Simple File Upload 
Version
1.3.5 (last update on Jan 2, 2012)
Rating
Compatibility
Reviews
61
License
GPLv2 or later
Non-Commercial
Type
Date Added
20 May 2009
Version 1.3.5 is tested and verified on Joomla 2.5! (2012-01-14)
Use download for 1.6/1.7!
!!!Security Release 2012-01-02!!!
JED found an exploit in the code where they managed to upload a file named "file.php5". Unfortunately I had not added php5 to the blocked extensions list but now (version 1.3.5) it is added along with .php6 and an extra check to see if ".php" exists in the file-name!
Please make sure to update to version 1.3.5 as soon as possible!
UPDATE 2010-01-04: To be even more on the safe side I have now added code to inspect GIF comments. There is a new option called "Block PHP GIF comments" in the settings which is default set to "Yes" which will read any GIF comment and block the upload if the comment contains any PHP code!
!!!Security Release!!!
It includes the following key features:
- Multiple modules on the same page with different settings
- "Add Note" to uploaded files
- Image re-size
- Automated thumbnail creation for images
- Image compress for JPEG and PNG
- Now supports both "User Named Directory" and "User Defined Directory"! (see below)
- CAPTCHA
- List files in upload directory in pop-up (FancyBox)
- Multiple files upload
- Notification e-mail
- And more...
More features:
- Integrated Ajax in Joomla framework
- "Blacklist" of extensions (threat-protection)
- Multi select file browser for FireFox 3.6+ versions
- Info popup-box now contains the link (URL)
- URL attached in e-mail notice
- Redirect option after uploading
- User Named Directory: You can set a root path for User Named Directories, e.g. "/home/users/" and then select which users should have the option to use the directory.
- User Defined Directory: You can select from the list of users and add custom directory paths for the user.
- Multiple choice of upload paths added. If a users has "User Named Directory" and/or "User Defined Directory" the user will get a pop-up box asking for the directory to upload to.
- List files option from upload directory in "pop-up"
- Form Fields can now be collected into the same file. A few JED Image Galleries are using a parameter file for labels/description of images.
- Multiple languages.
Joomla 3.0 is now supported!
User Named Directories and User Defined Directories now also works on Joomla 3.0!
Take care!
Regards,
Anders
This is potentially a great, simple, free module but, for me it has a couple of flaws. The first, that it resizes images up if they are too small, I was able to correct. The second, that it does not replace spaces in filenames on upload, means that it does not work with my slideshow - which replaces them with "%20" and breaks the link.
My understanding is that it is now standard practice to use dashes or underscores in filenames to avoid these problems but I cannot rely on people uploading to do so.
I spent quite a while trying to hack the code to get it to work (I did succeed with some other modifications so I can't be a complete idiot!) but was not able to replace the spaces without breaking the text file writing part of the script.
I asked the developer but he was not able to do it.
My understanding is that it is now standard practice to use dashes or underscores in filenames to avoid these problems but I cannot rely on people uploading to do so.
I spent quite a while trying to hack the code to get it to work (I did succeed with some other modifications so I can't be a complete idiot!) but was not able to replace the spaces without breaking the text file writing part of the script.
I asked the developer but he was not able to do it.
Owner's reply
Hi, so sorry that you are not satisfied with the work I've done. I have released my Extensions as GPL free for all to grab, use and change as they like.
I try to help out with modifications the best I can but I do have a day-time job and do this at my spear-time why I simply don't have time to help all users asking for modifications.
I tried to help you out and sent several e-mails pointing out where to alter the code. Study PHP a bit more and then give it another go...
Next time when you rate something, please do so on the functions included, not according to what YOU want to have included... :(
Regards,
Anders
This is a great extension, and does exactly what it says it does. It has a simple front-end, and a enough options on the back-end to make it useful and secure. Also, as stated many times in other reviews, the tech support (Anders) is excellent with a good response time and knowledgeable answers. I had a little difficulty getting it installed and working, however the problems were on my end and Anders was able to quickly provide help. I would easily recommend this extension to anyone who needs visitors to upload files to their website.
That being said, when I first installed the mod, it didn't work at all. Turns out this was caused by wrong file permissions in the mod folder. Not sure how this happened, but Anders was able to quickly get to the bottom of this. The second issue was that uploads would seem to fail, or time-out with no warning. Once again, Anders was able to show me that it was due to a configuration problem with the PHP.INI (Problem on my end, not the SFU mod. My uploads were limited to 8MB.) Once I corrected the PHP.INI, the uploads (and multiple uploads) worked fine.
That being said, when I first installed the mod, it didn't work at all. Turns out this was caused by wrong file permissions in the mod folder. Not sure how this happened, but Anders was able to quickly get to the bottom of this. The second issue was that uploads would seem to fail, or time-out with no warning. Once again, Anders was able to show me that it was due to a configuration problem with the PHP.INI (Problem on my end, not the SFU mod. My uploads were limited to 8MB.) Once I corrected the PHP.INI, the uploads (and multiple uploads) worked fine.
Really makes it easy to let users upload files, simply! Works well as is, or can be configured for more particular needs.
I'm using it, for example, for a client that wanted a way for their clients to submit files and artwork that was too big for e-mail. This extension allowed me to have users upload to their own, separate, sub-directories and don't see other users' folders or files.
I'm using it, for example, for a client that wanted a way for their clients to submit files and artwork that was too big for e-mail. This extension allowed me to have users upload to their own, separate, sub-directories and don't see other users' folders or files.
When I installed and configured Simple File Upload I could not get the Captcha and form fields to work. As soon as I enabled either one of them it would not upload the file. I contacted Anders and within a few hours he responded and gave me some ideas to try. It is now working great and I am really pleased with how the module looks and functions. Great module and super service.
In my experience, all too often, when searching for a joomla extension you get all excited when you think you've found it. Then your hopes are dashed when the extension fails to live up to your expectations, or you find it practically impossible to install, and / or configure.
However, this one didn't disappoint!
Once you actually find the correct version to install, getting it up and running is a breeze. Apparently I had installed the wrong version. The download page is a little bit confusing, but as soon as I made a comment on the website, Anders got back to me straight away with a solution in an email. Now everything seems to be working fine.
All in all, an excellent extension, so thanks and well done Anders. Cheers, Allan
PS. I will indeed be happy to give you a donation because it certainly is worth at least $5 bucks!
However, this one didn't disappoint!
Once you actually find the correct version to install, getting it up and running is a breeze. Apparently I had installed the wrong version. The download page is a little bit confusing, but as soon as I made a comment on the website, Anders got back to me straight away with a solution in an email. Now everything seems to be working fine.
All in all, an excellent extension, so thanks and well done Anders. Cheers, Allan
PS. I will indeed be happy to give you a donation because it certainly is worth at least $5 bucks!
But it was simple to install and use! When I had a question that was racking my brain (because I didn't read the manual...my fault), Anders was quick to reply and solve the problem in a friendly way. Two thumbs up, five stars, and whatever top rating you can give! If all developers were like this, the web would be a much happier place!
Simple File Upload does exactly what it says!
Even if you have very little joomla experience you will be able to have your website visitors uploading files to your sever in no time.
It integrates perfectly with Simple File Lister to automatically add the newly uploaded files the list as well.
It also offers you decent security by allowing you to restrict and exclude the file types that can be uploaded, captcha to prevent bot exploitation, and notification emails so you will quickly be able to recognize if someone is abusing the feature.
For me, the combination of the two modules works perfectly as a way for the teachers who visit my page to upload and exchange classroom handouts and create an ever growing online repository.
Not to mention support seems to be very quick, with Anders even mailing me a build of the module that will not be released until later this week!
I can highly recommend it.
Thanks Anders!
Even if you have very little joomla experience you will be able to have your website visitors uploading files to your sever in no time.
It integrates perfectly with Simple File Lister to automatically add the newly uploaded files the list as well.
It also offers you decent security by allowing you to restrict and exclude the file types that can be uploaded, captcha to prevent bot exploitation, and notification emails so you will quickly be able to recognize if someone is abusing the feature.
For me, the combination of the two modules works perfectly as a way for the teachers who visit my page to upload and exchange classroom handouts and create an ever growing online repository.
Not to mention support seems to be very quick, with Anders even mailing me a build of the module that will not be released until later this week!
I can highly recommend it.
Thanks Anders!
Before i will give this module an excellent review grad, i would like to have my warnings gone. Tried some possibilities but no luck. I have written to the developer, but no luck there either.
Owner's reply
So sorry that you aren't 100% happy with my module...
As you wrote I have tried to help you but as you could not provide the logs for your server it is impossible for me to try and solve your issue with why the Warning is posted.
If you reduce the logging level for Joomla from Maximum the Warning will not be visible and SFU will still work fine...
Please let me know if you can get hold of the logs.
Regards,
Anders
Very nice module. I am using it to give my customers website the ability to upload fishing photos. He is a fishing guide and most of his customers are from out of state. Works very well out of the box. Couldn't be easier to install. The only issue I had was setting the module width, as it still shows a bottom scroll bar on the left module position. Love the modal box and ajax! Thank you for you efforts and great job!
I tried a few similar modules before this one and this was the winner (and actually the only one that really worked right out of the box). Simply allows uploading files. Works on Linux too (some of the others don't).
Looks nice too, although that wasn't that important in my case.
Looks nice too, although that wasn't that important in my case.
I have been doing a website for a community radio station. We want to encourage local talent to audition on-line by uploading an mp3 file of their performance, along with their contact details. This module does exactly what we want. Installation was simple and support response was excellent when some minor issues arose initially.
I have been looking for a way to let my member submit a file to me.
The only solution WAS paid extension from CB.
But, this module simplify the thing for free (well, let's donate when you earn profit from using this module)
As for the security vulnerability, IN ADDITION to utilizing the blacklist function, we can also put a .htaccess to disallow any file access from that particular upload folder.
The only solution WAS paid extension from CB.
But, this module simplify the thing for free (well, let's donate when you earn profit from using this module)
As for the security vulnerability, IN ADDITION to utilizing the blacklist function, we can also put a .htaccess to disallow any file access from that particular upload folder.
Owner's reply
Thanks for taking the time to review my extension!
The suggestion for .htaccess is very good and should be used if added security is required on the server!
For anyone using IIS here is an article that some other user sent me for .htaccess on IIS: http://forums.iis.net/p/1151878/1879997.aspx#1879997
Regards,
Anders
Page 2 of 4
