Only the first allowed mime type is in use in filter upload_mimes

[kkarpieszuk]

Steps:

1. add some allowed file type but define it with comma separated mime types when the first one is for sure not correct (for example for XML file add foo/bar,text/xml mime types
2. try to upload this file

It will be not uploaded because in the FileUploadTypes\Plugin::allowed_types we are removing other mime types and are using only the first one.

This should be rewritten to something like:

	public function allowed_types( $mime_types ): array {

		$mime_types = (array) $mime_types;

		$enabled_types = $this->enabled_types();

		foreach( $enabled_types as $ext => $mime ) {
			if ( is_array( $mime ) ) {
				$i = 1;

				foreach ($mime as $m) {

					if ( $i === 1 ) {
						$enabled_types[$ext] = $m;
						continue;
					}

					$enabled_types[$ext . '_' . $i] = $m;
					$i++;
				}
			}
		}

		return array_replace( $mime_types, $enabled_types );
	}

The risk of this change is high, so it can not be added without caution

[kkarpieszuk]

for time being here is a filter which bypass type checking for files .ddd|.DDD when uploaded with WP Media uploader:

add_filter( 'wp_handle_upload_overrides', 'dont_test_ddd_mime_type', 10, 2 );

function dont_test_ddd_mime_type( $overrides, $file ) {

	// check if the file is a .ddd or .DDD file.
	if ( preg_match( '/\.ddd$/i', $file['name'] ) ) {
		$overrides['test_type'] = false;
	}

	return $overrides;
}

For other places it could be a different hook, so if anyone see it is not working, please mention test steps and I will investigate.

CC @kennymacharia

[kennymacharia]

Thank you @kkarpieszuk for the heads up. Linking the report below:
https://wordpress.org/support/topic/plugin-not-working-correctly-with-php-8-3/