Wordpress File Upload Forms Work on Mobile Devices

Details
Reviews
Installation
Support
Development

With this plugin you or other users can upload files to your site from any page, post or sidebar easily and securely.

Simply put the shortcode [wordpress_file_upload] to the contents of any WordPress folio / postal service or add together the plugin's widget in whatsoever sidebar and you will be able to upload files to any directory inside wp-contents of your WordPress site.

Yous tin can add custom fields to submit additional data together with the uploaded file.

You lot tin utilise information technology to capture screenshots or video from your webcam and upload information technology to the website (for browsers that back up this feature).

You tin can fifty-fifty use information technology equally a simple contact (or whatsoever other blazon of) course to submit data without including a file.

The plugin displays the list of uploaded files in a separate elevation-level menu in Dashboard and includes a file browser to access and manage the uploaded files (only for admins currently).

Several filters and actions before and after file upload enable extension of its capabilities.

The characteristics of the plugin are:

It uses the latest HTML5 technology, however it volition as well work with old browsers and mobile phones.
Information technology is compliant with the General Data Protection Regulation (GDPR) of the European Marriage.
It can be added in posts, pages or sidebars (as a widget).
It tin capture and upload screenshots or video from the device'south camera.
It supports additional class fields (similar checkboxes, text fields, email fields, dropdown lists etc).
Information technology can be used equally a simple contact class to submit data (a pick of file tin can be optional).
It produces notification messages and eastward-mails.
It supports selection of destination folder from a list of subfolders.
Upload progress can be monitored with a progress bar.
Upload process can be cancelled at any fourth dimension.
It supports redirection to another url after successful upload.
There can be more than one instances of the shortcode in the same page or post.
Uploaded files can be added to Media or be attached to the current page.
Uploaded files can exist saved to an FTP location (ftp and sftp protocols supported).
It is highly customizable with many (more than 50) options.
Information technology supports filters and deportment before and after file upload.
It contains a visual editor for customizing the plugin hands without whatever knowledge of shortcodes or programming
Information technology supports logging of upload events or direction of files, which tin can be viewed by admins through the Dashboard.
It includes an Uploaded Files top-level bill of fare item in the Dashboard, from where admins can view the uploaded files.
Information technology includes a file browser in the Dashboard, from where admins can manage the files.
It supports multilingual characters and localization.

The plugin is translated in the post-obit languages:

Portuguese, kindly provided by Rui Alao
German
French, kindly provided by Thomas Bastide of http://world wide web.omicronn.fr/ and improved past other contributors
Serbian, kindly provided past Andrijana Nikolic of http://webhostinggeeks.com/
Dutch, kindly provided by Ruben Heynderycx
Chinese, kindly provided past Yingjun Li
Spanish, kindly provided by Marton
Italian, kindly provided by Enrico Marcolini https://www.marcuz.it/
Polish
Swedish, kindly provided by Leif Persson
Persian, kindly provided by Shahriyar Modami http://chabokgroup.com
Greek

Please note that sometime desktop browsers or mobile browsers may not support all of the higher up functionalities. In order to go total functionality employ the latest versions browsers, supporting HTML5, AJAX and CSS3.

For additional features, such as multiple file upload, very large file upload, elevate and drib of files, captcha, detailed upload progress bars, list of uploaded files, image gallery and custom css delight consider WordPress File Upload Professional.

Please visit the Other Notes section for customization options of this plugin.

Plugin Customization Options

Please visit the support page of the plugin for detailed clarification of customization options.

Requirements

The plugin requires to have Javascript enabled in your browser. For Net Explorer y'all also demand to accept Active-X enabled.
Please note that former desktop browsers or mobile browsers may not support all of the plugin's features. In order to become total functionality use the latest versions of browsers, supporting HTML5, AJAX and CSS3.

Beginning install the plugin using WordPress auto-installer or download the .null file from wordpress.org and install information technology from the Plugins department of your Dashboard or copy wordpress_file_upload directory inside wp-contents/plugins directory of your wordpress site.
Actuate the plugin from Plugins department of your Dashboard.
In order to apply the plugin simply get to the Dashboard / Settings / WordPress File Upload and follow the instructions in Plugin Instances or alternatively put the shortcode [wordpress_file_upload] in the contents of any page.
Open the page on your browser and yous will run across the upload form.
You can alter the upload directory or whatsoever other settings hands by pressing the small edit push button found at the left-height corner of the upload form. A new window (or tab) with popular upward with plugin options. If you do non see the new window, suit your browser settings to allow pop-upward windows.
Full documentation about the plugin options can be found at https://wordpress.org/plugins/wp-file-upload/other_notes/ or at http://www.iptanus.com/wordpress-plugins/wordpress-file-upload/ (including the Pro version)

A getting started guide tin can exist found at http://www.iptanus.com/getting-started-with-wordpress-file-upload-plugin/

Volition the plugin work in a mobile browser?: Aye, the plugins will work in virtually mobile phones (has been tested in iOS, Android and Symbian browsers besides as Opera Mobile)
Do I demand to have Flash to utilize so plugin?: No, you exercise non need Flash to use the plugin.
I get a Rubber Style restriction error when I try to upload a file. Is at that place an alternative?: Your domain has probably turned SAFE Style ON and you lot have restrictions uploading and accessing files. WordPress File Upload includes an alternative way to upload files, using FTP access. Simply add the attribute accessmethod="ftp" within the shortcode, together with FTP access data in ftpinfo attribute.
Can I see the progress of the upload?: Yep, you tin can see the progress of the upload. During uploading a progress bar volition announced showing progress info, however this functionality functions only in browsers supporting HTML5 upload progress bar.
Tin I upload many files at the same time?: Yeah, but not in the complimentary version. If you want to allow multiple file uploads, please consider the Professional version.
Where do files go subsequently upload?: Files past default are uploaded within wp-content directory of your WordPress website. To change it use attribute uploadpath.
Can I see and download the uploaded files?: Administrators tin view all uploaded files together with associated field information from the plugin'south Settings in Dashboard. The Professional version of the plugin allows users to view their uploaded files, either from the Dashboard, or from a folio or post.
Are there filters to restrict uploaded content?: Yes, you lot can control immune file size and file extensions by using the appropriate attribute (encounter Other Notes section).
Are in that location any upload file size limitations?: Aye, there are file size limitations imposed past the spider web server or the host. If you lot want to upload very large files, please consider the Professional version of the plugin, which surpasses size limitations.
Who can upload files?: Past default all users tin upload files. Y'all can define which user roles are allowed to upload files. Even guests tin can be allowed to upload files. If you want to allow only specific users to upload files, so please consider the Professional person version of the plugin.
What security is used for uploading files?: The plugin is designed not to expose website sensitive information. It has been tested by experts and verified that protects confronting CSRF and XSS attacks. All parameters passing from server to client side are encoded and sanitized. For higher protection, like use of captcha, delight consider the Professional version of the plugin.
What happens if connection is lost during a file upload?: In the gratuitous version the upload will fail. However in the Pro version the upload will resume and will proceed until the file is fully uploaded. This is particularly useful when uploading very big files.
The plugin does not look nice with my theme. What can I do?: There is an selection in plugin'southward settings in Dashboard to relax the CSS rules, so that buttons and text boxes inherit the theme'south styles. If boosted styling is required, this can be done using CSS. The Professional version of the plugin allows CSS rules to be embed in the shortcode.

I've spent most month trying to get this to piece of work. It doesn't upload to the specified path. Support is very unresponsive. Requesting a full refund.

Dear plugin author, how on world could you hardcode the css into wfu_template.php? WHY? Inline css is a very bad practice. Apart from that, thanks for nice plugin.

Simply doesn't work. I add the shortcode to the page, then exam it. Click on the file upload button, choose the file I want to upload, then click 'Open'. Goes back to the main folio and nothing in that location. Information technology doesn't bear witness the file I just chose. Can't upload. Waste of time.

This plugin seems to exist exactly what I need. Haven't had the gamble to apply it that much however but will likely consider getting the Professional Version. Information technology seems to non piece of work with some plugins, for instance Elementor, which is fine. Just create a separate page for uploading without such plugins.

It took a bit to wrap my head around all of the configuration possibilities, but it'due south well worth the learning curve. Once you lot see everything it tin exercise and how to do it, I tin can't imagine very many scenarios this plugin couldn't cover. If there was whatever gripe at all, it would be that the documentation is a scrap scattered about. Take your fourth dimension to set this up properly and you lot'll be happy you did. V Stars!

Read all 107 reviews

"WordPress File Upload" is open source software. The following people have contributed to this plugin.

Contributors

nickboss

4.sixteen.3

improved sanitization and escaping of shortcode attributes to avoid XSS attacks
file type .svg moved to blacklist to avert XSS attacks coming from scripts inside SVG files
added security cheque to foreclose uploads inside wp-content/plugin directory
improved handling of videoname and imagename file uploader shortcode attributes to avert directory traversal attacks
improved /lib and /extensions loader to avoid arbitrary lawmaking execution through injected epitome files
all wfu_blocks.php functions became redeclareable

four.16.2

small issues fixes in Pro version

4.16.1

corrected $_SESSION variable problem in maintenance purge part

4.xvi.0

visual editor edit button misalignment fixed
corrected repeat problem when recording from webcam with sound

four.15.0

COOKIEHASH problems corrected
credentials in FTP paths are stripped from the paths
corrected File Detais to File Details
regex "/(.)<\/style><script.?>(.)<\/script>(.)/s" inverse to "/(.)<\/style>.?<script.?>(.)<\/script>(.*)/due south" in functions.php
corrected notice: Undefined index: mail service in wfu_admin.php when the website has no posts

4.14.4

restored .po files in languages so that users can change translations

4.14.3

slight change in wfu_get_filtered_recs to handle cases where b.date_from is null
lawmaking improvements to increase loading speed of plugin'southward file browser
added wfu_mime_content_type() function that uses several methods to go MIME type of a file

iv.14.2

code improved so that upload message colors correctly adapt to shortcode color settings
slight modifications to upload message colors while upload is in progress
plugin cookie names adjusted in case COOKIEHASH does not exist
corrected problems of the new plugin updater causing a alert when there are plugins that practise non have their own subdirectory
closing tags removed from all PHP files to avoid "Headers already sent" errors
corrected bug where the uploads counter was showing to non-administrators
wfu_log_action and wfu_process_files functions became redeclarable
removed debug_log from wfu_process_files_queue
consent Yes/No question was added in translation
corrected locale of Greek translation

iv.14.one

fix webcam play button bug
corrected issue with implode() role of minifier library appearing in websites having PHP > 7.4.2
wfu_admin.php modified to use wfu_ajaxurl() function

four.xiv.0

minor fixes of bugs and code improvements.

four.13.1

file checking of uploaded files hardened to better handle xss attacks coming through uploaded image files.

4.thirteen.0

corrected security vulnerability where remote code could be executed using directory traversal method. Credits to p4w security proficient for identifying the vulnerability.
improved user check algorithm during upload, related to upload parameters array
corrected bug where Restricted Page Loading was working simply for pages, all other post types were loading the plugin files as if there was no restriction

iv.12.2

corrected problems where files could non exist downloaded in some server environments when dboption user state handler was enabled

4.12.1

corrected bug where files could not be downloaded from Dashboard / Uploaded Files folio

4.12.0

corrected bug where consign information file was non deleted later on download
corrected bug in FTP credentials configurator about double backslash (\) issue
added cookies user land handler that has been integrated with dboption every bit 'Cookies (DBOption)' to comply with WordPress directives non to use session
'Cookies (DBOption)' user state handler has been fix equally the default one
added advanced choice WFU_US_DBOPTION_BASE and so that dboption tin can also work with session
added advanced selection WFU_US_SESSION_LEGACY to use the one-time session functionality of the plugin, having session_start() in header
added auto-adjustment of user state handler to 'dboption' during activation (or update) of the plugin
bug "Error: [] whorl error 28" in WordPress Site Health disappears when setting user state handler to 'Cookies (DBOption)' or when WFU_US_SESSION_LEGACY avant-garde option is false
added the power to run PHP processes in queue, which is necessary for correctly treatment uploads when user state handler is dboption

4.11.2

added easier configuration of FTP Credentials (ftpinfo) attribute of the uploader shortcode

4.11.1

corrected issues in functions wfu_manage_mainmenu() and wfu_manage_mainmenu_editor() that were echoing and non returning the generated HTML
added gear up for compatibility with Fast Velocity Minify plugin

4.eleven.0

code improved and so that shortcode composer tin exist used by all users who can edit pages (and non but the admins)
added surround variable 'Prove Shortcode Composer to Non-Admins' to control whether not-admin users tin can edit the shortcodes
added filtering of get_users() part in order to handle websites with many users more than efficiently
added notification in shortcode composer if user leaves page without saving
corrected bug where restricted frontend loading of the plugin was non working for websites installed in localhost due to incorrect calculation of asking uri

four.10.3

added the ability to move one or more files to another folder through the File Browser feature in Dashboard expanse of the plugin
improved responsiveness of shortcode composer and Main Dashboard folio of the plugin
issues fix in wfu_revert_log_action

4.ten.two

added wordpress_file_upload_preload_check() function in main plugin file to avoid conflicts of variable names with WordPress
updated webcam code to address createObjectURL Javascript mistake that prevents webcam feature to work in latest versions of browsers

4.ten.one

code modified so that vendor libraries are loaded simply when necessary
improved procedure of deleting all plugin options
added honeypot field to userdata fields; this is a security feature, in replacement of captchas, invisible to users that prevents bots from uploading files
added attribute 'Consent Denial Rejects Upload' in uploader shortcode Personal Data tab to finish the upload if the consent answer is no, too as 'Reject Message' attribute to customize the upload rejection message shown to the user
added aspect 'Do Not Remember Consent Answer' in uploader shortcode Personal Data tab to prove the consent question every time (and not only the first time)
attribute 'Preselected Answer' in uploader shortcode Personal Data tab modified to be uniform with either checkbox or radio Consent Format
upload result message adapted to show the right upload condition in case that files were uploaded merely were not saved due to Personal Data policy
code improved for sftp uploads to handle PECL ssh2 bug #73597

four.10.0

plugin code improved to support files containing single quote characters (') in their filename
corrected bug where plugin was deactivated after update

four.nine.1

added Maintenance activity 'Purge All Data' that entirely erases the plugin from the website and deactivates information technology
added advanced choice 'Hide Invalid Uploaded Files' so that Uploaded Files page in Dashboard tin can show only valid uploads
added advanced option 'Restrict Front-Finish Loading' to load the plugin only on specific pages or posts in guild to reduce unnecessary workload on pages non containing the plugin
code improved for amend operation of the plugin when the website works behind a proxy
added option in Clean Log to erase the files together with plugin data

iv.9.0

code further improved to reduce "Iptanus Server unreachable…" errors
checked Weglot Translate compatibility; /wp-admin/admin-ajax.php needs to exist added to Exclusion URL list of Weglot configuration and so that uploads can work
several significant additions in the Pro version, including Microsoft OneDrive integration

4.eight.0

added item in Admin Bar that displays number of new uploads and redirects to Uploaded Files Dashboard folio
code improved in Uploaded Files Dashboard page so that download activeness directly downloads the file, instead of redirecting to File Browser
added Avant-garde option 'WFU_UPLOADEDFILES_COLUMNS' that controls the order and visibility of Uploaded Files Dashboard page columns
added Advanced pick 'WFU_UPLOADEDFILES_ACTIONS' that controls the gild and visibility of Uploaded Files Dashboard page file actions
added several filters in Uploaded Files Dashboard page to brand it more than customizable
PHP function redeclaration system significantly improved to back up arguments by reference, execution afterwards the original office and redeclaration of variables
code improved to reduce "Iptanus Server unreachable…" errors (better functioning of verify_peer http context property)
added a link in Iptanus Unreachable Server error message to an Iptanus commodity describing how to resolve information technology

4.7.0

added Uploaded Files top-level Dashboard menu item, showing all the uploaded files and highlighting the new ones
added Portuguese translation from Rui Alao
checked and verified compatibility with Gutenberg
plugin initialization actions moved to plugins_loaded filter
stock-still bug clearing userdata fields when Select File is pressed
File Browser and View Log tables modified to go more responsive peculiarly for small screens

4.6.ii

corrected consent_status warning when updating user contour and Personal Data is off
user fields code improved for better data autofill behaviour

4.vi.1

added uploader shortcode attribute 'resetmode' to control whether the upload form volition exist reset after an upload
added pagination in File Browser tab in Dashboard area of the plugin

4.vi.0

corrected slash (/) parse Javascript fault near 'fakepath' appearring on some situations
added nonces in Maintenance Actions to increase security
improved code in View Log so that no links appear to invalid files
improved code in View Log and then that when the admin opens a file link to view file details, 'go back' button volition lead back to the View Log folio and not to File Browser
improved code in 'Make clean Log' button in Maintenance Actions in Dashboard surface area of the plugin, then that the admin can select the period of clean-upwards

4.5.1

code improved in wfu_js_decode_obj function for better compatibility with Safari browser
code improved to sanitize all shortcode attributes before uploader course or file viewer is rendered
removed external references to lawmaking.jquery.com and cdnjs.cloudflare.com for meliorate compliance with GDPR

4.5.0

added basic compliance with GDPR
added several shortcode attributes to configure personal data consent appearance and behaviour
added surface area in User Profile from where users can review and change their consent status
added Personal Information choice in Settings that enables personal data operations
added Personal Data tab in plugin'southward expanse in Dashboard from where administrators can export and erase users' personal data
corrected bug not accepting subfolder dimensions when subfolder chemical element was agile

4.4.0

added alternative user country handler using DB Options table in order to overcome problems with session variables actualization on many web servers

4.iii.4

all Settings sanitized correctly to prevent XSS attacks – credits to ManhNho for mentioning this problem

4.3.three

all shortcode attributes sanitized correctly to shut a serious security hole – credits to ManhNho for mentioning this problem

4.3.2

stock-still bug in wfu_before_upload and wfu_after_upload filters that was breaking JS scripts if they contained a endmost bracket ']' symbol

4.3.1

added placeholder pick in available characterization positions of additional fields; label will be the placeholder attribute of the field

4.3.0

fixed problems where ftp credentials did not work when username or countersign contained (:) or (@) symbols
RegExp fix for wfu_js_decode_obj function for improved compatibility with caching plugins
corrected WFU_Original_Template::get_instance() method because it ever returned the original class
View Log page improved so that displayed boosted user fields of an uploaded file are not cropped

4.two.0

changed logic of file sanitizer; dots in filename are by default converted to dashes, in order to avoid upload failures caused when the plugin detects double extensions
corrected bug where a Javascript error was generated when askforsubfolders was disabled and showtargetfolder was agile
added css and js minifier in inline code
plugin modified so that the shortcodes return correctly either Javascript loads early (in header) or late (in footer)
plugin modified so that Media record is deleted when the associated uploaded file is deleted from plugin'south database
corrected bug where some plugin images were not loaded while Relax CSS option was inactive

4.1.0

inverse logic of file sanitizer; dots in filename are by default converted to dashes, in guild to avoid upload failures caused when the plugin detects double extensions
added advanced option WFU_SANITIZE_FILENAME_DOTS that determines whether file sanitizer will sanitize dots or non
timepicker script and manner replaced by most recent version
timepicker script and style files removed from plugin and loaded from cdn
json2 script removed from plugin and loaded from WordPress registered script
JQuery UI fashion updated to latest 1.12.1 minified version
added wfu_before_admin_scripts filter before loading admin scripts and styles in order to control incompatibilities
removed getElementsByClassName-ane.0.1.js file from plugin, getElementsByClassName office was replaced by DOM querySelectorAll
corrected bug showing warning "Observe: Undefined variable: page_hook_suffix…" when a non-admin user opened Dashboard
corrected fatal error "func_get_args(): Tin't exist used every bit a role parameter" appearing in websites with PHP lower than v.3
added _wfu_file_upload_hide_output filter that runs when plugin should not be shown (e.g. for users not inluded in uploadroles), in social club to output custom HTML
corrected bug where email fields were e'er validated, even if validate option was non activated
corrected bug where number fields did non allow invalid characters, even if typehook selection was not activated
corrected issues where email fields were not allowed to be ampty when validate selection was activated
corrected fault T_PAAMAYIM_NEKUDOTAYIM appearing when PHP version is lower than 5.3
corrected bug with random upload fails caused when params_index corresponds to more than one params

4.0.one

translation of the plugin in Persian, kindly provided by Shahriyar Modami http://chabokgroup.com
corrected bug where notification email was not sending atachments
corrected issues not cleaning log in Maintenance Actions

4.0.0

huge renovation of the plugin, the UI code has been rewritten to return based on templates
lawmaking modified so that it can correctly handle sites where content dir is explicitly defined
corrected bug in Dashboard file editor so that it tin can work when the website is installed in a subdirectory
corrected warnings showing when editing a file that was included in the plugin's database
added filter in get_posts so that it does not crusade problems when there are too many pages/posts
bug fixes so that forcefilename works better and does not strip spaces in the filename
lawmaking improved to protect from hackers trying to utilize the plugin as email spammer
added advanced variable Force Email Notifications so that electronic mail can be sent even if no file was uploaded
corrected problems not showing sanitized filanames correctly in email
corrected bug and so that dates show-up in local time and not in UTC in Log Viewer, File Browser and File Editor
fixed bug showing "Warning: Missing argument 2 for wpdb::ready()" when cleaning upwardly the log in Maintenance Deportment
corrected issues where when configuring subfolders with visual editor the subfolder dialog showed unknown error
corrected bug where the Select File push button was not locked during upload in example of classical HTML (no-ajax) uploads
added abolish push functionality for classic no-ajax uploads
added support for Secure FTP (sftp) using SSH2 library
successmessagecolor and waitmessagecolors attributes are hidden as they are no longer used

three.11.0

added the ability to submit the upload class without a file, just similar a contact form
added attribute allownofile in uploader shortcode; if enabled then the upload form can be submitted without selection of a file
added wfu_before_data_submit and wfu_after_data_submit filters which are invoked when the upload course is submitted without a file
added advanced debug options for more comprehensive and deep troubleshooting
added internal filters for advanced hooking of ajax handlers
fixed several security problems
fixed bug that was generating an error when automatic subfolders were activated and the upload folder did not exist
corrected problems where single quote, double quote and backslash characters in user fields were not saved correctly (they were escaped)
fixed bug where any changes made to the user data (e.g. through a filter) were not included in the email message
added unique_id variable in wfu_before_file_check and wfu_after_file_upload filters
changed column titles in the tables of plugin instances in Main tab in Dashboard
fixed issues where if a user field was modified from the file editor, custom columns were irresolute order

3.10.0

an alternative Iptanus server is launched in Google Deject for resolving the notorious fault "file_get_contents(https://services2.iptanus.com/wp-admin/admin-ajax.php): failed to open stream: Connexion timed out."
added option 'Apply Alternative Iptanus Server' in Settings to switch to the culling Iptanus Server
added advanced option 'Alternative Iptanus Server' that points to an alternative Iptanus Server
added advanced choice 'Alternative Iptanus Version Server' that points to the culling Iptanus Server URL returning the latest plugin version
an error is shown in the Main page of the plugin in Dashboard if Iptanus Server is unreachable
a warning is shown in the Main page of the plugin in Dashboard if an alternative insecure (http) Iptanus Server is used
alternative fix of error accessing https://services2.iptanus.com for curl (by disabling CURLOPT_SSL_VERIFYHOST) and for sockets by employing a amend parser of socket response
added Swedish translation, kindly provided by Leif Persson
improved ftp functionality so that ftp folders tin be created recursively

3.9.six

added internal filter _wfu_file_upload_output before echoing uploader shortcode html
added ability to modify the order of additional user fields in shortcode visual editor

3.nine.v

added surroundings variable 'Upload Progress Mode' that defines how upload progress is calculated
improved progress bar calculation
minor bug fixes in AJAX functions mentioned by Hanneke Hoogstrate http://www.blagoworks.nl/

3.9.four

added option to enable admin to change the upload user of a file
code improvements and bug fixes related to file download feature
lawmaking improvements related to make clean database function
added Italian translation

3.9.3

added option to permit loading of plugin's styles and scripts on the front-cease only for specific posts/pages through wfu_before_frontpage_scripts filter
fixed bug where when uploading big files with identical filenames and 'maintain both' option, not all would be saved separately
two advanced variables were added to permit the admin modify the export office separators

iii.9.2

added surround variable to enable or disable version bank check, due to access bug of some users to Iptanus Services server
added timeout option to wfu_post_request office
added Spanish translation, kindly provided past Marton

iii.ix.one

temporary set up to address issue with plugin'due south Main page in Dashboard non loading, past disabling plugin version check
correct Safari trouble with extra spaces in success bulletin coming from force_close_connection
right bug where when extension has capital letters information technology is rejected

3.9.0

a large number of extensions take been blacklisted for preventing upload of potentially dangerous files
the plugin will not let inclusion, renaming or downloading of files with blacklisted extensions based on the new listing
if no upload extensions are defined or the uploadpattern is also generic, then the plugin will permit merely specific extensions based on a white list of extensions; if the administrator wants to include more extensions he/she must declare them explicitely
the use of the wildcard asterisk symbol has become stricter, asterisk will friction match all characters except the dot (.), then the default . blueprint will allow only one extension in the filename (and not more as happened so far).
added environment variable 'Wildcard Asterisk Manner' for defining the fashion of the wildcard asterisk symbol. If it is 'strict' (default) then the asterisk will not friction match dot (.) symbol. If information technology is 'loose' then the asterisk volition match any characters (including dot).
slight issues fixes and so that wildcard syntax works correctly with square brackets
added maximum number of uploads per specific interval in lodge to avoid DDOS attacks
added environment variables related to Denial-Of-Service attacks in club to configure the behaviour of the DOS attack checker
bug fix of wfu_before_file_upload filter that was not working correctly with files larger than 1MB

3.viii.5

added bulk deportment feature in File Browser in Dashboard for admins
added delete and include bulk deportment in File Browser
improvement of column sort functionality of File Browser
added environment variable 'Use Alternative Randomizer' in order to make string randomizer function work for fast browsers
uploadedbyuser and userid fields became int to cope with big user ID numbers on some WordPress environments

3.8.4

dublicatespolicy attribute replaced by grammaticaly right duplicatespolicy, withal backward compatibility with the quondam attribute is maintained

3.eight.3

stock-still problems of subdirectory selector that was not initializing correctly afterward upload
fixed slight widget incompatibility with customiser
stock-still bug of elevate-northward-drop feature that was not working when singlebutton functioning was activated

3.8.2

fixed bug in wfu_after_file_loaded filter that was not working and was overriden by obsolete wfu_after_file_completed filter
added option in plugin'southward Settings in Dashboard to include additional files in plugin'south database
added feature in Dashboard File Browser for admins to include additional files in plugin's database

iii.8.1

fixed bug with indistinguishable userdata IDs in HTML when using more than ane userdata occurrences

3.8.0

added webcam option that enables webcam capture functionality
added webcammode atribute to define capture mode (screenshots, video or both)
added audiocapture attribute to define if audio will exist captured together with video
added videowidth, videoheight, videoaspectratio and videoframerate attributes to constrain video dimensions and frame charge per unit
added camerafacing attribute to define the photographic camera source (front or dorsum)
added maxrecordtime attribute to define the maximum record time of video
added uploadmediabutton, videoname and imagename attributes to define custom webcam-related labels
fixed issues that strips not-latin characters from filename when downloading files

3.7.3

improved filename sanitization office
added Chinese translation by Yingjun Li

3.7.two

added option to cancel upload
setting added so that upload does not fail when site_url and home_url are different
added attribute requiredlabel in uploader'south shortcode that defines the required keyword
required keyword can now be styled separately from the user field label
add together user fields in Media together with file
setting added so that userdata fields are shown in Media Library or not
added Dutch translation by Ruben Heynderycx

iii.7.1

internal code modifications and slight bug corrections

3.7.0

significant code modifications to brand the plugin pluggable, invisible to users
addition of before and after upload filters
correction of small bug in Shortcode Composer of File Viewer

iii.6.1

Iptanus Services server for getting version info and other utilities is now secure (https)
fixed bug with wfu_path_abs2rel function when ABSPATH is only a slash
additional fixes and new features in Professional version

3.half-dozen.0

French translation improved
correction of minor problems at wfu_functions.php
code improvements in upload algorithm
wp_check_filetype_and_ext check moved afterwards completion of file
added wfu_after_file_complete filter that runs right after is fully uploaded
improved appearance of plugin's area in Dashboard

3.5.0

textdomain changed to wp-file-upload to support the translation characteristic of wordpress.org
added choice in Maintenance Actions of plugin's area in Dashboard to consign uploaded file data
added pagination of non-admin logged user's Uploaded Files Browser
added pagination of front end-end File Listing Viewer
added pagination of user permissions tabular array in plugin's Settings
added pagination of Log Viewer
corrected bug in View Log that was non working when pressing on the link
improvements to View Log feature
improvements to file download function to avoid abuse of downloaded file due to set_time_limit office that may generate warnings
added wfu_before_frontpage_scripts filter that executes right before frontpage scripts and styles are loaded
added functionality to avoid incompatibilities with NextGen Gallery plugin

3.four.1

plugin's security improved to decline files that contain .php.js or similar extensions

three.iv.0

added fitmode attribute to make the plugin responsive
added widget "WordPress File Upload Form", so that the uploader can be installed in a sidebar
changes to Shortcode Composer then that it can edit plugin instances existing in sidebars as widgets
changes to Uploader Instances in plugin's area in Dashboard to evidence also instances existing inside sidebars
added the ability to ascertain dimensions (width and meridian) for the whole plugin
dimensioning of plugin'southward elements improved when fitmode is prepare to "responsive"
filter and non-object warnings of front-end file browser, appearing when DEBUG mode is ON, removed
problems fixed to front-end file browser to hide Shortcode Composer push button for not-admin users
logic changed to front-terminate file browser to allow users to download files uploaded past other users
lawmaking changed to front end-end file browser to testify a message when a user attempts to delete a file that was non uploaded by him/her

3.3.ane

bug corrected that was breaking plugin performance for php versions prior to 5.three
added a "Maintenance Deportment" department in plugin's Dashboard page
added option in plugin'south "Maintenance Actions" to completely make clean the database log

three.3.0

userdatalabel attribute changed to let many field types
added the post-obit user data field types: simple text, multiline text, number, e-mail, confirmation email, password, confirmation password, checkbox, radiobutton, appointment, time, datetime, listbox and dropdown listing
added several options to configure the new user data fields: label text (to define the label of the field), label position (to ascertain the position of the label in relation to the field), required selection (to ascertain if the field needs to be filled earlier file upload), do-not-autocomplete selection (to prevent the browsers for completing the field automatically), validate option (to perform validity checks of the field before file upload depending on its type), default text (to define a default value), group id (to grouping fields together such equally multiple radio buttons), format text (to define field formatting depending on the field blazon), typehook selection (to enable field validation during typing inside the field), hint position (to define the position of the message that will exist shown to prompt the user that a required field is empty or is non validated) as well every bit an choice to define additional information depending on the field type (e.grand. ascertain list of items of a listbox or dropdown list)
Shortcode Composer changed to support the new user data fields and options
placement attribute can accept more than than one instances of userdata
fixed issues not showing appointment selector of engagement fields in Shortcode Composer when working with Firefox or IE browsers
in some cases required userdata input field will turn red if not populated
shortcode_exists and wp_slash fixes for working before 3.6 WordPress version
minor problems fixes

iii.two.i

removed 'course-field' course from admin table tr elements
corrected bug that was causing problems in uploadrole and uploaduser attributes when a username or role contained uppercase letters
uploadrole and uploaduser attributes logic modified; guests are allowed only if 'guests' word is included in the attribute
modifications to the download functionality script to exist more robust
corrected problems that was not showing options below a line item of admin tables in Cyberspace Explorer
several feature additions and bug fixes in Professional person version

iii.2.0

added choice in plugin's settings to relax CSS rules so that plugin inherits theme styling
modifications in html and css of editable subfolders characteristic to look better
modifications in html and css of prompt message when a required userdata field is empty
PLUGINDIR was replaced by WP_PLUGIN_DIR so that the plugin can work for websites where the contents dir is other than wp-content
fixed bug that was not allowing Shortcode Composer to launch when the shortcode was too big
fixed bug that was causing front-end file list not to work properly when no instance of the plugin existed in the aforementioned page / post

3.1.2

important bug detected and fixed that was stripping slashes from post or page content when updating the shortcode using the shortcode composer

3.one.1

the previous version bankrupt the easy creation of shortcodes through the plugin'due south settings in Dashboard and it has been corrected, together with some improvements

three.1.0

an of import feature (front end-end file browser) has been added in professional person version 3.1.0
added port number support for uploads using ftp fashion
corrected bug that was non showing correctly in file browser files that were uploaded using ftp mode
eliminated confirmbox warning showing in page when website'southward DEBUG mode is ON
eliminated warning: "Invalid statement supplied for foreach() in …plugins/wordpress-file-upload-pro/lib/wfu_admin.php on line 384"
eliminated warning: "Notice: Undefined index: postmethod in /var/www/wordpress/wp-content/plugins/wordpress-file-upload-pro/lib/wfu_functions.php on line 1348"
eliminated warnings in plugin'due south settings in Dashboard

3.0.0

major version number has avant-garde because an important feature has been added in Pro version (logged users can browse their uploaded files through their Dashboard)
several lawmaking modifications in file browser to make the plugin more than secure against hacking, some functionalities in file browser take slightly changed
new file browser cannot edit files that were not uploaded with the plugin and it cannot edit or create folders
upload path cannot exist outside the wordpress installation root
files with extension php, js, pht, php3, php4, php5, phtml, htm, html and htaccess are forbidden for security reasons

2.7.6

added functionality in Dashboard to add the plugin to a folio automatically
fixed bug that was not showing the Shortcode Composer because the plugin could not find the plugin instance when the shortcode was nested in other shortcodes

two.vii.5

added German and Greek translation

2.7.4

added Serbian translation cheers to Andrijana Nikolic from http://webhostinggeeks.com/
bug gear up with %blogid%, %pageid% and %pagetitle% that where not implemented in notification emails
in single button functioning selected files are removed in example that a subfolder has not been previously selected or a required user field has not been populated
problems fixed in unmarried file performance that immune option of multiple files through drag-and-drop
bug stock-still with files over 1MB that got corrupted when maintaining files with same filename
dummy (examination) Shortcode Composer push removed from the plugin'south Settings equally it is no longer useful
added support for empty (zero size) files
many lawmaking optimizations and security enhancements
fixed javascript errors in IE8 that were breaking upload functioning
code improvements to avoid brandish of session warnings
added %username% in redirect link
added option in plugin's Settings in Dashboard to select alternative POST Upload method, in gild to resolve errors like "http:// wrapper is disabled in the server configuration by allow_url_fopen" or "Call to undefined role curl_init()"
added filter action wfu_after_upload, where the admin can define additional javascript code to be executed on user'southward browser later each file is finished

2.7.3

important bug fix in Pro version
added wfu_before_email_notification filter
corrected bug not showing correctly special characters (double quotes and braces) in email notifications

2.7.2

important bug fix in Pro version, very slight changes in costless version

2.7.i

fixed bug with faulty plugin instances appearing when Woocommerce plugin is also installed
Upload of javascript (.js) files is not immune for fugitive security problems
stock-still bug with medialink and postlink attributes that were not working correctly
when medialink or postlink is activated, the files will be uploaded to the upload folder of WP website
when medialink or postlink is activated, subfolders volition be deactivated
added selection in subfolders to enable the list to populate automatically
added selection in subfolders the user to be able to type the subfolder
wfu_before_file_check filter can alter the target path (not only the file proper name)

ii.seven.0

corrected bug when deleting plugin instance from the Dashboard
corrected bug not finding "loading_icon.gif"

2.6.0

full redesign of the upload algorithm to become more robust
added improved server-side handling of large files
plugin shortcodes can be edited using the Shortcode Composer
added visual editor button on the plugin to enable administrators to modify the plugin settings easily
corrected bug causing sometimes database overloads
slight improvements of subfolder option
improvements to avoid code breaking in ajax calls when at that place are php warnings or echo from WordPress environment or other plugins
improvements and issues fixes in uploader when classic (no AJAX) upload is selected
eliminated php warnings in shortcode composer
corrected bug that was non correctly downloading files from the plugin's File Browser
added meliorate security when downloading files from the plugin'southward File Browser
stock-still bug not correctly showing the user that uploaded a file in the plugin'south File Browser
employ of scroll to perform server http requests was replaced past native php because some web servers do non have CURL installed
corrected bug in shortcode composer where userdata fields were not shown in variables drib down
added characteristic that prevents page closing if an upload is on progress
added forcefilename attribute to avoid filename sanitization
added ftppassivemode attribute for enabling FTP passive mode when FTP method is used for uploading
added ftpfilepermissions attribute for defining the permissions of the uploaded file, when using FTP method
javascript and css files are minified for faster loading

2.v.5

fixed serious issues not uploading files when captcha is enabled
fixed issues not redirecting files when email notification is enabled

2.5.4

mitigated issue with "Session failed" errors appearing randomly in websites
fixed problems non applying %filename% variable inside redirect link
fixed issues not applying new filename, which has been modified with wfu_before_file_upload filter, in electronic mail notifications and redirects
fixed bug where when 2 big files were uploaded at the aforementioned time and one failed due to failed chunk, then the progress bar would non get to 100% and the file would not be shown as cancelled

2.5.3

fixed problems not allowing redirection to piece of work
fixed bug that was including failed files in electronic mail notifications on sure occasions
default value for uploadrole changed to "all"

two.5.two

stock-still of import issues in complimentary version not correctly showing message afterward failed upload

2.5.ane

fixed important problems in complimentary version giving the same name to all uploaded files
fixed problems in free version non clearing completely the plugin cache from previous file upload

2.5.0

major redesign of upload algorithm to accost upload issues with Safari for Mac and Firefox
files are first checked by server before actually uploaded, in order to avoid uploading of big files that are invalid
modifications to progress bar code to make progress bar smoother
restrict upload of .php files for security reasons
fixed bug not showing correctly userdata fields inside electronic mail notifications when using ampersand or other special characters in userdata fields

two.4.6

variables %blogid%, %pageid% and %pagetitle% added in electronic mail notifications and subject and %dq% in subject
corrected bug that was breaking Shortcode Composer when using more than x attributes
corrected bug that was rejecting file uploads when uploadpattern attribute contained blank spaces
several lawmaking corrections in order to eliminate PHP alarm messages when DEBUG mode is on
several code corrections in order to eliminate warning messages in Javascript

2.iv.5

correction of issues when using userfields inside notifyrecipients

2.4.4

intermediate update to make the plugin more immune to hackers

ii.iv.three

correction of issues to allow uploadpath to receive userdata equally parameter

two.4.2

intermediate update to address some vulnerability issues

2.4.1

added filters and actions before and after each file upload – cheque below Filters/Actions department for instructions how to use them
added storage of file info, including user data, in database
added logging of file deportment in database – admins can view the log from the Dashboard
admins can automatically update the database to reflect the current status of files from the Dashboard
file browser improvements so that more than information virtually each file (including any user information) are shown
file browser improvements so that files tin be downloaded
filelist improvements to display correctly long filenames (Pro version)
filelist improvements to distinguish successful uploads from failed uploads (Pro version)
improvements of chunked uploads and so that files that are not immune to be uploaded are cancelled faster (Pro version)
corrected wrong check of file size limit for chunked files (Pro version)
added postlink attribute so that uploaded files are linked to the current page (or postal service) as attachments
added subfolderlabel attribute to define the characterization of the subfolder selection feature
several improvements to subfolder selection feature
default value added to subfolder selection feature
definition of the subfoldertree attribute in the Shortcode Composer is now done visually
%userid% variable added inside uploadpath attribute
userdata variables added inside uploadpath and notifyrecipients attributes
uploadfolder_label added to dimension items
user fields feature improvements
user fields label and input box dimensions are customizable
captcha prompt label dimensions are customizable (Pro version)
added gallery attribute to allow the uploaded files to be shown as paradigm gallery below the plugin (Pro version)
added galleryoptions attribute to define options of the image gallery (Pro version)
added css aspect and a fragile css editor within Shortcode Composer to let better styling of the plugin using custom css (Pro version)
e-mail feature improved in conjunction with redirection
improved interoperability with WP-Filebase plugin
improved functionality of free text attributes (similar notifymessage or css) by allowing double-quotes and brackets inside the text (using special variables), that were previously breaking the plugin

2.iii.1

added choice to restore default value for each aspect in Shortcode Composer
added support for multilingual characters
correction of bug in Shortcode Composer that was not assuasive attributes with singular and plural form to be saved
correction of bug that was not changing errormessage attribute in some cases

2.2.3

correction of problems that was freezing the Shortcode Composer in some cases
correction of bug with successmessage attribute

2.two.2

serious bug fixed that was breaking operation of Shortcode Composer and File Browser when the WordPress website is in a subdirectory

two.ii.1

added file browser in Dashboard for admins
added attribute medialink to allow uploaded files to be shown in Media
serious bug stock-still that was breaking the plugin because of preg_replace_callback part
corrected error in offset endeavor to upload file when captcha is enabled

ii.1.3

variables %pagetitle% and %pageid% added in uploadpath.
issues fixes when working with IE8.
Shortcode Composer saves selected options
Easier handling of userdata variables in Shortcode Composer
correction of bug that immune debugdata to exist shown in non-admin users
reset.css removed from plugin equally it was causing breaks in theme's css
correction of bug with WPFilebase Manager plugin

two.ane.two

Several bug fixes and code reconstruction.
Code modifications so that the plugin tin operate even when DEBUG mode is ON.
New attribute debugmode added to allow ameliorate debugging of the plugin when there are errors.

ii.1.1

Bug fixes with broken images when WordPress website is in a subdirectory.
Replacement of glob function considering is not allowed by some servers.

2.0.2

Bug fixes in Dashboard Settings Shortcode Composer.
Correction of of import problems that was breaking page in some cases.
Minor improvements of user information fields and notification email attributes.

2.0.1

This is the initial release of WordPress File Upload. Since this plugin is the successor of Inline Upload, the whole changelog since the cosmos of the later is included.

Name of the plugin changed to WordPress File Upload.
Plugin has been completely restructured to permit additional features.
A new more advanced message box has been included showing information in a more structured way.
Error detection and reporting has been improved.
An assistants page has been created in the Dashboard Settings, containing a Shortcode Composer.
Some more options related to configuration of message showing upload results have been added.
Several bug fixes.

1.seven.14

Userdata attribute changed to let the creation of more fields and required ones.
Spanish translation added thanks to Maria Ramos of WebHostingHub.

1.vii.13

Added notifyheaders attribute, in order to allow amend control of notification email sent (e.g. allow to transport HTML email).

i.7.12

Added userdata attribute, in social club to allow users to ship additional text data along with the uploaded file.

1.vii.11

Added single button performance (file will be automatically uploaded when selected without pressing Upload Button).

1.7.x

Fixed bug with functionality of attribute filebaselink for new versions of WP-Filebase plugin.

1.7.9

Fixed problem with functionality of attribute filebaselink for new versions of WP-Filebase plugin.

1.vii.8

More than one roles can now exist defined in attribute uploadrole, separated by comma (,).

one.vii.7

Variable %filename% now works also in redirectlink.

one.7.6

Changes in ftp functionality, added useftpdomain aspect and so that it can work with external ftp domains every bit well.
Improvement of archetype upload (used in IE or when setting forceclassic to true) messaging functionality.
Small-scale bug fixes.

1.7.5

Source modified so that information technology can work with WordPress sites that are non installed in root.
Added variable %blogid% for use with multi-site installations.
Bug fixes related to showing of messages.

1.7.4

Replacement of json2.js with another version.

one.vii.3

CSS style changes to resolve conflicts with diverse theme CSS styles.

1.7.2

Added variable %useremail% used in notifyrecipients, notifysubject and notifymessage attributes.

one.7.1

Added adequacy to upload files outside wp-content folder.
Improved error reporting.

1.seven

Complete restructuring of plugin HTML code, in gild to go far more configurable and customizable.
Appearance of messages has been improved.
Added selection to put the plugin in testmode.
Added selection to configure the colors of success and fail letters.
Added option to modify the dimensions of the private objects of the plugin.
Added option to change the placement of the individual objects of the plugin.
Improved error reporting.
Added localization for error messages.
Minor bug fixes.

ane.half-dozen.3

Problems fixes to correct incompatibilities of the new ajax functionality when uploadrole is set to "all".

one.6.2

Bug fixes to correct incompatibilities of the new ajax functionality with redirectlink, filebaselink and adminmessages.

1.6.1

Correction of serious bug that prevented the normal functioning of the plugin when the browser of the user supports HTML5 functionality.
Tags added to the plugin WordPress page.

ane.6

Major lifting of the whole lawmaking.
Added ajax functionality so that file is uploaded without page reload (works in browsers supporting HTML5).
Added upload progress bar (works in browsers supporting HTML5).
Added option to allow user to select if wants to use the old form upload functionality.
File will non be saved again if user presses the Refresh push (or F5) of the folio.
Translation strings updated.
Problems fixes for issues when there are more than one instances of the plugin in a single folio.

1.5

Added option to notify user nearly upload directory.
Added selection to allow user to select a subfolder to upload the file.

1.4.1

css corrections for bug fixes.

i.iv

Added choice to attach uploaded file to notification e-mail.
Added option to customize message on successful upload (variables %filename% and %filepath% can exist used).
Added option to customize colour of message on successful upload.
"C:\fakepath\" trouble resolved.
alarm message near function create_directory() resolved.
css enhancements for compatibility with more themes.

1.iii

Boosted variables added (%filename% and %filepath%).
All variables tin can be used inside bulletin subject and message text.
Added pick to make up one's mind how to treat duplicates (overwrite existing file, leave existing file, leave both).
Added option to determine how to rename the uploaded file, when another file already exists in the target directory.
Added option to create directories and upload files using ftp access, in order to overcome file owner and Prophylactic MODE restrictions.
Added the capability to redirect to another spider web folio when a file is uploaded successfully.
Added the option to show to administrators additional messages nigh upload errors.
Bug fixes related to interoperability with WP_Filebase

1.2

Added notification by electronic mail when a file is uploaded.
Added the ability to upload to a variable folder, based on the proper name of the user currently logged in.

1.1

Added the option to let anyone to upload files, by setting the attribute uploadrole to "all".

1.0

Initial version.

swartzthise1995.blogspot.com

Source: https://wordpress.org/plugins/wp-file-upload/