin/tar) to unpack the .tar.gz archive.
To run this external command, PHP needs to use a function like exec.
If exec is listed in your server’s disable_functions (which is very common on shared hosting for security reasons), OJS has no permission to run the tar command.
The process fails, and it falls back to the generic “Files of this type can not be uploaded” error because it couldn’t successfully unpack and validate the contents.
Action:
Please check your phpinfo() : (https)yourOJS.com/index.php/index/admin/phpinfo output again. Search for the disable_functions directive.
Check if exec is in that list. If it is, you will need to remove exec from the disable_functions.
If exec turns out not to be the problem, the next most common things are Folder Permissions (make sure the plugins/ directory is writable) and open_basedir restrictions in PHP (which can block execution of /bin/tar).
Thank you very much for your reply and detailed explanation. I checked the disable_functions item in the phpinfo() output, but I don’t see the exec function there. I only see pcntl_exec there, which I assume is not relevant.
As for the plugins/ folder, I see its permissions set to 775—is that okay? Could you please provide more detailed information on what the open_basedir setting should look like?
