Simple File Upload 
Version
1.3.5 (last update on Jan 2, 2012)
Rating
Compatibility
Reviews
61
License
GPLv2 or later
Non-Commercial
Type
Date Added
20 May 2009
Version 1.3.5 is tested and verified on Joomla 2.5! (2012-01-14)
Use download for 1.6/1.7!
!!!Security Release 2012-01-02!!!
JED found an exploit in the code where they managed to upload a file named "file.php5". Unfortunately I had not added php5 to the blocked extensions list but now (version 1.3.5) it is added along with .php6 and an extra check to see if ".php" exists in the file-name!
Please make sure to update to version 1.3.5 as soon as possible!
UPDATE 2010-01-04: To be even more on the safe side I have now added code to inspect GIF comments. There is a new option called "Block PHP GIF comments" in the settings which is default set to "Yes" which will read any GIF comment and block the upload if the comment contains any PHP code!
!!!Security Release!!!
It includes the following key features:
- Multiple modules on the same page with different settings
- "Add Note" to uploaded files
- Image re-size
- Automated thumbnail creation for images
- Image compress for JPEG and PNG
- Now supports both "User Named Directory" and "User Defined Directory"! (see below)
- CAPTCHA
- List files in upload directory in pop-up (FancyBox)
- Multiple files upload
- Notification e-mail
- And more...
More features:
- Integrated Ajax in Joomla framework
- "Blacklist" of extensions (threat-protection)
- Multi select file browser for FireFox 3.6+ versions
- Info popup-box now contains the link (URL)
- URL attached in e-mail notice
- Redirect option after uploading
- User Named Directory: You can set a root path for User Named Directories, e.g. "/home/users/" and then select which users should have the option to use the directory.
- User Defined Directory: You can select from the list of users and add custom directory paths for the user.
- Multiple choice of upload paths added. If a users has "User Named Directory" and/or "User Defined Directory" the user will get a pop-up box asking for the directory to upload to.
- List files option from upload directory in "pop-up"
- Form Fields can now be collected into the same file. A few JED Image Galleries are using a parameter file for labels/description of images.
- Multiple languages.
Joomla 3.0 is now supported!
User Named Directories and User Defined Directories now also works on Joomla 3.0!
Take care!
Regards,
Anders
I have written my own upload function as a plug-in previously to be included in articles but wanted a module instead. I started working on my own module but figured to look for ready-made solutions here first. I first tried the "Easy File Uploader" and noticed I needed to alter it to make it work as I needed.
Then I had a go at this extension and BAM, it does all I need.
The developer should look into the security "hole" found by the "Easy Uploader" developer though as no such attempt to prevent false file types seems to be included in the code.
I am very happy that I don't have to alter anything in this extension!
Keep up the good work!
Then I had a go at this extension and BAM, it does all I need.
The developer should look into the security "hole" found by the "Easy Uploader" developer though as no such attempt to prevent false file types seems to be included in the code.
I am very happy that I don't have to alter anything in this extension!
Keep up the good work!
Owner's reply
Hi,
thanks for your kind review!
I am aware of this security "threat" and have already included a "black-list" for extensions in version 1.3 (are you using 1.2? In that case please upgrade to get the Black-list function).
I tested several different ways of securely detecting the type of file uploaded but I have not found any that would work on different PHP versions and/or platforms.
With the Black-list, even if an attacker fake their way by changing the content-type, they will not be able to change the fact that the extension is required for the file to be interpreted by the server and thus it is "pretty" safe.
Another way is to block "web access" for the upload directory using .htaccess but then again the content (like images) will not be available for web pages either.
Unfortunately there is no good way of doing this in PHP versions lower than 5.3 and even with 5.3 many hosting providers are not allowing the use of file objects or exec functions which would be used to verify the "real" mime type.
Regards,
Anders
The tool is easy to install and easy to use. One can adjust almost everything with many parameters. I had some questions and the response was very quick and very good. My special problems with my application were cleared up in one day. Thanks for the good job and the sharing with the community.
Thanks
Rudolf Aigner
Thanks
Rudolf Aigner
The module has a clean look. It even replaces the default "browse files" button of the user's browser, providing more consistency in the layout (otherwise the look of that button is browser-dependent, and it is very difficult to style it with css).
The French translation is also very good. I could use the module out of the box. My purpose was to allow users to upload audio/video excerpts (which they later integrate in their articles with AVReloaded).
So thanks to the developer for sharing this great extension !
The French translation is also very good. I could use the module out of the box. My purpose was to allow users to upload audio/video excerpts (which they later integrate in their articles with AVReloaded).
So thanks to the developer for sharing this great extension !
Hi all,
i am in the process of evaluating the various upload modules/components for Joomla in order to find one to suit my needs for my humble site.
I recommend simple file upload module.
It does what it says and works like a charm.
You don't have to mess with tons of options and surprise:
Andrew ,the developer ,will answer to your questions and will modify/correct the module if needed.
In my case he mailed me -on his initiative- and made fixes in just one day taking in serious regard my observations.
There is no manual because it is not needed.You don't have to read tons of pages to make it work.
You will have it up and running (AND modified to your needs) in minutes.
Thought i would recommend the creation of a support forum for this great module.
Regards,
the_observer.
i am in the process of evaluating the various upload modules/components for Joomla in order to find one to suit my needs for my humble site.
I recommend simple file upload module.
It does what it says and works like a charm.
You don't have to mess with tons of options and surprise:
Andrew ,the developer ,will answer to your questions and will modify/correct the module if needed.
In my case he mailed me -on his initiative- and made fixes in just one day taking in serious regard my observations.
There is no manual because it is not needed.You don't have to read tons of pages to make it work.
You will have it up and running (AND modified to your needs) in minutes.
Thought i would recommend the creation of a support forum for this great module.
Regards,
the_observer.
Owner's reply
Thanks, I really appreciate you taking the time to write the review!
You are not the first to ask for a support forum. The FAQ on my site has done it's work but with the added functionality for "User Defined Directory" and "User Named Directory" I have noticed that I do get a lot more questions... I will give it some thought and probably put something up on my site shortly...
Btw, the name's Anders, not Andrew... ;)
Best Regards,
Anders
After installing v2, I ran into a problem with trying to assign folders to users so they can upload to particular places. I sent an email to the developer and was REALLY, REALLY surprised that he responded! He worked with me through email after email to get it fixed and was very patient with me and my questions. It now works and I'm so happy! Thanks so much.
I just registered to write this review as I was so impressed with the response and help I got with installing this extension.
It does all I could ask (and more)!
I needed the more flexible user management to be able to point each users directory in different loccation and this module made it possible. I had to ask som help to do it but it was all in teh settings.
I could just ask for some better instrutions... but then again the developer helped out in just a few minutes.
Thanks for this great extension!
It does all I could ask (and more)!
I needed the more flexible user management to be able to point each users directory in different loccation and this module made it possible. I had to ask som help to do it but it was all in teh settings.
I could just ask for some better instrutions... but then again the developer helped out in just a few minutes.
Thanks for this great extension!
Hey thanks for the hard work on this. I was looking for something simple myself and you have the best solution out there on the Joomla extensions.
This is a bit crude in display, but with a little editing and tweaking on my end I can customize it. Functionality though seems to be working fine for me. Adjusting what file types are allowed is a breeze due to the pop-up letting you know exactly what isn't allowed. Just paste the string into the end of the list, and bingo its allowed.
One suggestion, when creating user directories I suggest that by default you automatically create an index.html file to be placed in the user directory created. This way you can keep the directory from being accessed from the URL bar.
Salud!
Peter (Big Screen Entertainment Group)
This is a bit crude in display, but with a little editing and tweaking on my end I can customize it. Functionality though seems to be working fine for me. Adjusting what file types are allowed is a breeze due to the pop-up letting you know exactly what isn't allowed. Just paste the string into the end of the list, and bingo its allowed.
One suggestion, when creating user directories I suggest that by default you automatically create an index.html file to be placed in the user directory created. This way you can keep the directory from being accessed from the URL bar.
Salud!
Peter (Big Screen Entertainment Group)
Owner's reply
Thanks for the feedback, Peter! I'm glad you like it!
In the latest release of v1.2 I have included the creation of a "index.html" file when SFU creates a new directory. (Thanks for the suggestion!)
Regards,
Anders
It's simply amazing what the developer has done in terms of modifying a Module. I had some problems getting the user directories working and the developer helped me out immediately. He let me in on his development system to let me view his settings for testing.
I must really let Anders know how much I appreciate the help!
TACK! (=Thank You in Swedish) :)
//Jonas
I must really let Anders know how much I appreciate the help!
TACK! (=Thank You in Swedish) :)
//Jonas
SFU is an awesome extension!
It's perfectly simple and if you find something that doesn't work just right, the developer will fix it. I personally had an issue with html email not formatting exactly right (which really doesn't matter since only you get the email anyway) but I let Anders know what was going on and he had a fix to me and loaded on his site for everyone else in less than a day. He also made a few other changes for me and had them to me in less than a few hours.
In my experience this developer is quick to respond to, and solve, issues as they come up.
All in all, the extension does exactly what the developer says.
It is a perfectly simple solution for allowing users to upload files to your site, it's free, and it's getting better with each new release.
Awesome job!
It's perfectly simple and if you find something that doesn't work just right, the developer will fix it. I personally had an issue with html email not formatting exactly right (which really doesn't matter since only you get the email anyway) but I let Anders know what was going on and he had a fix to me and loaded on his site for everyone else in less than a day. He also made a few other changes for me and had them to me in less than a few hours.
In my experience this developer is quick to respond to, and solve, issues as they come up.
All in all, the extension does exactly what the developer says.
It is a perfectly simple solution for allowing users to upload files to your site, it's free, and it's getting better with each new release.
Awesome job!
My client wanted to send me file which was about 10MB and he didnt want to send it by email, so I needed some solution where my client could log-in to my Website, and than to find option Upload files (which I put on my main menu and visible only to registered users) and this module made that possible in about 10-15 minutes!
I needed the ability to allow specific users the option to upload images. I wanted these images to only go to a folder that I specified for that specific user. This extension allowed me to do just that and very easily. Anders was extremely helpful and responsive when I needed some help for my particular setup. Thanks Anders.
I run a public school website in the US, and I needed my author-level users to be able to upload and link PDF files inside their articles without having me do it for them. This is the perfect extension for that! Why Joomla doesn't have this functionality at the core level is baffling. Anyway, Anders is super-fast at responding to questions - download this AND donate to his cause!
I came across your module when I was looking for a way to have users/guests securely upload files onto my server. Now your module was flawless and did exactly what its supposed to.
One suggestion for the future. You should work on a captcha system for security reasons. You don't want people spamming your uploader right? ;)
One suggestion for the future. You should work on a captcha system for security reasons. You don't want people spamming your uploader right? ;)
Page 3 of 4
