How to Handle File Uploads in Forms Wordpress

Detail
Ulasan
Instalasi
Bantuan
Pengembangan

With this plugin you or other users can upload files to your site from any page, post or sidebar hands and securely.

Simply put the shortcode [wordpress_file_upload] to the contents of any WordPress folio / post or add together the plugin's widget in whatsoever sidebar and you volition exist able to upload files to any directory inside wp-contents of your WordPress site.

You can add custom fields to submit additional information together with the uploaded file.

Y'all can use it to capture screenshots or video from your webcam and upload it to the website (for browsers that support this characteristic).

You can even utilize information technology as a simple contact (or any other type of) grade to submit data without including a file.

The plugin displays the list of uploaded files in a dissever acme-level menu in Dashboard and includes a file browser to access and manage the uploaded files (only for admins currently).

Several filters and actions before and after file upload enable extension of its capabilities.

The characteristics of the plugin are:

It uses the latest HTML5 engineering, however it volition also piece of work with quondam browsers and mobile phones.
It is compliant with the Full general Information Protection Regulation (GDPR) of the Eu.
It tin can be added in posts, pages or sidebars (as a widget).
It tin can capture and upload screenshots or video from the device'southward camera.
It supports additional form fields (similar checkboxes, text fields, email fields, dropdown lists etc).
Information technology can be used as a uncomplicated contact form to submit data (a selection of file can be optional).
It produces notification messages and e-mails.
It supports choice of destination folder from a list of subfolders.
Upload progress can be monitored with a progress bar.
Upload procedure can exist cancelled at any fourth dimension.
Information technology supports redirection to some other url afterwards successful upload.
There can be more than one instances of the shortcode in the same folio or mail.
Uploaded files can be added to Media or be fastened to the electric current page.
Uploaded files tin exist saved to an FTP location (ftp and sftp protocols supported).
It is highly customizable with many (more than 50) options.
It supports filters and actions before and afterward file upload.
It contains a visual editor for customizing the plugin easily without any knowledge of shortcodes or programming
It supports logging of upload events or direction of files, which can exist viewed by admins through the Dashboard.
It includes an Uploaded Files meridian-level carte detail in the Dashboard, from where admins can view the uploaded files.
It includes a file browser in the Dashboard, from where admins can manage the files.
It supports multilingual characters and localization.

The plugin is translated in the post-obit languages:

Portuguese, kindly provided past Rui Alao
German
French, kindly provided by Thomas Bastide of http://www.omicronn.fr/ and improved by other contributors
Serbian, kindly provided past Andrijana Nikolic of http://webhostinggeeks.com/
Dutch, kindly provided by Ruben Heynderycx
Chinese, kindly provided by Yingjun Li
Spanish, kindly provided past Marton
Italian, kindly provided by Enrico Marcolini https://world wide web.marcuz.it/
Polandia
Swedish, kindly provided past Leif Persson
Western farsi, kindly provided past Shahriyar Modami http://chabokgroup.com
Greek

Please note that one-time desktop browsers or mobile browsers may not back up all of the above functionalities. In gild to get full functionality use the latest versions browsers, supporting HTML5, AJAX and CSS3.

For additional features, such as multiple file upload, very large file upload, elevate and drop of files, captcha, detailed upload progress confined, listing of uploaded files, prototype gallery and custom css please consider WordPress File Upload Professional.

Delight visit the Other Notes section for customization options of this plugin.

Plugin Customization Options

Please visit the support page of the plugin for detailed description of customization options.

Requirements

The plugin requires to have Javascript enabled in your browser. For Internet Explorer y'all also demand to have Agile-Ten enabled.
Please note that old desktop browsers or mobile browsers may not support all of the plugin's features. In order to go total functionality use the latest versions of browsers, supporting HTML5, AJAX and CSS3.

Commencement install the plugin using WordPress auto-installer or download the .zip file from wordpress.org and install information technology from the Plugins section of your Dashboard or copy wordpress_file_upload directory inside wp-contents/plugins directory of your wordpress site.
Activate the plugin from Plugins section of your Dashboard.
In order to use the plugin but get to the Dashboard / Settings / WordPress File Upload and follow the instructions in Plugin Instances or alternatively put the shortcode [wordpress_file_upload] in the contents of any folio.
Open the page on your browser and you will come across the upload class.
You can modify the upload directory or whatever other settings easily by pressing the small-scale edit button establish at the left-meridian corner of the upload grade. A new window (or tab) with popular upward with plugin options. If y'all do not run across the new window, adapt your browser settings to let pop-upward windows.
Full documentation almost the plugin options can be plant at https://wordpress.org/plugins/wp-file-upload/other_notes/ or at http://world wide web.iptanus.com/wordpress-plugins/wordpress-file-upload/ (including the Pro version)

A getting started guide can be found at http://www.iptanus.com/getting-started-with-wordpress-file-upload-plugin/

Volition the plugin work in a mobile browser?: Yes, the plugins volition piece of work in virtually mobile phones (has been tested in iOS, Android and Symbian browsers every bit well every bit Opera Mobile)
Exercise I need to have Flash to use so plugin?: No, yous practise not demand Flash to utilize the plugin.
I get a SAFE MODE restriction mistake when I endeavor to upload a file. Is there an alternative?: Your domain has probably turned SAFE MODE ON and you have restrictions uploading and accessing files. WordPress File Upload includes an culling style to upload files, using FTP access. But add the aspect accessmethod="ftp" inside the shortcode, together with FTP access data in ftpinfo aspect.
Tin I see the progress of the upload?: Yes, you lot tin see the progress of the upload. During uploading a progress bar will announced showing progress info, all the same this functionality functions but in browsers supporting HTML5 upload progress bar.
Tin I upload many files at the same time?: Yes, but not in the gratuitous version. If you lot want to allow multiple file uploads, please consider the Professional person version.
Where do files go subsequently upload?: Files by default are uploaded inside wp-content directory of your WordPress website. To change it use attribute uploadpath.
Can I see and download the uploaded files?: Administrators can view all uploaded files together with associated field information from the plugin's Settings in Dashboard. The Professional version of the plugin allows users to view their uploaded files, either from the Dashboard, or from a page or post.
Are there filters to restrict uploaded content?: Yes, yous can control allowed file size and file extensions past using the appropriate attribute (meet Other Notes department).
Are at that place any upload file size limitations?: Yes, at that place are file size limitations imposed by the spider web server or the host. If you want to upload very large files, please consider the Professional person version of the plugin, which surpasses size limitations.
Who can upload files?: By default all users can upload files. You lot can define which user roles are allowed to upload files. Even guests tin can be allowed to upload files. If you want to permit only specific users to upload files, then please consider the Professional version of the plugin.
What security is used for uploading files?: The plugin is designed not to expose website sensitive information. It has been tested past experts and verified that protects against CSRF and XSS attacks. All parameters passing from server to client side are encoded and sanitized. For higher protection, like use of captcha, please consider the Professional version of the plugin.
What happens if connexion is lost during a file upload?: In the free version the upload will fail. However in the Pro version the upload will resume and will continue until the file is fully uploaded. This is specially useful when uploading very large files.
The plugin does not look nice with my theme. What can I do?: There is an option in plugin's settings in Dashboard to relax the CSS rules, so that buttons and text boxes inherit the theme'south styles. If additional styling is required, this can exist done using CSS. The Professional version of the plugin allows CSS rules to be embed in the shortcode.

I've spent almost month trying to become this to work. It doesn't upload to the specified path. Back up is very unresponsive. Requesting a full refund.

Dearest plugin author, how on earth could you hardcode the css into wfu_template.php? WHY? Inline css is a very bad practice. Autonomously from that, thanks for dainty plugin.

Simply doesn't piece of work. I add the shortcode to the page, then test it. Click on the file upload button, cull the file I want to upload, then click 'Open up'. Goes back to the main page and null there. It doesn't prove the file I just chose. Can't upload. Waste of time.

This plugin seems to be exactly what I need. Haven't had the chance to apply it that much nevertheless merely volition probable consider getting the Professional Version. It seems to non work with some plugins, for example Elementor, which is fine. Just create a split page for uploading without such plugins.

It took a bit to wrap my caput around all of the configuration possibilities, but it's well worth the learning curve. In one case you see everything it tin can do and how to exercise information technology, I can't imagine very many scenarios this plugin couldn't cover. If in that location was any gripe at all, information technology would be that the documentation is a chip scattered about. Take your time to set this upward properly and you'll exist happy you did. Five Stars!

Baca semua 107 ulasan

"WordPress File Upload" adalah perangkat lunak open source. Berikut ini mereka yang sudah berkontribusi pada plugin ini.

Kontributor

nickboss

iv.xvi.3

improved sanitization and escaping of shortcode attributes to avoid XSS attacks
file blazon .svg moved to blacklist to avoid XSS attacks coming from scripts inside SVG files
added security check to preclude uploads inside wp-content/plugin directory
improved handling of videoname and imagename file uploader shortcode attributes to avoid directory traversal attacks
improved /lib and /extensions loader to avoid capricious code execution through injected image files
all wfu_blocks.php functions became redeclareable

4.16.2

pocket-sized bug fixes in Pro version

4.16.1

corrected $_SESSION variable trouble in maintenance purge function

4.sixteen.0

visual editor edit push button misalignment fixed
corrected echo trouble when recording from webcam with sound

4.fifteen.0

COOKIEHASH bug corrected
credentials in FTP paths are stripped from the paths
corrected File Detais to File Details
regex "/(.)<\/way><script.?>(.)<\/script>(.)/due south" changed to "/(.)<\/mode>.?<script.?>(.)<\/script>(.*)/s" in functions.php
corrected detect: Undefined index: mail service in wfu_admin.php when the website has no posts

4.14.four

restored .po files in languages and so that users can change translations

4.14.3

slight modify in wfu_get_filtered_recs to handle cases where b.date_from is cypher
code improvements to increase loading speed of plugin'south file browser
added wfu_mime_content_type() function that uses several methods to get MIME blazon of a file

4.xiv.two

code improved so that upload message colors correctly arrange to shortcode color settings
slight modifications to upload message colors while upload is in progress
plugin cookie names adjusted in case COOKIEHASH does not be
corrected bug of the new plugin updater causing a warning when there are plugins that exercise not accept their own subdirectory
closing tags removed from all PHP files to avoid "Headers already sent" errors
corrected bug where the uploads counter was showing to non-administrators
wfu_log_action and wfu_process_files functions became redeclarable
removed debug_log from wfu_process_files_queue
consent Yes/No question was added in translation
corrected locale of Greek translation

four.14.one

gear up webcam play button issues
corrected issue with implode() function of minifier library appearing in websites having PHP > vii.iv.2
wfu_admin.php modified to use wfu_ajaxurl() office

4.fourteen.0

minor fixes of bugs and code improvements.

4.xiii.1

file checking of uploaded files hardened to better handle xss attacks coming through uploaded image files.

4.13.0

corrected security vulnerability where remote code could be executed using directory traversal method. Credits to p4w security skilful for identifying the vulnerability.
improved user cheque algorithm during upload, related to upload parameters array
corrected bug where Restricted Page Loading was working simply for pages, all other post types were loading the plugin files equally if there was no restriction

4.12.2

corrected issues where files could not be downloaded in some server environments when dboption user state handler was enabled

4.12.1

corrected bug where files could not be downloaded from Dashboard / Uploaded Files page

four.12.0

corrected bug where export data file was non deleted after download
corrected problems in FTP credentials configurator well-nigh double backslash (\) result
added cookies user country handler that has been integrated with dboption as 'Cookies (DBOption)' to comply with WordPress directives not to use session
'Cookies (DBOption)' user state handler has been set as the default one
added advanced option WFU_US_DBOPTION_BASE so that dboption can likewise piece of work with session
added advanced option WFU_US_SESSION_LEGACY to use the old session functionality of the plugin, having session_start() in header
added auto-aligning of user land handler to 'dboption' during activation (or update) of the plugin
bug "Mistake: [] coil error 28" in WordPress Site Health disappears when setting user state handler to 'Cookies (DBOption)' or when WFU_US_SESSION_LEGACY avant-garde option is false
added the ability to run PHP processes in queue, which is necessary for correctly handling uploads when user state handler is dboption

iv.11.ii

added easier configuration of FTP Credentials (ftpinfo) attribute of the uploader shortcode

4.eleven.1

corrected bug in functions wfu_manage_mainmenu() and wfu_manage_mainmenu_editor() that were echoing and non returning the generated HTML
added set for compatibility with Fast Velocity Minify plugin

4.11.0

code improved so that shortcode composer can be used by all users who can edit pages (and not only the admins)
added environment variable 'Evidence Shortcode Composer to Non-Admins' to command whether non-admin users can edit the shortcodes
added filtering of get_users() function in order to handle websites with many users more efficiently
added notification in shortcode composer if user leaves page without saving
corrected bug where restricted frontend loading of the plugin was not working for websites installed in localhost due to wrong calculation of request uri

4.x.3

added the ability to move 1 or more files to another folder through the File Browser characteristic in Dashboard area of the plugin
improved responsiveness of shortcode composer and Master Dashboard page of the plugin
bug fix in wfu_revert_log_action

iv.x.2

added wordpress_file_upload_preload_check() part in principal plugin file to avoid conflicts of variable names with WordPress
updated webcam lawmaking to address createObjectURL Javascript fault that prevents webcam characteristic to work in latest versions of browsers

4.10.1

code modified so that vendor libraries are loaded only when necessary
improved procedure of deleting all plugin options
added honeypot field to userdata fields; this is a security characteristic, in replacement of captchas, invisible to users that prevents bots from uploading files
added attribute 'Consent Denial Rejects Upload' in uploader shortcode Personal Data tab to stop the upload if the consent answer is no, too equally 'Pass up Message' attribute to customize the upload rejection message shown to the user
added attribute 'Do Not Recollect Consent Respond' in uploader shortcode Personal Data tab to show the consent question every fourth dimension (and not but the first time)
attribute 'Preselected Answer' in uploader shortcode Personal Data tab modified to be compatible with either checkbox or radio Consent Format
upload upshot message adapted to prove the correct upload status in example that files were uploaded but were not saved due to Personal Data policy
code improved for sftp uploads to handle PECL ssh2 issues #73597

4.10.0

plugin lawmaking improved to back up files containing single quote characters (') in their filename
corrected problems where plugin was deactivated later update

4.9.i

added Maintenance action 'Purge All Data' that entirely erases the plugin from the website and deactivates it
added advanced choice 'Hide Invalid Uploaded Files' and then that Uploaded Files page in Dashboard tin show just valid uploads
added advanced option 'Restrict Front-Finish Loading' to load the plugin only on specific pages or posts in order to reduce unnecessary workload on pages not containing the plugin
code improved for better operation of the plugin when the website works behind a proxy
added selection in Clean Log to erase the files together with plugin data

4.9.0

lawmaking further improved to reduce "Iptanus Server unreachable…" errors
checked Weglot Interpret compatibility; /wp-admin/admin-ajax.php needs to exist added to Exclusion URL listing of Weglot configuration so that uploads can piece of work
several significant additions in the Pro version, including Microsoft OneDrive integration

four.8.0

added item in Admin Bar that displays number of new uploads and redirects to Uploaded Files Dashboard folio
lawmaking improved in Uploaded Files Dashboard page and so that download action straight downloads the file, instead of redirecting to File Browser
added Advanced option 'WFU_UPLOADEDFILES_COLUMNS' that controls the order and visibility of Uploaded Files Dashboard page columns
added Avant-garde option 'WFU_UPLOADEDFILES_ACTIONS' that controls the order and visibility of Uploaded Files Dashboard page file actions
added several filters in Uploaded Files Dashboard folio to brand it more customizable
PHP function redeclaration arrangement significantly improved to support arguments by reference, execution after the original role and redeclaration of variables
lawmaking improved to reduce "Iptanus Server unreachable…" errors (better operation of verify_peer http context property)
added a link in Iptanus Unreachable Server fault message to an Iptanus commodity describing how to resolve it

4.7.0

added Uploaded Files peak-level Dashboard menu item, showing all the uploaded files and highlighting the new ones
added Portuguese translation from Rui Alao
checked and verified compatibility with Gutenberg
plugin initialization actions moved to plugins_loaded filter
fixed problems clearing userdata fields when Select File is pressed
File Browser and View Log tables modified to become more responsive especially for small screens

4.6.2

corrected consent_status alarm when updating user profile and Personal Data is off
user fields lawmaking improved for better data autofill behaviour

4.half dozen.ane

added uploader shortcode attribute 'resetmode' to control whether the upload form will be reset after an upload
added pagination in File Browser tab in Dashboard area of the plugin

iv.vi.0

corrected slash (/) parse Javascript mistake near 'fakepath' appearring on some situations
added nonces in Maintenance Actions to increase security
improved lawmaking in View Log then that no links appear to invalid files
improved code in View Log so that when the admin opens a file link to view file details, 'go back' button volition lead back to the View Log page and not to File Browser
improved code in 'Clean Log' button in Maintenance Actions in Dashboard area of the plugin, so that the admin can select the period of clean-up

iv.v.i

code improved in wfu_js_decode_obj function for better compatibility with Safari browser
code improved to sanitize all shortcode attributes before uploader form or file viewer is rendered
removed external references to lawmaking.jquery.com and cdnjs.cloudflare.com for better compliance with GDPR

4.5.0

added basic compliance with GDPR
added several shortcode attributes to configure personal data consent appearance and behaviour
added area in User Profile from where users can review and modify their consent status
added Personal Information option in Settings that enables personal information operations
added Personal Data tab in plugin's area in Dashboard from where administrators can export and erase users' personal information
corrected problems not accepting subfolder dimensions when subfolder element was active

4.iv.0

added alternative user state handler using DB Options table in order to overcome problems with session variables appearing on many spider web servers

4.3.4

all Settings sanitized correctly to prevent XSS attacks – credits to ManhNho for mentioning this problem

4.three.iii

all shortcode attributes sanitized correctly to close a serious security hole – credits to ManhNho for mentioning this trouble

4.three.2

fixed problems in wfu_before_upload and wfu_after_upload filters that was breaking JS scripts if they contained a endmost bracket ']' symbol

4.3.1

added placeholder option in bachelor label positions of boosted fields; label will be the placeholder attribute of the field

four.3.0

fixed bug where ftp credentials did not work when username or password contained (:) or (@) symbols
RegExp fix for wfu_js_decode_obj function for improved compatibility with caching plugins
corrected WFU_Original_Template::get_instance() method because it always returned the original grade
View Log folio improved so that displayed additional user fields of an uploaded file are not cropped

four.ii.0

changed logic of file sanitizer; dots in filename are by default converted to dashes, in lodge to avoid upload failures caused when the plugin detects double extensions
corrected problems where a Javascript mistake was generated when askforsubfolders was disabled and showtargetfolder was agile
added css and js minifier in inline code
plugin modified then that the shortcodes return correctly either Javascript loads early (in header) or late (in footer)
plugin modified and then that Media record is deleted when the associated uploaded file is deleted from plugin's database
corrected problems where some plugin images were non loaded while Relax CSS option was inactive

4.1.0

changed logic of file sanitizer; dots in filename are past default converted to dashes, in order to avert upload failures caused when the plugin detects double extensions
added avant-garde selection WFU_SANITIZE_FILENAME_DOTS that determines whether file sanitizer volition sanitize dots or not
timepicker script and style replaced by almost recent version
timepicker script and style files removed from plugin and loaded from cdn
json2 script removed from plugin and loaded from WordPress registered script
JQuery UI mode updated to latest 1.12.1 minified version
added wfu_before_admin_scripts filter before loading admin scripts and styles in order to control incompatibilities
removed getElementsByClassName-ane.0.1.js file from plugin, getElementsByClassName function was replaced by DOM querySelectorAll
corrected bug showing alarm "Notice: Undefined variable: page_hook_suffix…" when a non-admin user opened Dashboard
corrected fatal error "func_get_args(): Can't be used as a function parameter" appearing in websites with PHP lower than v.iii
added _wfu_file_upload_hide_output filter that runs when plugin should non exist shown (east.g. for users non inluded in uploadroles), in order to output custom HTML
corrected bug where email fields were always validated, even if validate selection was non activated
corrected problems where number fields did non allow invalid characters, fifty-fifty if typehook choice was not activated
corrected bug where electronic mail fields were not allowed to be ampty when validate option was activated
corrected fault T_PAAMAYIM_NEKUDOTAYIM appearing when PHP version is lower than 5.3
corrected bug with random upload fails caused when params_index corresponds to more 1 params

4.0.1

translation of the plugin in Western farsi, kindly provided past Shahriyar Modami http://chabokgroup.com
corrected bug where notification email was not sending atachments
corrected issues not cleaning log in Maintenance Actions

iv.0.0

huge renovation of the plugin, the UI lawmaking has been rewritten to render based on templates
code modified so that it can correctly handle sites where content dir is explicitly defined
corrected bug in Dashboard file editor so that it tin can work when the website is installed in a subdirectory
corrected warnings showing when editing a file that was included in the plugin's database
added filter in get_posts and then that information technology does non cause bug when there are too many pages/posts
bug fixes then that forcefilename works better and does not strip spaces in the filename
code improved to protect from hackers trying to use the plugin as email spammer
added advanced variable Force Email Notifications and then that e-mail can be sent even if no file was uploaded
corrected bug not showing sanitized filanames correctly in email
corrected problems so that dates show-up in local time and not in UTC in Log Viewer, File Browser and File Editor
fixed bug showing "Warning: Missing argument ii for wpdb::prepare()" when cleaning up the log in Maintenance Actions
corrected issues where when configuring subfolders with visual editor the subfolder dialog showed unknown error
corrected bug where the Select File button was not locked during upload in case of classical HTML (no-ajax) uploads
added cancel button functionality for classic no-ajax uploads
added back up for Secure FTP (sftp) using SSH2 library
successmessagecolor and waitmessagecolors attributes are hidden as they are no longer used

iii.11.0

added the ability to submit the upload form without a file, merely like a contact course
added attribute allownofile in uploader shortcode; if enabled and so the upload grade can be submitted without selection of a file
added wfu_before_data_submit and wfu_after_data_submit filters which are invoked when the upload form is submitted without a file
added advanced debug options for more comprehensive and deep troubleshooting
added internal filters for advanced hooking of ajax handlers
fixed several security problems
fixed bug that was generating an error when automatic subfolders were activated and the upload folder did not exist
corrected issues where unmarried quote, double quote and backslash characters in user fields were non saved correctly (they were escaped)
stock-still issues where any changes fabricated to the user data (e.m. through a filter) were not included in the electronic mail bulletin
added unique_id variable in wfu_before_file_check and wfu_after_file_upload filters
inverse column titles in the tables of plugin instances in Main tab in Dashboard
fixed problems where if a user field was modified from the file editor, custom columns were changing lodge

3.10.0

an alternative Iptanus server is launched in Google Cloud for resolving the notorious fault "file_get_contents(https://services2.iptanus.com/wp-admin/admin-ajax.php): failed to open stream: Connectedness timed out."
added option 'Use Culling Iptanus Server' in Settings to switch to the alternative Iptanus Server
added advanced option 'Alternative Iptanus Server' that points to an alternative Iptanus Server
added avant-garde pick 'Culling Iptanus Version Server' that points to the alternative Iptanus Server URL returning the latest plugin version
an mistake is shown in the Primary page of the plugin in Dashboard if Iptanus Server is unreachable
a warning is shown in the Master page of the plugin in Dashboard if an alternative insecure (http) Iptanus Server is used
alternative fix of error accessing https://services2.iptanus.com for cURL (past disabling CURLOPT_SSL_VERIFYHOST) and for sockets past employing a ameliorate parser of socket response
added Swedish translation, kindly provided past Leif Persson
improved ftp functionality then that ftp folders can exist created recursively

3.nine.6

added internal filter _wfu_file_upload_output before echoing uploader shortcode html
added ability to change the gild of additional user fields in shortcode visual editor

3.9.5

added surroundings variable 'Upload Progress Mode' that defines how upload progress is calculated
improved progress bar calculation
minor bug fixes in AJAX functions mentioned by Hanneke Hoogstrate http://www.blagoworks.nl/

three.9.iv

added selection to enable admin to modify the upload user of a file
code improvements and issues fixes related to file download feature
code improvements related to clean database function
added Italian translation

3.9.3

added selection to allow loading of plugin's styles and scripts on the front-finish only for specific posts/pages through wfu_before_frontpage_scripts filter
stock-still bug where when uploading large files with identical filenames and 'maintain both' option, not all would be saved separately
ii avant-garde variables were added to let the admin change the consign function separators

3.9.2

added environment variable to enable or disable version bank check, due to admission bug of some users to Iptanus Services server
added timeout option to wfu_post_request role
added Spanish translation, kindly provided past Marton

three.9.one

temporary gear up to address issue with plugin's Master page in Dashboard non loading, by disabling plugin version check
correct Safari problem with actress spaces in success bulletin coming from force_close_connection
correct bug where when extension has uppercase letters it is rejected

3.9.0

a large number of extensions take been blacklisted for preventing upload of potentially dangerous files
the plugin will not let inclusion, renaming or downloading of files with blacklisted extensions based on the new list
if no upload extensions are defined or the uploadpattern is too generic, so the plugin will allow just specific extensions based on a white listing of extensions; if the administrator wants to include more extensions he/she must declare them explicitely
the use of the wildcard asterisk symbol has become stricter, asterisk will match all characters except the dot (.), and then the default . pattern will allow merely 1 extension in the filename (and non more as happened so far).
added environment variable 'Wildcard Asterisk Mode' for defining the mode of the wildcard asterisk symbol. If it is 'strict' (default) and so the asterisk will non friction match dot (.) symbol. If it is 'loose' so the asterisk will lucifer any characters (including dot).
slight bug fixes so that wildcard syntax works correctly with square brackets
added maximum number of uploads per specific interval in guild to avoid DDOS attacks
added environs variables related to Denial-Of-Service attacks in order to configure the behaviour of the DOS attack checker
bug gear up of wfu_before_file_upload filter that was not working correctly with files larger than 1MB

3.viii.5

added majority actions feature in File Browser in Dashboard for admins
added delete and include bulk actions in File Browser
improvement of column sort functionality of File Browser
added environment variable 'Use Alternative Randomizer' in order to brand string randomizer function work for fast browsers
uploadedbyuser and userid fields became int to cope with large user ID numbers on some WordPress environments

three.viii.iv

dublicatespolicy aspect replaced past grammaticaly correct duplicatespolicy, however backward compatibility with the old attribute is maintained

3.8.3

fixed problems of subdirectory selector that was not initializing correctly afterward upload
fixed slight widget incompatibility with customiser
fixed bug of drag-n-drop characteristic that was non working when singlebutton operation was activated

3.eight.two

fixed issues in wfu_after_file_loaded filter that was not working and was overriden by obsolete wfu_after_file_completed filter
added option in plugin'south Settings in Dashboard to include additional files in plugin'south database
added feature in Dashboard File Browser for admins to include additional files in plugin's database

3.8.1

stock-still bug with duplicate userdata IDs in HTML when using more than than one userdata occurrences

3.8.0

added webcam option that enables webcam capture functionality
added webcammode atribute to define capture mode (screenshots, video or both)
added audiocapture attribute to define if audio will be captured together with video
added videowidth, videoheight, videoaspectratio and videoframerate attributes to constrain video dimensions and frame charge per unit
added camerafacing attribute to define the camera source (front or back)
added maxrecordtime attribute to ascertain the maximum record time of video
added uploadmediabutton, videoname and imagename attributes to define custom webcam-related labels
stock-still bug that strips not-latin characters from filename when downloading files

iii.vii.three

improved filename sanitization function
added Chinese translation past Yingjun Li

3.7.2

added option to cancel upload
setting added and so that upload does non neglect when site_url and home_url are different
added attribute requiredlabel in uploader's shortcode that defines the required keyword
required keyword can now be styled separately from the user field label
add user fields in Media together with file
setting added and so that userdata fields are shown in Media Library or not
added Dutch translation by Ruben Heynderycx

three.vii.1

internal code modifications and slight issues corrections

three.7.0

significant lawmaking modifications to make the plugin pluggable, invisible to users
add-on of before and after upload filters
correction of small bug in Shortcode Composer of File Viewer

3.6.ane

Iptanus Services server for getting version info and other utilities is at present secure (https)
fixed issues with wfu_path_abs2rel role when ABSPATH is just a slash
boosted fixes and new features in Professional person version

3.6.0

French translation improved
correction of small-scale bug at wfu_functions.php
code improvements in upload algorithm
wp_check_filetype_and_ext bank check moved later completion of file
added wfu_after_file_complete filter that runs right later on is fully uploaded
improved appearance of plugin'due south area in Dashboard

3.v.0

textdomain changed to wp-file-upload to support the translation feature of wordpress.org
added selection in Maintenance Deportment of plugin'southward area in Dashboard to export uploaded file data
added pagination of non-admin logged user's Uploaded Files Browser
added pagination of front-end File Listing Viewer
added pagination of user permissions table in plugin's Settings
added pagination of Log Viewer
corrected bug in View Log that was non working when pressing on the link
improvements to View Log feature
improvements to file download part to avert corruption of downloaded file due to set_time_limit part that may generate warnings
added wfu_before_frontpage_scripts filter that executes right before frontpage scripts and styles are loaded
added functionality to avert incompatibilities with NextGen Gallery plugin

3.4.1

plugin's security improved to turn down files that contain .php.js or similar extensions

three.4.0

added fitmode attribute to make the plugin responsive
added widget "WordPress File Upload Course", so that the uploader can be installed in a sidebar
changes to Shortcode Composer so that information technology tin can edit plugin instances existing in sidebars as widgets
changes to Uploader Instances in plugin's area in Dashboard to evidence besides instances existing inside sidebars
added the power to define dimensions (width and elevation) for the whole plugin
dimensioning of plugin'southward elements improved when fitmode is set to "responsive"
filter and not-object warnings of front-end file browser, appearing when DEBUG mode is ON, removed
bug fixed to front-finish file browser to hibernate Shortcode Composer button for non-admin users
logic changed to forepart-end file browser to allow users to download files uploaded past other users
code changed to front-end file browser to show a message when a user attempts to delete a file that was not uploaded by him/her

3.3.1

problems corrected that was breaking plugin operation for php versions prior to 5.3
added a "Maintenance Actions" section in plugin'due south Dashboard folio
added option in plugin's "Maintenance Deportment" to completely make clean the database log

3.3.0

userdatalabel aspect changed to allow many field types
added the following user information field types: uncomplicated text, multiline text, number, email, confirmation electronic mail, countersign, confirmation password, checkbox, radiobutton, appointment, fourth dimension, datetime, listbox and dropdown list
added several options to configure the new user information fields: label text (to define the label of the field), characterization position (to define the position of the characterization in relation to the field), required option (to define if the field needs to be filled earlier file upload), practice-not-autocomplete option (to foreclose the browsers for completing the field automatically), validate option (to perform validity checks of the field before file upload depending on its type), default text (to define a default value), grouping id (to grouping fields together such as multiple radio buttons), format text (to ascertain field formatting depending on the field type), typehook choice (to enable field validation during typing inside the field), hint position (to define the position of the bulletin that will be shown to prompt the user that a required field is empty or is not validated) as well as an pick to define additional data depending on the field type (e.one thousand. define list of items of a listbox or dropdown list)
Shortcode Composer changed to support the new user data fields and options
placement attribute tin can accept more than one instances of userdata
fixed issues not showing date selector of appointment fields in Shortcode Composer when working with Firefox or IE browsers
in some cases required userdata input field will turn cerise if not populated
shortcode_exists and wp_slash fixes for working before 3.vi WordPress version
modest bug fixes

iii.2.1

removed 'form-field' course from admin table tr elements
corrected problems that was causing problems in uploadrole and uploaduser attributes when a username or role independent uppercase letters
uploadrole and uploaduser attributes logic modified; guests are allowed only if 'guests' word is included in the attribute
modifications to the download functionality script to exist more robust
corrected bug that was not showing options below a line item of admin tables in Net Explorer
several characteristic additions and bug fixes in Professional person version

3.ii.0

added option in plugin's settings to relax CSS rules and so that plugin inherits theme styling
modifications in html and css of editable subfolders characteristic to look better
modifications in html and css of prompt message when a required userdata field is empty
PLUGINDIR was replaced by WP_PLUGIN_DIR and then that the plugin can work for websites where the contents dir is other than wp-content
fixed bug that was not assuasive Shortcode Composer to launch when the shortcode was besides large
fixed problems that was causing front-stop file list not to work properly when no instance of the plugin existed in the same folio / post

iii.i.2

important bug detected and stock-still that was stripping slashes from post or page content when updating the shortcode using the shortcode composer

3.ane.1

the previous version broke the easy creation of shortcodes through the plugin's settings in Dashboard and it has been corrected, together with some improvements

3.1.0

an of import feature (front-stop file browser) has been added in professional version three.1.0
added port number support for uploads using ftp mode
corrected issues that was not showing correctly in file browser files that were uploaded using ftp mode
eliminated confirmbox warning showing in page when website's DEBUG mode is ON
eliminated warning: "Invalid argument supplied for foreach() in …plugins/wordpress-file-upload-pro/lib/wfu_admin.php on line 384"
eliminated alert: "Notice: Undefined index: postmethod in /var/world wide web/wordpress/wp-content/plugins/wordpress-file-upload-pro/lib/wfu_functions.php on line 1348"
eliminated warnings in plugin's settings in Dashboard

three.0.0

major version number has advanced because an important feature has been added in Pro version (logged users tin can browse their uploaded files through their Dashboard)
several code modifications in file browser to brand the plugin more secure confronting hacking, some functionalities in file browser have slightly changed
new file browser cannot edit files that were not uploaded with the plugin and information technology cannot edit or create folders
upload path cannot be exterior the wordpress installation root
files with extension php, js, pht, php3, php4, php5, phtml, htm, html and htaccess are forbidden for security reasons

two.vii.6

added functionality in Dashboard to add the plugin to a folio automatically
fixed bug that was not showing the Shortcode Composer considering the plugin could not find the plugin instance when the shortcode was nested in other shortcodes

ii.vii.5

added German and Greek translation

ii.7.4

added Serbian translation thanks to Andrijana Nikolic from http://webhostinggeeks.com/
problems fix with %blogid%, %pageid% and %pagetitle% that where non implemented in notification emails
in unmarried push button performance selected files are removed in case that a subfolder has non been previously selected or a required user field has not been populated
bug stock-still in single file operation that allowed pick of multiple files through drag-and-drib
bug fixed with files over 1MB that got corrupted when maintaining files with same filename
dummy (test) Shortcode Composer button removed from the plugin's Settings as it is no longer useful
added support for empty (naught size) files
many code optimizations and security enhancements
fixed javascript errors in IE8 that were breaking upload performance
code improvements to avoid display of session warnings
added %username% in redirect link
added option in plugin'south Settings in Dashboard to select alternative Mail Upload method, in order to resolve errors like "http:// wrapper is disabled in the server configuration past allow_url_fopen" or "Call to undefined function curl_init()"
added filter action wfu_after_upload, where the admin tin define additional javascript lawmaking to be executed on user's browser after each file is finished

ii.seven.iii

important bug prepare in Pro version
added wfu_before_email_notification filter
corrected bug not showing correctly special characters (double quotes and braces) in email notifications

2.7.2

important bug set up in Pro version, very slight changes in gratis version

2.seven.ane

fixed bug with faulty plugin instances appearing when Woocommerce plugin is also installed
Upload of javascript (.js) files is not allowed for avoiding security issues
fixed bug with medialink and postlink attributes that were not working correctly
when medialink or postlink is activated, the files will be uploaded to the upload folder of WP website
when medialink or postlink is activated, subfolders will be deactivated
added selection in subfolders to enable the list to populate automatically
added option in subfolders the user to be able to type the subfolder
wfu_before_file_check filter can modify the target path (not but the file name)

2.7.0

corrected bug when deleting plugin example from the Dashboard
corrected bug not finding "loading_icon.gif"

2.6.0

total redesign of the upload algorithm to become more than robust
added improved server-side handling of big files
plugin shortcodes can be edited using the Shortcode Composer
added visual editor button on the plugin to enable administrators to modify the plugin settings easily
corrected bug causing sometimes database overloads
slight improvements of subfolder option
improvements to avoid code breaking in ajax calls when at that place are php warnings or echo from WordPress environment or other plugins
improvements and bug fixes in uploader when classic (no AJAX) upload is selected
eliminated php warnings in shortcode composer
corrected bug that was non correctly downloading files from the plugin'southward File Browser
added meliorate security when downloading files from the plugin's File Browser
fixed problems not correctly showing the user that uploaded a file in the plugin's File Browser
use of curl to perform server http requests was replaced by native php because some web servers do not have Curlicue installed
corrected bug in shortcode composer where userdata fields were non shown in variables drop down
added characteristic that prevents page closing if an upload is on progress
added forcefilename attribute to avoid filename sanitization
added ftppassivemode attribute for enabling FTP passive mode when FTP method is used for uploading
added ftpfilepermissions attribute for defining the permissions of the uploaded file, when using FTP method
javascript and css files are minified for faster loading

2.5.5

fixed serious bug not uploading files when captcha is enabled
stock-still bug not redirecting files when e-mail notification is enabled

ii.five.4

mitigated issue with "Session failed" errors appearing randomly in websites
fixed bug not applying %filename% variable inside redirect link
fixed problems not applying new filename, which has been modified with wfu_before_file_upload filter, in email notifications and redirects
fixed bug where when two large files were uploaded at the aforementioned time and one failed due to failed chunk, and so the progress bar would not go to 100% and the file would not exist shown as cancelled

2.5.3

stock-still issues not allowing redirection to work
fixed bug that was including failed files in e-mail notifications on certain occasions
default value for uploadrole changed to "all"

2.5.2

stock-still important bug in free version not correctly showing message after failed upload

2.v.1

fixed of import problems in free version giving the same name to all uploaded files
fixed issues in free version non clearing completely the plugin enshroud from previous file upload

2.5.0

major redesign of upload algorithm to address upload issues with Safari for Mac and Firefox
files are first checked by server before actually uploaded, in social club to avert uploading of large files that are invalid
modifications to progress bar code to make progress bar smoother
restrict upload of .php files for security reasons
fixed bug not showing correctly userdata fields inside email notifications when using ampersand or other special characters in userdata fields

2.4.6

variables %blogid%, %pageid% and %pagetitle% added in email notifications and subject and %dq% in subject
corrected bug that was breaking Shortcode Composer when using more than ten attributes
corrected problems that was rejecting file uploads when uploadpattern aspect contained blank spaces
several code corrections in order to eliminate PHP alert messages when DEBUG mode is on
several lawmaking corrections in order to eliminate alarm messages in Javascript

2.iv.v

correction of bug when using userfields inside notifyrecipients

2.four.iv

intermediate update to brand the plugin more than immune to hackers

2.4.3

correction of problems to permit uploadpath to receive userdata as parameter

2.4.2

intermediate update to address some vulnerability issues

two.4.1

added filters and actions earlier and after each file upload – check below Filters/Actions section for instructions how to apply them
added storage of file info, including user information, in database
added logging of file actions in database – admins tin view the log from the Dashboard
admins can automatically update the database to reflect the current status of files from the Dashboard
file browser improvements then that more information about each file (including any user information) are shown
file browser improvements then that files tin exist downloaded
filelist improvements to display correctly long filenames (Pro version)
filelist improvements to distinguish successful uploads from failed uploads (Pro version)
improvements of chunked uploads and so that files that are not allowed to exist uploaded are cancelled faster (Pro version)
corrected wrong check of file size limit for chunked files (Pro version)
added postlink aspect so that uploaded files are linked to the electric current folio (or post) as attachments
added subfolderlabel aspect to define the label of the subfolder selection feature
several improvements to subfolder selection feature
default value added to subfolder selection feature
definition of the subfoldertree aspect in the Shortcode Composer is now done visually
%userid% variable added inside uploadpath attribute
userdata variables added within uploadpath and notifyrecipients attributes
uploadfolder_label added to dimension items
user fields feature improvements
user fields label and input box dimensions are customizable
captcha prompt label dimensions are customizable (Pro version)
added gallery aspect to allow the uploaded files to be shown as image gallery below the plugin (Pro version)
added galleryoptions aspect to define options of the image gallery (Pro version)
added css attribute and a delicate css editor inside Shortcode Composer to permit ameliorate styling of the plugin using custom css (Pro version)
email feature improved in conjunction with redirection
improved interoperability with WP-Filebase plugin
improved functionality of free text attributes (like notifymessage or css) by allowing double-quotes and brackets inside the text (using special variables), that were previously breaking the plugin

2.3.1

added option to restore default value for each aspect in Shortcode Composer
added support for multilingual characters
correction of bug in Shortcode Composer that was non assuasive attributes with singular and plural class to be saved
correction of bug that was not changing errormessage aspect in some cases

two.2.three

correction of bug that was freezing the Shortcode Composer in some cases
correction of bug with successmessage attribute

2.ii.two

serious bug stock-still that was breaking operation of Shortcode Composer and File Browser when the WordPress website is in a subdirectory

two.2.1

added file browser in Dashboard for admins
added attribute medialink to allow uploaded files to be shown in Media
serious bug fixed that was breaking the plugin considering of preg_replace_callback part
corrected fault in first attempt to upload file when captcha is enabled

ii.one.3

variables %pagetitle% and %pageid% added in uploadpath.
problems fixes when working with IE8.
Shortcode Composer saves selected options
Easier handling of userdata variables in Shortcode Composer
correction of bug that allowed debugdata to be shown in non-admin users
reset.css removed from plugin as it was causing breaks in theme's css
correction of bug with WPFilebase Manager plugin

2.1.2

Several bug fixes and code reconstruction.
Code modifications then that the plugin can operate fifty-fifty when DEBUG mode is ON.
New aspect debugmode added to allow meliorate debugging of the plugin when there are errors.

2.1.1

Bug fixes with cleaved images when WordPress website is in a subdirectory.
Replacement of glob function considering is not allowed past some servers.

2.0.2

Issues fixes in Dashboard Settings Shortcode Composer.
Correction of important bug that was breaking page in some cases.
Small-scale improvements of user information fields and notification e-mail attributes.

2.0.i

This is the initial release of WordPress File Upload. Since this plugin is the successor of Inline Upload, the whole changelog since the creation of the later is included.

Name of the plugin inverse to WordPress File Upload.
Plugin has been completely restructured to permit boosted features.
A new more advanced message box has been included showing data in a more structured way.
Fault detection and reporting has been improved.
An administration page has been created in the Dashboard Settings, containing a Shortcode Composer.
Some more than options related to configuration of message showing upload results have been added.
Several bug fixes.

1.7.14

Userdata attribute inverse to permit the cosmos of more fields and required ones.
Castilian translation added cheers to Maria Ramos of WebHostingHub.

1.7.13

Added notifyheaders attribute, in order to allow better control of notification email sent (e.one thousand. allow to send HTML email).

i.vii.12

Added userdata attribute, in order to allow users to send boosted text information along with the uploaded file.

1.seven.eleven

Added single button operation (file volition be automatically uploaded when selected without pressing Upload Push button).

1.7.x

Stock-still bug with functionality of attribute filebaselink for new versions of WP-Filebase plugin.

i.7.9

Fixed trouble with functionality of attribute filebaselink for new versions of WP-Filebase plugin.

1.7.eight

More than than one roles tin now be defined in attribute uploadrole, separated past comma (,).

i.seven.7

Variable %filename% now works also in redirectlink.

i.7.6

Changes in ftp functionality, added useftpdomain attribute so that it can work with external ftp domains besides.
Improvement of archetype upload (used in IE or when setting forceclassic to true) messaging functionality.
Modest bug fixes.

1.7.5

Source modified then that it tin can work with WordPress sites that are not installed in root.
Added variable %blogid% for use with multi-site installations.
Bug fixes related to showing of messages.

1.seven.iv

Replacement of json2.js with some other version.

1.7.three

CSS fashion changes to resolve conflicts with various theme CSS styles.

i.vii.two

Added variable %useremail% used in notifyrecipients, notifysubject and notifymessage attributes.

1.seven.1

Added adequacy to upload files outside wp-content folder.
Improved error reporting.

one.7

Complete restructuring of plugin HTML code, in order to make it more configurable and customizable.
Advent of letters has been improved.
Added choice to put the plugin in testmode.
Added option to configure the colors of success and fail messages.
Added option to modify the dimensions of the individual objects of the plugin.
Added selection to alter the placement of the individual objects of the plugin.
Improved error reporting.
Added localization for mistake messages.
Small-scale problems fixes.

1.6.3

Problems fixes to right incompatibilities of the new ajax functionality when uploadrole is ready to "all".

1.6.2

Bug fixes to right incompatibilities of the new ajax functionality with redirectlink, filebaselink and adminmessages.

1.half dozen.1

Correction of serious issues that prevented the normal operation of the plugin when the browser of the user supports HTML5 functionality.
Tags added to the plugin WordPress page.

one.six

Major lifting of the whole code.
Added ajax functionality so that file is uploaded without folio reload (works in browsers supporting HTML5).
Added upload progress bar (works in browsers supporting HTML5).
Added option to allow user to select if wants to use the erstwhile form upload functionality.
File will not be saved again if user presses the Refresh button (or F5) of the folio.
Translation strings updated.
Issues fixes for problems when there are more than i instances of the plugin in a single page.

ane.5

Added selection to notify user virtually upload directory.
Added option to allow user to select a subfolder to upload the file.

ane.4.1

css corrections for issues fixes.

1.4

Added selection to attach uploaded file to notification electronic mail.
Added selection to customize bulletin on successful upload (variables %filename% and %filepath% can be used).
Added option to customize color of message on successful upload.
"C:\fakepath\" problem resolved.
warning message well-nigh function create_directory() resolved.
css enhancements for compatibility with more themes.

1.three

Boosted variables added (%filename% and %filepath%).
All variables can be used within bulletin subject and message text.
Added option to determine how to treat duplicates (overwrite existing file, leave existing file, go out both).
Added option to determine how to rename the uploaded file, when some other file already exists in the target directory.
Added option to create directories and upload files using ftp admission, in order to overcome file owner and SAFE MODE restrictions.
Added the capability to redirect to another spider web folio when a file is uploaded successfully.
Added the option to prove to administrators additional letters about upload errors.
Bug fixes related to interoperability with WP_Filebase

1.2

Added notification by electronic mail when a file is uploaded.
Added the ability to upload to a variable folder, based on the proper noun of the user currently logged in.

1.i

Added the pick to allow anyone to upload files, by setting the attribute uploadrole to "all".

one.0

Initial version.

lanierpurabbighty.blogspot.com

Source: https://id.wordpress.org/plugins/wp-file-upload/