Allow User to Upload File via Wordpress

Detail
Ulasan
Instalasi
Bantuan
Pengembangan

With this plugin you or other users can upload files to your site from any page, postal service or sidebar hands and deeply.

Simply put the shortcode [wordpress_file_upload] to the contents of any WordPress page / post or add together the plugin's widget in any sidebar and you lot will exist able to upload files to any directory inside wp-contents of your WordPress site.

You can add custom fields to submit additional data together with the uploaded file.

Y'all can use it to capture screenshots or video from your webcam and upload it to the website (for browsers that support this feature).

Yous tin can fifty-fifty use it equally a uncomplicated contact (or any other type of) form to submit data without including a file.

The plugin displays the list of uploaded files in a split top-level menu in Dashboard and includes a file browser to access and manage the uploaded files (only for admins currently).

Several filters and deportment before and later on file upload enable extension of its capabilities.

The characteristics of the plugin are:

Information technology uses the latest HTML5 applied science, however it volition also work with erstwhile browsers and mobile phones.
Information technology is compliant with the General Data Protection Regulation (GDPR) of the European Wedlock.
It can be added in posts, pages or sidebars (as a widget).
It can capture and upload screenshots or video from the device's camera.
Information technology supports additional class fields (like checkboxes, text fields, email fields, dropdown lists etc).
It can be used as a simple contact form to submit data (a selection of file can be optional).
It produces notification messages and e-mails.
Information technology supports choice of destination folder from a list of subfolders.
Upload progress can exist monitored with a progress bar.
Upload process can be cancelled at any time.
It supports redirection to another url after successful upload.
There can be more than one instances of the shortcode in the same page or postal service.
Uploaded files can be added to Media or exist attached to the current page.
Uploaded files can be saved to an FTP location (ftp and sftp protocols supported).
It is highly customizable with many (more than 50) options.
It supports filters and actions earlier and afterward file upload.
It contains a visual editor for customizing the plugin hands without any noesis of shortcodes or programming
It supports logging of upload events or management of files, which tin can be viewed past admins through the Dashboard.
It includes an Uploaded Files meridian-level menu detail in the Dashboard, from where admins can view the uploaded files.
It includes a file browser in the Dashboard, from where admins can manage the files.
It supports multilingual characters and localization.

The plugin is translated in the following languages:

Portuguese, kindly provided by Rui Alao
German
French, kindly provided past Thomas Bastide of http://www.omicronn.fr/ and improved by other contributors
Serbian, kindly provided past Andrijana Nikolic of http://webhostinggeeks.com/
Dutch, kindly provided past Ruben Heynderycx
Chinese, kindly provided by Yingjun Li
Spanish, kindly provided by Marton
Italian, kindly provided by Enrico Marcolini https://www.marcuz.it/
Polandia
Swedish, kindly provided past Leif Persson
Persian, kindly provided by Shahriyar Modami http://chabokgroup.com
Greek

Delight note that old desktop browsers or mobile browsers may not back up all of the above functionalities. In guild to get full functionality apply the latest versions browsers, supporting HTML5, AJAX and CSS3.

For additional features, such equally multiple file upload, very large file upload, drag and drib of files, captcha, detailed upload progress confined, list of uploaded files, epitome gallery and custom css please consider WordPress File Upload Professional.

Please visit the Other Notes section for customization options of this plugin.

Plugin Customization Options

Please visit the support folio of the plugin for detailed clarification of customization options.

Requirements

The plugin requires to have Javascript enabled in your browser. For Internet Explorer you likewise need to accept Active-X enabled.
Delight annotation that old desktop browsers or mobile browsers may not support all of the plugin'south features. In order to get full functionality use the latest versions of browsers, supporting HTML5, AJAX and CSS3.

First install the plugin using WordPress automobile-installer or download the .zip file from wordpress.org and install information technology from the Plugins section of your Dashboard or re-create wordpress_file_upload directory within wp-contents/plugins directory of your wordpress site.
Activate the plugin from Plugins section of your Dashboard.
In lodge to use the plugin only go to the Dashboard / Settings / WordPress File Upload and follow the instructions in Plugin Instances or alternatively put the shortcode [wordpress_file_upload] in the contents of any folio.
Open the page on your browser and yous will see the upload form.
You can change the upload directory or any other settings easily by pressing the small edit push button found at the left-top corner of the upload form. A new window (or tab) with popular up with plugin options. If you do not see the new window, adjust your browser settings to allow pop-up windows.
Full documentation about the plugin options can be found at https://wordpress.org/plugins/wp-file-upload/other_notes/ or at http://www.iptanus.com/wordpress-plugins/wordpress-file-upload/ (including the Pro version)

A getting started guide can be institute at http://world wide web.iptanus.com/getting-started-with-wordpress-file-upload-plugin/

Will the plugin work in a mobile browser?: Aye, the plugins volition work in near mobile phones (has been tested in iOS, Android and Symbian browsers also every bit Opera Mobile)
Exercise I need to take Flash to utilise then plugin?: No, you do not need Wink to use the plugin.
I go a Safety Manner restriction error when I endeavor to upload a file. Is in that location an alternative?: Your domain has probably turned Prophylactic MODE ON and yous take restrictions uploading and accessing files. WordPress File Upload includes an alternative manner to upload files, using FTP access. Merely add the aspect accessmethod="ftp" inside the shortcode, together with FTP access data in ftpinfo attribute.
Can I run into the progress of the upload?: Yes, yous tin can meet the progress of the upload. During uploading a progress bar will announced showing progress info, however this functionality functions only in browsers supporting HTML5 upload progress bar.
Can I upload many files at the same time?: Aye, simply not in the free version. If you want to let multiple file uploads, delight consider the Professional version.
Where do files go after upload?: Files by default are uploaded within wp-content directory of your WordPress website. To change information technology use attribute uploadpath.
Can I run into and download the uploaded files?: Administrators can view all uploaded files together with associated field information from the plugin's Settings in Dashboard. The Professional person version of the plugin allows users to view their uploaded files, either from the Dashboard, or from a page or post.
Are at that place filters to restrict uploaded content?: Yes, you can control allowed file size and file extensions by using the appropriate aspect (run across Other Notes section).
Are in that location any upload file size limitations?: Aye, there are file size limitations imposed by the web server or the host. If y'all want to upload very large files, please consider the Professional version of the plugin, which surpasses size limitations.
Who tin upload files?: By default all users can upload files. Y'all tin can ascertain which user roles are allowed to upload files. Even guests tin be immune to upload files. If you want to permit only specific users to upload files, then delight consider the Professional person version of the plugin.
What security is used for uploading files?: The plugin is designed not to expose website sensitive data. It has been tested by experts and verified that protects confronting CSRF and XSS attacks. All parameters passing from server to client side are encoded and sanitized. For higher protection, like use of captcha, please consider the Professional version of the plugin.
What happens if connection is lost during a file upload?: In the gratuitous version the upload will fail. Withal in the Pro version the upload will resume and volition go on until the file is fully uploaded. This is specially useful when uploading very large files.
The plugin does not wait prissy with my theme. What tin can I practise?: There is an pick in plugin's settings in Dashboard to relax the CSS rules, and then that buttons and text boxes inherit the theme'southward styles. If additional styling is required, this can exist done using CSS. The Professional person version of the plugin allows CSS rules to be embed in the shortcode.

I've spent virtually month trying to go this to work. Information technology doesn't upload to the specified path. Support is very unresponsive. Requesting a total refund.

Dearest plugin author, how on earth could yous hardcode the css into wfu_template.php? WHY? Inline css is a very bad practice. Autonomously from that, thank you for squeamish plugin.

Just doesn't work. I add together the shortcode to the folio, then test it. Click on the file upload button, cull the file I want to upload, then click 'Open'. Goes back to the main page and cypher in that location. Information technology doesn't show the file I just chose. Can't upload. Waste material of time.

This plugin seems to exist exactly what I demand. Haven't had the chance to use it that much still but volition likely consider getting the Professional Version. Information technology seems to not work with some plugins, for case Elementor, which is fine. But create a separate page for uploading without such plugins.

It took a bit to wrap my caput around all of the configuration possibilities, but it'southward well worth the learning curve. One time y'all see everything it can do and how to practise information technology, I can't imagine very many scenarios this plugin couldn't cover. If there was any gripe at all, it would exist that the documentation is a chip scattered most. Take your time to set up this upwardly properly and you'll exist happy yous did. Five Stars!

Baca semua 107 ulasan

"WordPress File Upload" adalah perangkat lunak open source. Berikut ini mereka yang sudah berkontribusi pada plugin ini.

Kontributor

nickboss

4.sixteen.three

improved sanitization and escaping of shortcode attributes to avoid XSS attacks
file type .svg moved to blacklist to avoid XSS attacks coming from scripts inside SVG files
added security check to preclude uploads inside wp-content/plugin directory
improved handling of videoname and imagename file uploader shortcode attributes to avoid directory traversal attacks
improved /lib and /extensions loader to avoid arbitrary lawmaking execution through injected image files
all wfu_blocks.php functions became redeclareable

4.16.ii

small problems fixes in Pro version

4.16.1

corrected $_SESSION variable problem in maintenance purge function

4.sixteen.0

visual editor edit button misalignment fixed
corrected echo problem when recording from webcam with sound

4.15.0

COOKIEHASH bug corrected
credentials in FTP paths are stripped from the paths
corrected File Detais to File Details
regex "/(.)<\/style><script.?>(.)<\/script>(.)/southward" changed to "/(.)<\/style>.?<script.?>(.)<\/script>(.*)/s" in functions.php
corrected discover: Undefined alphabetize: mail service in wfu_admin.php when the website has no posts

four.14.iv

restored .po files in languages and then that users can change translations

4.14.3

slight change in wfu_get_filtered_recs to handle cases where b.date_from is nada
code improvements to increase loading speed of plugin's file browser
added wfu_mime_content_type() function that uses several methods to get MIME type of a file

four.14.2

code improved so that upload bulletin colors correctly adjust to shortcode color settings
slight modifications to upload bulletin colors while upload is in progress
plugin cookie names adjusted in case COOKIEHASH does not be
corrected issues of the new plugin updater causing a warning when there are plugins that do not have their own subdirectory
closing tags removed from all PHP files to avoid "Headers already sent" errors
corrected bug where the uploads counter was showing to non-administrators
wfu_log_action and wfu_process_files functions became redeclarable
removed debug_log from wfu_process_files_queue
consent Yeah/No question was added in translation
corrected locale of Greek translation

4.14.one

fix webcam play button bug
corrected issue with implode() office of minifier library appearing in websites having PHP > seven.iv.ii
wfu_admin.php modified to use wfu_ajaxurl() role

iv.14.0

minor fixes of bugs and code improvements.

4.13.1

file checking of uploaded files hardened to better handle xss attacks coming through uploaded image files.

four.13.0

corrected security vulnerability where remote lawmaking could exist executed using directory traversal method. Credits to p4w security expert for identifying the vulnerability.
improved user bank check algorithm during upload, related to upload parameters array
corrected bug where Restricted Page Loading was working simply for pages, all other post types were loading the plugin files as if in that location was no restriction

4.12.ii

corrected issues where files could not be downloaded in some server environments when dboption user state handler was enabled

iv.12.1

corrected issues where files could not be downloaded from Dashboard / Uploaded Files folio

4.12.0

corrected problems where export data file was not deleted after download
corrected bug in FTP credentials configurator about double backslash (\) issue
added cookies user country handler that has been integrated with dboption every bit 'Cookies (DBOption)' to comply with WordPress directives not to apply session
'Cookies (DBOption)' user state handler has been set up as the default one
added advanced choice WFU_US_DBOPTION_BASE so that dboption can also work with session
added advanced option WFU_US_SESSION_LEGACY to utilize the old session functionality of the plugin, having session_start() in header
added auto-adjustment of user state handler to 'dboption' during activation (or update) of the plugin
problems "Error: [] cURL error 28" in WordPress Site Health disappears when setting user country handler to 'Cookies (DBOption)' or when WFU_US_SESSION_LEGACY avant-garde option is simulated
added the ability to run PHP processes in queue, which is necessary for correctly handling uploads when user state handler is dboption

4.11.2

added easier configuration of FTP Credentials (ftpinfo) attribute of the uploader shortcode

iv.11.1

corrected problems in functions wfu_manage_mainmenu() and wfu_manage_mainmenu_editor() that were echoing and not returning the generated HTML
added ready for compatibility with Fast Velocity Minify plugin

4.11.0

code improved then that shortcode composer can be used by all users who can edit pages (and not merely the admins)
added environment variable 'Show Shortcode Composer to Non-Admins' to command whether not-admin users can edit the shortcodes
added filtering of get_users() function in order to handle websites with many users more than efficiently
added notification in shortcode composer if user leaves page without saving
corrected problems where restricted frontend loading of the plugin was not working for websites installed in localhost due to incorrect calculation of request uri

4.10.3

added the ability to move one or more files to another folder through the File Browser feature in Dashboard area of the plugin
improved responsiveness of shortcode composer and Main Dashboard page of the plugin
problems fix in wfu_revert_log_action

iv.10.2

added wordpress_file_upload_preload_check() function in primary plugin file to avoid conflicts of variable names with WordPress
updated webcam code to address createObjectURL Javascript mistake that prevents webcam feature to work in latest versions of browsers

4.10.1

lawmaking modified so that vendor libraries are loaded simply when necessary
improved process of deleting all plugin options
added honeypot field to userdata fields; this is a security feature, in replacement of captchas, invisible to users that prevents bots from uploading files
added attribute 'Consent Denial Rejects Upload' in uploader shortcode Personal Information tab to stop the upload if the consent reply is no, equally well every bit 'Refuse Message' attribute to customize the upload rejection message shown to the user
added attribute 'Do Not Remember Consent Respond' in uploader shortcode Personal Data tab to bear witness the consent question every time (and not only the outset time)
attribute 'Preselected Answer' in uploader shortcode Personal Data tab modified to be compatible with either checkbox or radio Consent Format
upload consequence bulletin adjusted to show the correct upload condition in instance that files were uploaded but were non saved due to Personal Data policy
lawmaking improved for sftp uploads to handle PECL ssh2 problems #73597

four.10.0

plugin lawmaking improved to back up files containing unmarried quote characters (') in their filename
corrected bug where plugin was deactivated later on update

4.9.1

added Maintenance action 'Purge All Information' that entirely erases the plugin from the website and deactivates it
added advanced option 'Hibernate Invalid Uploaded Files' and so that Uploaded Files page in Dashboard can show but valid uploads
added advanced choice 'Restrict Front-Terminate Loading' to load the plugin only on specific pages or posts in order to reduce unnecessary workload on pages not containing the plugin
code improved for ameliorate operation of the plugin when the website works behind a proxy
added option in Clean Log to erase the files together with plugin data

4.9.0

code further improved to reduce "Iptanus Server unreachable…" errors
checked Weglot Translate compatibility; /wp-admin/admin-ajax.php needs to exist added to Exclusion URL list of Weglot configuration so that uploads tin work
several significant additions in the Pro version, including Microsoft OneDrive integration

4.eight.0

added particular in Admin Bar that displays number of new uploads and redirects to Uploaded Files Dashboard page
lawmaking improved in Uploaded Files Dashboard page so that download action direct downloads the file, instead of redirecting to File Browser
added Advanced selection 'WFU_UPLOADEDFILES_COLUMNS' that controls the order and visibility of Uploaded Files Dashboard page columns
added Avant-garde selection 'WFU_UPLOADEDFILES_ACTIONS' that controls the lodge and visibility of Uploaded Files Dashboard page file actions
added several filters in Uploaded Files Dashboard page to make information technology more customizable
PHP role redeclaration system significantly improved to back up arguments past reference, execution later the original function and redeclaration of variables
code improved to reduce "Iptanus Server unreachable…" errors (better operation of verify_peer http context holding)
added a link in Iptanus Unreachable Server fault message to an Iptanus commodity describing how to resolve it

4.7.0

added Uploaded Files elevation-level Dashboard bill of fare item, showing all the uploaded files and highlighting the new ones
added Portuguese translation from Rui Alao
checked and verified compatibility with Gutenberg
plugin initialization deportment moved to plugins_loaded filter
fixed bug clearing userdata fields when Select File is pressed
File Browser and View Log tables modified to get more responsive especially for minor screens

4.half dozen.2

corrected consent_status alarm when updating user contour and Personal Information is off
user fields code improved for ameliorate data autofill behaviour

4.vi.1

added uploader shortcode attribute 'resetmode' to control whether the upload form volition be reset after an upload
added pagination in File Browser tab in Dashboard area of the plugin

four.six.0

corrected slash (/) parse Javascript fault near 'fakepath' appearring on some situations
added nonces in Maintenance Deportment to increase security
improved code in View Log and so that no links appear to invalid files
improved code in View Log so that when the admin opens a file link to view file details, 'go back' button volition lead back to the View Log page and not to File Browser
improved lawmaking in 'Clean Log' button in Maintenance Deportment in Dashboard surface area of the plugin, then that the admin tin select the period of make clean-upwards

4.5.1

code improved in wfu_js_decode_obj role for meliorate compatibility with Safari browser
code improved to sanitize all shortcode attributes before uploader class or file viewer is rendered
removed external references to code.jquery.com and cdnjs.cloudflare.com for amend compliance with GDPR

4.five.0

added basic compliance with GDPR
added several shortcode attributes to configure personal data consent appearance and behaviour
added area in User Profile from where users tin can review and change their consent status
added Personal Information option in Settings that enables personal data operations
added Personal Data tab in plugin's area in Dashboard from where administrators can consign and erase users' personal data
corrected bug not accepting subfolder dimensions when subfolder chemical element was agile

iv.4.0

added culling user country handler using DB Options tabular array in order to overcome issues with session variables appearing on many spider web servers

4.three.iv

all Settings sanitized correctly to preclude XSS attacks – credits to ManhNho for mentioning this problem

4.3.3

all shortcode attributes sanitized correctly to shut a serious security hole – credits to ManhNho for mentioning this problem

4.3.2

fixed bug in wfu_before_upload and wfu_after_upload filters that was breaking JS scripts if they contained a closing bracket ']' symbol

4.3.1

added placeholder pick in available label positions of additional fields; label volition be the placeholder attribute of the field

four.iii.0

fixed bug where ftp credentials did not piece of work when username or countersign contained (:) or (@) symbols
RegExp prepare for wfu_js_decode_obj office for improved compatibility with caching plugins
corrected WFU_Original_Template::get_instance() method because information technology always returned the original class
View Log page improved so that displayed additional user fields of an uploaded file are non cropped

4.2.0

changed logic of file sanitizer; dots in filename are past default converted to dashes, in guild to avoid upload failures caused when the plugin detects double extensions
corrected issues where a Javascript error was generated when askforsubfolders was disabled and showtargetfolder was active
added css and js minifier in inline code
plugin modified and so that the shortcodes render correctly either Javascript loads early on (in header) or late (in footer)
plugin modified then that Media record is deleted when the associated uploaded file is deleted from plugin'southward database
corrected problems where some plugin images were not loaded while Relax CSS option was inactive

4.i.0

changed logic of file sanitizer; dots in filename are by default converted to dashes, in guild to avoid upload failures caused when the plugin detects double extensions
added advanced option WFU_SANITIZE_FILENAME_DOTS that determines whether file sanitizer volition sanitize dots or not
timepicker script and style replaced by about recent version
timepicker script and mode files removed from plugin and loaded from cdn
json2 script removed from plugin and loaded from WordPress registered script
JQuery UI style updated to latest ane.12.1 minified version
added wfu_before_admin_scripts filter before loading admin scripts and styles in order to command incompatibilities
removed getElementsByClassName-one.0.1.js file from plugin, getElementsByClassName office was replaced by DOM querySelectorAll
corrected bug showing alert "Notice: Undefined variable: page_hook_suffix…" when a non-admin user opened Dashboard
corrected fatal error "func_get_args(): Can't be used every bit a function parameter" appearing in websites with PHP lower than 5.three
added _wfu_file_upload_hide_output filter that runs when plugin should not exist shown (east.thou. for users not inluded in uploadroles), in lodge to output custom HTML
corrected issues where email fields were always validated, even if validate option was non activated
corrected bug where number fields did non permit invalid characters, even if typehook option was non activated
corrected bug where email fields were not allowed to exist ampty when validate pick was activated
corrected error T_PAAMAYIM_NEKUDOTAYIM appearing when PHP version is lower than 5.iii
corrected bug with random upload fails caused when params_index corresponds to more than than one params

4.0.1

translation of the plugin in Persian, kindly provided past Shahriyar Modami http://chabokgroup.com
corrected problems where notification email was not sending atachments
corrected issues not cleaning log in Maintenance Actions

4.0.0

huge renovation of the plugin, the UI lawmaking has been rewritten to render based on templates
code modified then that information technology can correctly handle sites where content dir is explicitly defined
corrected bug in Dashboard file editor so that it tin can work when the website is installed in a subdirectory
corrected warnings showing when editing a file that was included in the plugin's database
added filter in get_posts and so that it does not cause problems when there are too many pages/posts
bug fixes so that forcefilename works better and does non strip spaces in the filename
lawmaking improved to protect from hackers trying to employ the plugin every bit email spammer
added avant-garde variable Force Email Notifications so that electronic mail tin can be sent even if no file was uploaded
corrected bug not showing sanitized filanames correctly in email
corrected bug so that dates evidence-up in local time and not in UTC in Log Viewer, File Browser and File Editor
fixed bug showing "Warning: Missing argument 2 for wpdb::prepare()" when cleaning up the log in Maintenance Deportment
corrected bug where when configuring subfolders with visual editor the subfolder dialog showed unknown error
corrected problems where the Select File button was not locked during upload in case of classical HTML (no-ajax) uploads
added cancel button functionality for archetype no-ajax uploads
added support for Secure FTP (sftp) using SSH2 library
successmessagecolor and waitmessagecolors attributes are hidden equally they are no longer used

3.eleven.0

added the ability to submit the upload course without a file, simply similar a contact class
added aspect allownofile in uploader shortcode; if enabled so the upload grade tin can exist submitted without selection of a file
added wfu_before_data_submit and wfu_after_data_submit filters which are invoked when the upload grade is submitted without a file
added advanced debug options for more than comprehensive and deep troubleshooting
added internal filters for advanced hooking of ajax handlers
stock-still several security problems
fixed bug that was generating an error when automatic subfolders were activated and the upload folder did non exist
corrected bug where single quote, double quote and backslash characters in user fields were non saved correctly (they were escaped)
fixed bug where any changes made to the user data (e.g. through a filter) were not included in the e-mail bulletin
added unique_id variable in wfu_before_file_check and wfu_after_file_upload filters
inverse column titles in the tables of plugin instances in Main tab in Dashboard
fixed bug where if a user field was modified from the file editor, custom columns were changing order

3.10.0

an alternative Iptanus server is launched in Google Cloud for resolving the notorious error "file_get_contents(https://services2.iptanus.com/wp-admin/admin-ajax.php): failed to open stream: Connection timed out."
added pick 'Apply Alternative Iptanus Server' in Settings to switch to the alternative Iptanus Server
added advanced choice 'Culling Iptanus Server' that points to an culling Iptanus Server
added advanced option 'Alternative Iptanus Version Server' that points to the alternative Iptanus Server URL returning the latest plugin version
an error is shown in the Principal page of the plugin in Dashboard if Iptanus Server is unreachable
a warning is shown in the Main page of the plugin in Dashboard if an alternative insecure (http) Iptanus Server is used
culling fix of fault accessing https://services2.iptanus.com for cURL (past disabling CURLOPT_SSL_VERIFYHOST) and for sockets past employing a better parser of socket response
added Swedish translation, kindly provided by Leif Persson
improved ftp functionality so that ftp folders can be created recursively

3.ix.6

added internal filter _wfu_file_upload_output earlier echoing uploader shortcode html
added ability to change the society of additional user fields in shortcode visual editor

iii.9.v

added environment variable 'Upload Progress Fashion' that defines how upload progress is calculated
improved progress bar adding
small-scale problems fixes in AJAX functions mentioned past Hanneke Hoogstrate http://www.blagoworks.nl/

three.9.iv

added option to enable admin to change the upload user of a file
code improvements and bug fixes related to file download feature
code improvements related to clean database function
added Italian translation

3.ix.3

added option to allow loading of plugin's styles and scripts on the front-end simply for specific posts/pages through wfu_before_frontpage_scripts filter
stock-still bug where when uploading big files with identical filenames and 'maintain both' pick, not all would be saved separately
two avant-garde variables were added to let the admin alter the export part separators

3.9.2

added surround variable to enable or disable version check, due to access bug of some users to Iptanus Services server
added timeout option to wfu_post_request part
added Castilian translation, kindly provided by Marton

3.ix.i

temporary gear up to accost issue with plugin's Main page in Dashboard not loading, past disabling plugin version bank check
correct Safari problem with extra spaces in success message coming from force_close_connection
correct bug where when extension has majuscule letters it is rejected

3.9.0

a big number of extensions take been blacklisted for preventing upload of potentially unsafe files
the plugin will not permit inclusion, renaming or downloading of files with blacklisted extensions based on the new list
if no upload extensions are defined or the uploadpattern is also generic, then the plugin will allow only specific extensions based on a white list of extensions; if the administrator wants to include more than extensions he/she must declare them explicitely
the use of the wildcard asterisk symbol has become stricter, asterisk will match all characters except the dot (.), so the default . blueprint will permit just 1 extension in the filename (and not more as happened and then far).
added environment variable 'Wildcard Asterisk Way' for defining the way of the wildcard asterisk symbol. If it is 'strict' (default) so the asterisk will not lucifer dot (.) symbol. If it is 'loose' then the asterisk volition match whatsoever characters (including dot).
slight issues fixes so that wildcard syntax works correctly with square brackets
added maximum number of uploads per specific interval in gild to avoid DDOS attacks
added environment variables related to Deprival-Of-Service attacks in gild to configure the behaviour of the DOS assault checker
bug fix of wfu_before_file_upload filter that was not working correctly with files larger than 1MB

3.eight.5

added bulk deportment feature in File Browser in Dashboard for admins
added delete and include bulk actions in File Browser
improvement of column sort functionality of File Browser
added environment variable 'Apply Alternative Randomizer' in order to make string randomizer function work for fast browsers
uploadedbyuser and userid fields became int to cope with large user ID numbers on some WordPress environments

3.8.4

dublicatespolicy attribute replaced by grammaticaly right duplicatespolicy, however backward compatibility with the old aspect is maintained

3.eight.3

fixed bug of subdirectory selector that was not initializing correctly afterwards upload
stock-still slight widget incompatibility with customiser
fixed bug of drag-n-drib feature that was not working when singlebutton operation was activated

3.8.ii

fixed issues in wfu_after_file_loaded filter that was not working and was overriden past obsolete wfu_after_file_completed filter
added option in plugin's Settings in Dashboard to include additional files in plugin's database
added feature in Dashboard File Browser for admins to include additional files in plugin's database

three.eight.i

fixed bug with duplicate userdata IDs in HTML when using more than one userdata occurrences

three.8.0

added webcam choice that enables webcam capture functionality
added webcammode atribute to ascertain capture mode (screenshots, video or both)
added audiocapture attribute to define if audio will exist captured together with video
added videowidth, videoheight, videoaspectratio and videoframerate attributes to constrain video dimensions and frame rate
added camerafacing attribute to ascertain the camera source (front end or dorsum)
added maxrecordtime attribute to define the maximum record time of video
added uploadmediabutton, videoname and imagename attributes to define custom webcam-related labels
stock-still bug that strips not-latin characters from filename when downloading files

3.7.three

improved filename sanitization function
added Chinese translation by Yingjun Li

3.7.two

added option to cancel upload
setting added so that upload does not fail when site_url and home_url are different
added attribute requiredlabel in uploader's shortcode that defines the required keyword
required keyword can at present be styled separately from the user field label
add together user fields in Media together with file
setting added then that userdata fields are shown in Media Library or non
added Dutch translation by Ruben Heynderycx

iii.7.1

internal code modifications and slight bug corrections

three.7.0

significant code modifications to make the plugin pluggable, invisible to users
addition of before and after upload filters
correction of small-scale problems in Shortcode Composer of File Viewer

iii.6.ane

Iptanus Services server for getting version info and other utilities is now secure (https)
stock-still issues with wfu_path_abs2rel function when ABSPATH is merely a slash
additional fixes and new features in Professional version

3.6.0

French translation improved
correction of small-scale bug at wfu_functions.php
lawmaking improvements in upload algorithm
wp_check_filetype_and_ext check moved afterwards completion of file
added wfu_after_file_complete filter that runs right after is fully uploaded
improved advent of plugin's area in Dashboard

3.5.0

textdomain changed to wp-file-upload to support the translation feature of wordpress.org
added option in Maintenance Deportment of plugin'south expanse in Dashboard to export uploaded file data
added pagination of non-admin logged user's Uploaded Files Browser
added pagination of front-end File Listing Viewer
added pagination of user permissions table in plugin's Settings
added pagination of Log Viewer
corrected issues in View Log that was not working when pressing on the link
improvements to View Log feature
improvements to file download function to avert corruption of downloaded file due to set_time_limit role that may generate warnings
added wfu_before_frontpage_scripts filter that executes correct before frontpage scripts and styles are loaded
added functionality to avert incompatibilities with NextGen Gallery plugin

3.iv.1

plugin's security improved to reject files that incorporate .php.js or similar extensions

three.iv.0

added fitmode attribute to make the plugin responsive
added widget "WordPress File Upload Form", so that the uploader tin can be installed in a sidebar
changes to Shortcode Composer and then that information technology can edit plugin instances existing in sidebars as widgets
changes to Uploader Instances in plugin'due south area in Dashboard to prove also instances existing inside sidebars
added the power to define dimensions (width and acme) for the whole plugin
dimensioning of plugin's elements improved when fitmode is set up to "responsive"
filter and not-object warnings of front-end file browser, appearing when DEBUG fashion is ON, removed
bug fixed to forepart-end file browser to hide Shortcode Composer push for non-admin users
logic inverse to front-end file browser to permit users to download files uploaded by other users
code changed to front-cease file browser to show a bulletin when a user attempts to delete a file that was non uploaded by him/her

iii.3.one

issues corrected that was breaking plugin operation for php versions prior to 5.iii
added a "Maintenance Actions" department in plugin's Dashboard page
added option in plugin's "Maintenance Actions" to completely make clean the database log

iii.3.0

userdatalabel attribute inverse to allow many field types
added the following user data field types: simple text, multiline text, number, email, confirmation electronic mail, countersign, confirmation password, checkbox, radiobutton, date, time, datetime, listbox and dropdown list
added several options to configure the new user data fields: characterization text (to ascertain the label of the field), label position (to define the position of the label in relation to the field), required option (to define if the field needs to be filled before file upload), do-not-autocomplete option (to preclude the browsers for completing the field automatically), validate choice (to perform validity checks of the field before file upload depending on its type), default text (to define a default value), group id (to group fields together such every bit multiple radio buttons), format text (to define field formatting depending on the field type), typehook option (to enable field validation during typing within the field), hint position (to define the position of the message that volition be shown to prompt the user that a required field is empty or is not validated) besides equally an pick to define additional data depending on the field type (e.g. define listing of items of a listbox or dropdown list)
Shortcode Composer changed to support the new user data fields and options
placement attribute tin can accept more than one instances of userdata
stock-still bug not showing engagement selector of date fields in Shortcode Composer when working with Firefox or IE browsers
in some cases required userdata input field volition turn red if non populated
shortcode_exists and wp_slash fixes for working earlier iii.6 WordPress version
minor issues fixes

iii.2.i

removed 'class-field' class from admin table tr elements
corrected bug that was causing problems in uploadrole and uploaduser attributes when a username or role independent uppercase letters
uploadrole and uploaduser attributes logic modified; guests are immune just if 'guests' word is included in the attribute
modifications to the download functionality script to be more robust
corrected bug that was not showing options below a line item of admin tables in Cyberspace Explorer
several feature additions and bug fixes in Professional version

3.2.0

added selection in plugin's settings to relax CSS rules so that plugin inherits theme styling
modifications in html and css of editable subfolders characteristic to await better
modifications in html and css of prompt message when a required userdata field is empty
PLUGINDIR was replaced by WP_PLUGIN_DIR so that the plugin can piece of work for websites where the contents dir is other than wp-content
fixed bug that was non allowing Shortcode Composer to launch when the shortcode was likewise big
stock-still issues that was causing forepart-terminate file list non to work properly when no case of the plugin existed in the same folio / mail service

3.1.2

important problems detected and fixed that was stripping slashes from mail service or folio content when updating the shortcode using the shortcode composer

three.i.i

the previous version bankrupt the easy creation of shortcodes through the plugin'south settings in Dashboard and it has been corrected, together with some improvements

3.1.0

an of import feature (front end-stop file browser) has been added in professional version 3.1.0
added port number back up for uploads using ftp mode
corrected problems that was non showing correctly in file browser files that were uploaded using ftp way
eliminated confirmbox warning showing in folio when website's DEBUG mode is ON
eliminated warning: "Invalid argument supplied for foreach() in …plugins/wordpress-file-upload-pro/lib/wfu_admin.php on line 384"
eliminated warning: "Notice: Undefined index: postmethod in /var/www/wordpress/wp-content/plugins/wordpress-file-upload-pro/lib/wfu_functions.php on line 1348"
eliminated warnings in plugin's settings in Dashboard

3.0.0

major version number has advanced considering an important feature has been added in Pro version (logged users can browse their uploaded files through their Dashboard)
several lawmaking modifications in file browser to make the plugin more secure against hacking, some functionalities in file browser accept slightly changed
new file browser cannot edit files that were non uploaded with the plugin and it cannot edit or create folders
upload path cannot be outside the wordpress installation root
files with extension php, js, pht, php3, php4, php5, phtml, htm, html and htaccess are forbidden for security reasons

2.7.vi

added functionality in Dashboard to add the plugin to a page automatically
fixed issues that was non showing the Shortcode Composer because the plugin could not notice the plugin example when the shortcode was nested in other shortcodes

2.7.5

added German language and Greek translation

ii.7.4

added Serbian translation thank you to Andrijana Nikolic from http://webhostinggeeks.com/
problems prepare with %blogid%, %pageid% and %pagetitle% that where not implemented in notification emails
in single button operation selected files are removed in example that a subfolder has not been previously selected or a required user field has non been populated
bug fixed in unmarried file functioning that allowed choice of multiple files through drag-and-drop
bug fixed with files over 1MB that got corrupted when maintaining files with same filename
dummy (test) Shortcode Composer button removed from the plugin's Settings as it is no longer useful
added support for empty (goose egg size) files
many code optimizations and security enhancements
fixed javascript errors in IE8 that were breaking upload operation
code improvements to avert display of session warnings
added %username% in redirect link
added option in plugin's Settings in Dashboard to select alternative Postal service Upload method, in club to resolve errors similar "http:// wrapper is disabled in the server configuration by allow_url_fopen" or "Call to undefined function curl_init()"
added filter activity wfu_after_upload, where the admin can define boosted javascript code to be executed on user'due south browser after each file is finished

2.7.three

of import problems ready in Pro version
added wfu_before_email_notification filter
corrected bug not showing correctly special characters (double quotes and braces) in email notifications

ii.7.ii

important bug gear up in Pro version, very slight changes in free version

ii.7.1

stock-still problems with faulty plugin instances appearing when Woocommerce plugin is also installed
Upload of javascript (.js) files is not allowed for fugitive security bug
fixed bug with medialink and postlink attributes that were non working correctly
when medialink or postlink is activated, the files volition be uploaded to the upload binder of WP website
when medialink or postlink is activated, subfolders will exist deactivated
added selection in subfolders to enable the listing to populate automatically
added option in subfolders the user to be able to type the subfolder
wfu_before_file_check filter tin can alter the target path (not merely the file name)

2.seven.0

corrected bug when deleting plugin instance from the Dashboard
corrected problems not finding "loading_icon.gif"

2.half-dozen.0

full redesign of the upload algorithm to become more than robust
added improved server-side handling of large files
plugin shortcodes can be edited using the Shortcode Composer
added visual editor button on the plugin to enable administrators to change the plugin settings hands
corrected bug causing sometimes database overloads
slight improvements of subfolder choice
improvements to avoid code breaking in ajax calls when there are php warnings or echo from WordPress environment or other plugins
improvements and bug fixes in uploader when archetype (no AJAX) upload is selected
eliminated php warnings in shortcode composer
corrected problems that was not correctly downloading files from the plugin's File Browser
added better security when downloading files from the plugin'due south File Browser
fixed bug not correctly showing the user that uploaded a file in the plugin's File Browser
use of roll to perform server http requests was replaced by native php because some web servers do not have CURL installed
corrected issues in shortcode composer where userdata fields were not shown in variables driblet downward
added characteristic that prevents page endmost if an upload is on progress
added forcefilename attribute to avoid filename sanitization
added ftppassivemode attribute for enabling FTP passive way when FTP method is used for uploading
added ftpfilepermissions aspect for defining the permissions of the uploaded file, when using FTP method
javascript and css files are minified for faster loading

two.5.5

fixed serious bug not uploading files when captcha is enabled
fixed bug not redirecting files when electronic mail notification is enabled

ii.5.4

mitigated issue with "Session failed" errors appearing randomly in websites
fixed problems not applying %filename% variable within redirect link
fixed bug non applying new filename, which has been modified with wfu_before_file_upload filter, in e-mail notifications and redirects
fixed bug where when ii big files were uploaded at the same time and one failed due to failed clamper, then the progress bar would not become to 100% and the file would non be shown as cancelled

2.5.three

stock-still bug not allowing redirection to work
fixed bug that was including failed files in email notifications on certain occasions
default value for uploadrole inverse to "all"

2.5.ii

fixed important bug in complimentary version not correctly showing message after failed upload

2.5.1

fixed important problems in complimentary version giving the same name to all uploaded files
fixed problems in free version non clearing completely the plugin cache from previous file upload

2.5.0

major redesign of upload algorithm to address upload bug with Safari for Mac and Firefox
files are offset checked by server before actually uploaded, in order to avert uploading of big files that are invalid
modifications to progress bar code to brand progress bar smoother
restrict upload of .php files for security reasons
fixed bug not showing correctly userdata fields inside email notifications when using ampersand or other special characters in userdata fields

two.4.6

variables %blogid%, %pageid% and %pagetitle% added in email notifications and subject area and %dq% in subject
corrected bug that was breaking Shortcode Composer when using more than x attributes
corrected bug that was rejecting file uploads when uploadpattern attribute contained blank spaces
several code corrections in order to eliminate PHP warning messages when DEBUG mode is on
several code corrections in order to eliminate warning messages in Javascript

2.4.v

correction of bug when using userfields inside notifyrecipients

2.4.4

intermediate update to make the plugin more immune to hackers

two.four.3

correction of bug to permit uploadpath to receive userdata as parameter

2.iv.two

intermediate update to address some vulnerability bug

2.4.one

added filters and actions before and after each file upload – check beneath Filters/Actions section for instructions how to utilise them
added storage of file info, including user data, in database
added logging of file deportment in database – admins can view the log from the Dashboard
admins tin can automatically update the database to reflect the current condition of files from the Dashboard
file browser improvements so that more data about each file (including any user data) are shown
file browser improvements so that files tin can exist downloaded
filelist improvements to display correctly long filenames (Pro version)
filelist improvements to distinguish successful uploads from failed uploads (Pro version)
improvements of chunked uploads so that files that are non immune to be uploaded are cancelled faster (Pro version)
corrected wrong check of file size limit for chunked files (Pro version)
added postlink attribute so that uploaded files are linked to the electric current page (or post) equally attachments
added subfolderlabel attribute to ascertain the label of the subfolder selection feature
several improvements to subfolder selection feature
default value added to subfolder selection characteristic
definition of the subfoldertree attribute in the Shortcode Composer is now washed visually
%userid% variable added inside uploadpath attribute
userdata variables added within uploadpath and notifyrecipients attributes
uploadfolder_label added to dimension items
user fields characteristic improvements
user fields label and input box dimensions are customizable
captcha prompt label dimensions are customizable (Pro version)
added gallery aspect to permit the uploaded files to be shown equally image gallery below the plugin (Pro version)
added galleryoptions attribute to define options of the image gallery (Pro version)
added css aspect and a delicate css editor inside Shortcode Composer to allow improve styling of the plugin using custom css (Pro version)
email characteristic improved in conjunction with redirection
improved interoperability with WP-Filebase plugin
improved functionality of free text attributes (like notifymessage or css) past assuasive double-quotes and brackets within the text (using special variables), that were previously breaking the plugin

2.3.i

added option to restore default value for each aspect in Shortcode Composer
added back up for multilingual characters
correction of problems in Shortcode Composer that was not allowing attributes with atypical and plural form to be saved
correction of bug that was not changing errormessage attribute in some cases

2.2.three

correction of bug that was freezing the Shortcode Composer in some cases
correction of bug with successmessage aspect

2.2.2

serious bug fixed that was breaking functioning of Shortcode Composer and File Browser when the WordPress website is in a subdirectory

2.2.1

added file browser in Dashboard for admins
added attribute medialink to let uploaded files to exist shown in Media
serious bug fixed that was breaking the plugin because of preg_replace_callback function
corrected fault in start attempt to upload file when captcha is enabled

2.1.3

variables %pagetitle% and %pageid% added in uploadpath.
issues fixes when working with IE8.
Shortcode Composer saves selected options
Easier handling of userdata variables in Shortcode Composer
correction of bug that immune debugdata to be shown in not-admin users
reset.css removed from plugin as it was causing breaks in theme'southward css
correction of problems with WPFilebase Manager plugin

2.1.2

Several bug fixes and code reconstruction.
Code modifications then that the plugin tin can operate even when DEBUG mode is ON.
New aspect debugmode added to allow amend debugging of the plugin when there are errors.

2.1.1

Bug fixes with cleaved images when WordPress website is in a subdirectory.
Replacement of glob function because is not allowed past some servers.

2.0.2

Problems fixes in Dashboard Settings Shortcode Composer.
Correction of important bug that was breaking folio in some cases.
Minor improvements of user data fields and notification email attributes.

two.0.one

This is the initial release of WordPress File Upload. Since this plugin is the successor of Inline Upload, the whole changelog since the creation of the afterwards is included.

Name of the plugin changed to WordPress File Upload.
Plugin has been completely restructured to allow additional features.
A new more advanced message box has been included showing information in a more than structured way.
Error detection and reporting has been improved.
An administration page has been created in the Dashboard Settings, containing a Shortcode Composer.
Some more options related to configuration of message showing upload results have been added.
Several bug fixes.

1.7.14

Userdata attribute changed to permit the creation of more fields and required ones.
Castilian translation added thanks to Maria Ramos of WebHostingHub.

1.vii.13

Added notifyheaders aspect, in club to allow better control of notification email sent (east.g. allow to ship HTML electronic mail).

ane.vii.12

Added userdata attribute, in order to allow users to send additional text data along with the uploaded file.

1.7.eleven

Added single button operation (file will be automatically uploaded when selected without pressing Upload Button).

1.7.10

Fixed bug with functionality of attribute filebaselink for new versions of WP-Filebase plugin.

1.7.ix

Fixed trouble with functionality of attribute filebaselink for new versions of WP-Filebase plugin.

1.7.8

More than one roles can now be defined in attribute uploadrole, separated by comma (,).

1.7.7

Variable %filename% now works besides in redirectlink.

1.7.6

Changes in ftp functionality, added useftpdomain attribute so that it can work with external ftp domains as well.
Improvement of classic upload (used in IE or when setting forceclassic to true) messaging functionality.
Minor bug fixes.

i.7.5

Source modified and so that it tin can work with WordPress sites that are non installed in root.
Added variable %blogid% for use with multi-site installations.
Bug fixes related to showing of messages.

1.7.4

Replacement of json2.js with another version.

ane.7.iii

CSS style changes to resolve conflicts with various theme CSS styles.

1.vii.2

Added variable %useremail% used in notifyrecipients, notifysubject and notifymessage attributes.

one.vii.i

Added capability to upload files outside wp-content folder.
Improved error reporting.

1.7

Complete restructuring of plugin HTML code, in order to brand information technology more than configurable and customizable.
Advent of letters has been improved.
Added option to put the plugin in testmode.
Added option to configure the colors of success and fail messages.
Added option to modify the dimensions of the private objects of the plugin.
Added option to modify the placement of the individual objects of the plugin.
Improved error reporting.
Added localization for mistake letters.
Minor bug fixes.

1.6.iii

Problems fixes to correct incompatibilities of the new ajax functionality when uploadrole is set to "all".

1.6.2

Issues fixes to correct incompatibilities of the new ajax functionality with redirectlink, filebaselink and adminmessages.

1.six.1

Correction of serious problems that prevented the normal operation of the plugin when the browser of the user supports HTML5 functionality.
Tags added to the plugin WordPress page.

one.6

Major lifting of the whole code.
Added ajax functionality so that file is uploaded without folio reload (works in browsers supporting HTML5).
Added upload progress bar (works in browsers supporting HTML5).
Added selection to allow user to select if wants to employ the erstwhile form upload functionality.
File will not be saved again if user presses the Refresh push (or F5) of the page.
Translation strings updated.
Bug fixes for problems when there are more than 1 instances of the plugin in a single folio.

1.five

Added option to notify user about upload directory.
Added selection to allow user to select a subfolder to upload the file.

1.4.1

css corrections for bug fixes.

1.iv

Added option to attach uploaded file to notification email.
Added choice to customize message on successful upload (variables %filename% and %filepath% can be used).
Added option to customize colour of message on successful upload.
"C:\fakepath\" problem resolved.
warning message about function create_directory() resolved.
css enhancements for compatibility with more themes.

one.three

Additional variables added (%filename% and %filepath%).
All variables tin can exist used within message subject area and bulletin text.
Added option to make up one's mind how to treat duplicates (overwrite existing file, leave existing file, get out both).
Added option to determine how to rename the uploaded file, when another file already exists in the target directory.
Added option to create directories and upload files using ftp access, in order to overcome file owner and SAFE MODE restrictions.
Added the adequacy to redirect to another web page when a file is uploaded successfully.
Added the option to show to administrators additional messages near upload errors.
Bug fixes related to interoperability with WP_Filebase

1.2

Added notification by email when a file is uploaded.
Added the power to upload to a variable folder, based on the name of the user currently logged in.

1.one

Added the option to permit anyone to upload files, by setting the attribute uploadrole to "all".

1.0

Initial version.

sanchezwoughts.blogspot.com

Source: https://id.wordpress.org/plugins/wp-file-upload/