Wordpress Template With File Upload and Payment

Particular
Ulasan
Instalasi
Bantuan
Pengembangan

With this plugin you lot or other users can upload files to your site from any page, post or sidebar hands and securely.

But put the shortcode [wordpress_file_upload] to the contents of any WordPress page / post or add the plugin's widget in any sidebar and yous volition be able to upload files to whatever directory inside wp-contents of your WordPress site.

Yous tin can add together custom fields to submit boosted information together with the uploaded file.

You can use information technology to capture screenshots or video from your webcam and upload it to the website (for browsers that support this characteristic).

You lot tin even use it as a simple contact (or whatsoever other blazon of) course to submit data without including a file.

The plugin displays the list of uploaded files in a separate top-level menu in Dashboard and includes a file browser to access and manage the uploaded files (only for admins currently).

Several filters and deportment before and after file upload enable extension of its capabilities.

The characteristics of the plugin are:

Information technology uses the latest HTML5 engineering science, all the same it will also piece of work with erstwhile browsers and mobile phones.
It is compliant with the General Data Protection Regulation (GDPR) of the European Union.
Information technology can be added in posts, pages or sidebars (as a widget).
It tin can capture and upload screenshots or video from the device'due south camera.
It supports additional form fields (like checkboxes, text fields, e-mail fields, dropdown lists etc).
It can be used every bit a simple contact form to submit data (a selection of file tin can be optional).
It produces notification messages and eastward-mails.
It supports option of destination binder from a list of subfolders.
Upload progress can be monitored with a progress bar.
Upload process tin be cancelled at any time.
Information technology supports redirection to another url after successful upload.
There can be more one instances of the shortcode in the same folio or post.
Uploaded files can exist added to Media or be fastened to the current page.
Uploaded files can be saved to an FTP location (ftp and sftp protocols supported).
It is highly customizable with many (more 50) options.
It supports filters and actions before and subsequently file upload.
It contains a visual editor for customizing the plugin easily without any noesis of shortcodes or programming
It supports logging of upload events or direction of files, which can exist viewed by admins through the Dashboard.
It includes an Uploaded Files pinnacle-level menu item in the Dashboard, from where admins can view the uploaded files.
It includes a file browser in the Dashboard, from where admins can manage the files.
It supports multilingual characters and localization.

The plugin is translated in the following languages:

Portuguese, kindly provided by Rui Alao
German
French, kindly provided by Thomas Bastide of http://world wide web.omicronn.fr/ and improved past other contributors
Serbian, kindly provided by Andrijana Nikolic of http://webhostinggeeks.com/
Dutch, kindly provided by Ruben Heynderycx
Chinese, kindly provided past Yingjun Li
Spanish, kindly provided past Marton
Italian, kindly provided past Enrico Marcolini https://www.marcuz.it/
Polandia
Swedish, kindly provided by Leif Persson
Persian, kindly provided past Shahriyar Modami http://chabokgroup.com
Greek

Please notation that old desktop browsers or mobile browsers may non back up all of the above functionalities. In order to become full functionality use the latest versions browsers, supporting HTML5, AJAX and CSS3.

For additional features, such as multiple file upload, very big file upload, elevate and drop of files, captcha, detailed upload progress bars, list of uploaded files, image gallery and custom css please consider WordPress File Upload Professional.

Please visit the Other Notes section for customization options of this plugin.

Plugin Customization Options

Please visit the support page of the plugin for detailed description of customization options.

Requirements

The plugin requires to have Javascript enabled in your browser. For Net Explorer yous also need to have Active-Ten enabled.
Delight note that former desktop browsers or mobile browsers may not support all of the plugin'southward features. In lodge to become full functionality apply the latest versions of browsers, supporting HTML5, AJAX and CSS3.

First install the plugin using WordPress auto-installer or download the .zip file from wordpress.org and install it from the Plugins section of your Dashboard or copy wordpress_file_upload directory inside wp-contents/plugins directory of your wordpress site.
Activate the plugin from Plugins section of your Dashboard.
In order to use the plugin but go to the Dashboard / Settings / WordPress File Upload and follow the instructions in Plugin Instances or alternatively put the shortcode [wordpress_file_upload] in the contents of any page.
Open up the page on your browser and you will come across the upload form.
You tin can change the upload directory or any other settings hands by pressing the small edit push found at the left-top corner of the upload course. A new window (or tab) with popular up with plugin options. If yous do not run across the new window, adjust your browser settings to allow pop-up windows.
Full documentation about the plugin options can be found at https://wordpress.org/plugins/wp-file-upload/other_notes/ or at http://www.iptanus.com/wordpress-plugins/wordpress-file-upload/ (including the Pro version)

A getting started guide can exist found at http://www.iptanus.com/getting-started-with-wordpress-file-upload-plugin/

Volition the plugin piece of work in a mobile browser?: Yep, the plugins will piece of work in most mobile phones (has been tested in iOS, Android and Symbian browsers as well as Opera Mobile)
Practise I demand to have Wink to employ then plugin?: No, you do non need Flash to use the plugin.
I get a SAFE Fashion brake mistake when I try to upload a file. Is there an alternative?: Your domain has probably turned Safety Mode ON and you take restrictions uploading and accessing files. WordPress File Upload includes an alternative way to upload files, using FTP access. Simply add the aspect accessmethod="ftp" within the shortcode, together with FTP admission information in ftpinfo attribute.
Tin can I see the progress of the upload?: Yes, you can see the progress of the upload. During uploading a progress bar will appear showing progress info, however this functionality functions only in browsers supporting HTML5 upload progress bar.
Can I upload many files at the same time?: Yes, but not in the gratuitous version. If you want to allow multiple file uploads, please consider the Professional version.
Where do files become afterward upload?: Files by default are uploaded within wp-content directory of your WordPress website. To alter information technology utilize attribute uploadpath.
Can I see and download the uploaded files?: Administrators can view all uploaded files together with associated field data from the plugin'due south Settings in Dashboard. The Professional version of the plugin allows users to view their uploaded files, either from the Dashboard, or from a page or postal service.
Are at that place filters to restrict uploaded content?: Yes, you tin control allowed file size and file extensions by using the advisable aspect (run into Other Notes department).
Are in that location any upload file size limitations?: Yes, in that location are file size limitations imposed by the web server or the host. If you want to upload very big files, please consider the Professional version of the plugin, which surpasses size limitations.
Who can upload files?: By default all users tin can upload files. Y'all can define which user roles are allowed to upload files. Even guests can be allowed to upload files. If you want to allow only specific users to upload files, so please consider the Professional version of the plugin.
What security is used for uploading files?: The plugin is designed not to expose website sensitive information. It has been tested by experts and verified that protects against CSRF and XSS attacks. All parameters passing from server to client side are encoded and sanitized. For higher protection, similar apply of captcha, please consider the Professional version of the plugin.
What happens if connection is lost during a file upload?: In the free version the upload will fail. However in the Pro version the upload will resume and will continue until the file is fully uploaded. This is especially useful when uploading very large files.
The plugin does not look nice with my theme. What tin can I do?: There is an selection in plugin's settings in Dashboard to relax the CSS rules, so that buttons and text boxes inherit the theme's styles. If boosted styling is required, this tin can be done using CSS. The Professional version of the plugin allows CSS rules to be embed in the shortcode.

I've spent almost month trying to become this to work. Information technology doesn't upload to the specified path. Back up is very unresponsive. Requesting a total refund.

Dear plugin author, how on earth could yous hardcode the css into wfu_template.php? WHY? Inline css is a very bad practice. Apart from that, thanks for nice plugin.

Simply doesn't work. I add together the shortcode to the page, and then exam it. Click on the file upload push, choose the file I want to upload, and so click 'Open'. Goes dorsum to the chief page and nothing there. Information technology doesn't show the file I just chose. Tin't upload. Waste product of time.

This plugin seems to be exactly what I demand. Haven't had the gamble to use it that much all the same but will likely consider getting the Professional Version. It seems to non work with some plugins, for example Elementor, which is fine. Just create a dissever page for uploading without such plugins.

It took a bit to wrap my head around all of the configuration possibilities, but information technology's well worth the learning bend. Once yous see everything it can do and how to do it, I tin't imagine very many scenarios this plugin couldn't cover. If there was whatever gripe at all, information technology would be that the documentation is a flake scattered nigh. Have your fourth dimension to set this upward properly and you'll be happy yous did. Five Stars!

Baca semua 107 ulasan

"WordPress File Upload" adalah perangkat lunak open source. Berikut ini mereka yang sudah berkontribusi pada plugin ini.

Kontributor

nickboss

iv.sixteen.3

improved sanitization and escaping of shortcode attributes to avoid XSS attacks
file type .svg moved to blacklist to avoid XSS attacks coming from scripts within SVG files
added security check to forbid uploads inside wp-content/plugin directory
improved handling of videoname and imagename file uploader shortcode attributes to avoid directory traversal attacks
improved /lib and /extensions loader to avoid arbitrary lawmaking execution through injected prototype files
all wfu_blocks.php functions became redeclareable

4.16.2

minor bug fixes in Pro version

4.xvi.1

corrected $_SESSION variable problem in maintenance purge office

4.xvi.0

visual editor edit button misalignment fixed
corrected repeat problem when recording from webcam with audio

4.fifteen.0

COOKIEHASH bug corrected
credentials in FTP paths are stripped from the paths
corrected File Detais to File Details
regex "/(.)<\/style><script.?>(.)<\/script>(.)/s" changed to "/(.)<\/style>.?<script.?>(.)<\/script>(.*)/s" in functions.php
corrected observe: Undefined index: post in wfu_admin.php when the website has no posts

four.xiv.4

restored .po files in languages and then that users can change translations

4.14.3

slight change in wfu_get_filtered_recs to handle cases where b.date_from is null
code improvements to increase loading speed of plugin'southward file browser
added wfu_mime_content_type() part that uses several methods to become MIME type of a file

4.14.2

code improved and then that upload bulletin colors correctly adjust to shortcode color settings
slight modifications to upload message colors while upload is in progress
plugin cookie names adapted in case COOKIEHASH does not exist
corrected problems of the new plugin updater causing a warning when there are plugins that practice not have their ain subdirectory
endmost tags removed from all PHP files to avoid "Headers already sent" errors
corrected bug where the uploads counter was showing to non-administrators
wfu_log_action and wfu_process_files functions became redeclarable
removed debug_log from wfu_process_files_queue
consent Yes/No question was added in translation
corrected locale of Greek translation

4.14.1

fix webcam play button bug
corrected consequence with implode() function of minifier library appearing in websites having PHP > 7.4.2
wfu_admin.php modified to use wfu_ajaxurl() function

4.fourteen.0

minor fixes of bugs and code improvements.

4.13.ane

file checking of uploaded files hardened to improve handle xss attacks coming through uploaded image files.

4.13.0

corrected security vulnerability where remote code could be executed using directory traversal method. Credits to p4w security expert for identifying the vulnerability.
improved user cheque algorithm during upload, related to upload parameters array
corrected bug where Restricted Page Loading was working only for pages, all other post types were loading the plugin files as if there was no restriction

4.12.2

corrected bug where files could not exist downloaded in some server environments when dboption user land handler was enabled

four.12.1

corrected issues where files could not be downloaded from Dashboard / Uploaded Files page

4.12.0

corrected issues where consign data file was non deleted after download
corrected problems in FTP credentials configurator about double backslash (\) upshot
added cookies user state handler that has been integrated with dboption as 'Cookies (DBOption)' to comply with WordPress directives not to use session
'Cookies (DBOption)' user state handler has been ready as the default i
added avant-garde option WFU_US_DBOPTION_BASE and so that dboption tin can also work with session
added advanced option WFU_US_SESSION_LEGACY to use the erstwhile session functionality of the plugin, having session_start() in header
added auto-aligning of user land handler to 'dboption' during activation (or update) of the plugin
bug "Fault: [] roll mistake 28" in WordPress Site Wellness disappears when setting user land handler to 'Cookies (DBOption)' or when WFU_US_SESSION_LEGACY advanced option is false
added the ability to run PHP processes in queue, which is necessary for correctly treatment uploads when user land handler is dboption

iv.11.2

added easier configuration of FTP Credentials (ftpinfo) attribute of the uploader shortcode

4.11.1

corrected problems in functions wfu_manage_mainmenu() and wfu_manage_mainmenu_editor() that were echoing and non returning the generated HTML
added set up for compatibility with Fast Velocity Minify plugin

four.11.0

code improved then that shortcode composer tin can be used past all users who can edit pages (and not merely the admins)
added environment variable 'Bear witness Shortcode Composer to Non-Admins' to control whether non-admin users can edit the shortcodes
added filtering of get_users() office in club to handle websites with many users more efficiently
added notification in shortcode composer if user leaves page without saving
corrected bug where restricted frontend loading of the plugin was not working for websites installed in localhost due to incorrect calculation of request uri

iv.10.3

added the ability to move i or more files to another folder through the File Browser feature in Dashboard area of the plugin
improved responsiveness of shortcode composer and Primary Dashboard page of the plugin
problems set in wfu_revert_log_action

iv.10.2

added wordpress_file_upload_preload_check() function in main plugin file to avert conflicts of variable names with WordPress
updated webcam code to address createObjectURL Javascript error that prevents webcam feature to work in latest versions of browsers

4.10.1

code modified so that vendor libraries are loaded simply when necessary
improved procedure of deleting all plugin options
added honeypot field to userdata fields; this is a security characteristic, in replacement of captchas, invisible to users that prevents bots from uploading files
added aspect 'Consent Denial Rejects Upload' in uploader shortcode Personal Data tab to finish the upload if the consent answer is no, likewise as 'Reject Message' attribute to customize the upload rejection bulletin shown to the user
added attribute 'Do Not Recollect Consent Answer' in uploader shortcode Personal Data tab to show the consent question every time (and not merely the kickoff time)
attribute 'Preselected Answer' in uploader shortcode Personal Data tab modified to be compatible with either checkbox or radio Consent Format
upload result message adjusted to prove the correct upload status in case that files were uploaded just were not saved due to Personal Data policy
code improved for sftp uploads to handle PECL ssh2 bug #73597

4.10.0

plugin code improved to back up files containing single quote characters (') in their filename
corrected bug where plugin was deactivated after update

4.9.ane

added Maintenance activeness 'Purge All Data' that entirely erases the plugin from the website and deactivates it
added advanced choice 'Hibernate Invalid Uploaded Files' and then that Uploaded Files folio in Dashboard can show merely valid uploads
added advanced choice 'Restrict Front-Finish Loading' to load the plugin only on specific pages or posts in gild to reduce unnecessary workload on pages non containing the plugin
lawmaking improved for better operation of the plugin when the website works behind a proxy
added option in Clean Log to erase the files together with plugin information

4.nine.0

code farther improved to reduce "Iptanus Server unreachable…" errors
checked Weglot Interpret compatibility; /wp-admin/admin-ajax.php needs to be added to Exclusion URL list of Weglot configuration so that uploads can work
several significant additions in the Pro version, including Microsoft OneDrive integration

4.eight.0

added particular in Admin Bar that displays number of new uploads and redirects to Uploaded Files Dashboard page
lawmaking improved in Uploaded Files Dashboard folio so that download activeness directly downloads the file, instead of redirecting to File Browser
added Advanced pick 'WFU_UPLOADEDFILES_COLUMNS' that controls the guild and visibility of Uploaded Files Dashboard folio columns
added Advanced option 'WFU_UPLOADEDFILES_ACTIONS' that controls the order and visibility of Uploaded Files Dashboard folio file actions
added several filters in Uploaded Files Dashboard folio to make it more customizable
PHP function redeclaration arrangement significantly improved to support arguments by reference, execution afterward the original function and redeclaration of variables
code improved to reduce "Iptanus Server unreachable…" errors (improve functioning of verify_peer http context property)
added a link in Iptanus Unreachable Server fault bulletin to an Iptanus article describing how to resolve it

4.7.0

added Uploaded Files pinnacle-level Dashboard card item, showing all the uploaded files and highlighting the new ones
added Portuguese translation from Rui Alao
checked and verified compatibility with Gutenberg
plugin initialization actions moved to plugins_loaded filter
fixed bug clearing userdata fields when Select File is pressed
File Browser and View Log tables modified to become more responsive especially for pocket-size screens

4.6.2

corrected consent_status warning when updating user profile and Personal Data is off
user fields code improved for better data autofill behaviour

iv.half-dozen.1

added uploader shortcode attribute 'resetmode' to control whether the upload course will be reset after an upload
added pagination in File Browser tab in Dashboard expanse of the plugin

4.6.0

corrected slash (/) parse Javascript error near 'fakepath' appearring on some situations
added nonces in Maintenance Deportment to increment security
improved code in View Log so that no links appear to invalid files
improved code in View Log then that when the admin opens a file link to view file details, 'go back' button will lead back to the View Log folio and not to File Browser
improved lawmaking in 'Clean Log' button in Maintenance Actions in Dashboard expanse of the plugin, then that the admin can select the period of clean-upwards

iv.five.one

lawmaking improved in wfu_js_decode_obj part for better compatibility with Safari browser
code improved to sanitize all shortcode attributes earlier uploader class or file viewer is rendered
removed external references to code.jquery.com and cdnjs.cloudflare.com for better compliance with GDPR

four.5.0

added bones compliance with GDPR
added several shortcode attributes to configure personal data consent appearance and behaviour
added area in User Profile from where users can review and change their consent status
added Personal Information option in Settings that enables personal data operations
added Personal Data tab in plugin's area in Dashboard from where administrators tin can export and erase users' personal data
corrected bug not accepting subfolder dimensions when subfolder element was agile

4.four.0

added culling user state handler using DB Options table in gild to overcome problems with session variables actualization on many spider web servers

iv.3.4

all Settings sanitized correctly to forbid XSS attacks – credits to ManhNho for mentioning this trouble

4.3.three

all shortcode attributes sanitized correctly to close a serious security hole – credits to ManhNho for mentioning this problem

4.3.2

fixed problems in wfu_before_upload and wfu_after_upload filters that was breaking JS scripts if they contained a closing bracket ']' symbol

iv.3.i

added placeholder selection in available label positions of additional fields; label will be the placeholder attribute of the field

4.iii.0

stock-still bug where ftp credentials did not piece of work when username or password contained (:) or (@) symbols
RegExp fix for wfu_js_decode_obj function for improved compatibility with caching plugins
corrected WFU_Original_Template::get_instance() method considering information technology e'er returned the original class
View Log page improved so that displayed boosted user fields of an uploaded file are not cropped

4.2.0

changed logic of file sanitizer; dots in filename are by default converted to dashes, in order to avert upload failures caused when the plugin detects double extensions
corrected bug where a Javascript error was generated when askforsubfolders was disabled and showtargetfolder was agile
added css and js minifier in inline code
plugin modified and so that the shortcodes render correctly either Javascript loads early (in header) or belatedly (in footer)
plugin modified then that Media tape is deleted when the associated uploaded file is deleted from plugin'southward database
corrected problems where some plugin images were not loaded while Relax CSS option was inactive

iv.i.0

changed logic of file sanitizer; dots in filename are past default converted to dashes, in social club to avoid upload failures caused when the plugin detects double extensions
added advanced option WFU_SANITIZE_FILENAME_DOTS that determines whether file sanitizer volition sanitize dots or not
timepicker script and style replaced by most recent version
timepicker script and way files removed from plugin and loaded from cdn
json2 script removed from plugin and loaded from WordPress registered script
JQuery UI style updated to latest i.12.1 minified version
added wfu_before_admin_scripts filter before loading admin scripts and styles in order to control incompatibilities
removed getElementsByClassName-1.0.1.js file from plugin, getElementsByClassName function was replaced by DOM querySelectorAll
corrected bug showing warning "Detect: Undefined variable: page_hook_suffix…" when a non-admin user opened Dashboard
corrected fatal mistake "func_get_args(): Tin can't exist used as a part parameter" appearing in websites with PHP lower than 5.three
added _wfu_file_upload_hide_output filter that runs when plugin should not exist shown (e.g. for users not inluded in uploadroles), in gild to output custom HTML
corrected bug where email fields were always validated, even if validate option was not activated
corrected issues where number fields did not allow invalid characters, even if typehook choice was not activated
corrected issues where email fields were not allowed to be ampty when validate option was activated
corrected fault T_PAAMAYIM_NEKUDOTAYIM appearing when PHP version is lower than 5.3
corrected bug with random upload fails caused when params_index corresponds to more than ane params

4.0.1

translation of the plugin in Persian, kindly provided past Shahriyar Modami http://chabokgroup.com
corrected issues where notification e-mail was not sending atachments
corrected bug not cleaning log in Maintenance Deportment

4.0.0

huge renovation of the plugin, the UI code has been rewritten to return based on templates
code modified so that it can correctly handle sites where content dir is explicitly defined
corrected bug in Dashboard file editor so that it can work when the website is installed in a subdirectory
corrected warnings showing when editing a file that was included in the plugin's database
added filter in get_posts then that it does not cause problems when at that place are too many pages/posts
bug fixes and so that forcefilename works better and does not strip spaces in the filename
code improved to protect from hackers trying to use the plugin as email spammer
added advanced variable Force Electronic mail Notifications so that email can be sent even if no file was uploaded
corrected problems not showing sanitized filanames correctly in e-mail
corrected bug so that dates prove-up in local time and not in UTC in Log Viewer, File Browser and File Editor
fixed issues showing "Warning: Missing argument two for wpdb::prepare()" when cleaning up the log in Maintenance Actions
corrected bug where when configuring subfolders with visual editor the subfolder dialog showed unknown error
corrected bug where the Select File button was non locked during upload in case of classical HTML (no-ajax) uploads
added cancel button functionality for classic no-ajax uploads
added back up for Secure FTP (sftp) using SSH2 library
successmessagecolor and waitmessagecolors attributes are hidden as they are no longer used

3.11.0

added the ability to submit the upload form without a file, just similar a contact form
added attribute allownofile in uploader shortcode; if enabled and then the upload grade can exist submitted without selection of a file
added wfu_before_data_submit and wfu_after_data_submit filters which are invoked when the upload form is submitted without a file
added advanced debug options for more comprehensive and deep troubleshooting
added internal filters for advanced hooking of ajax handlers
stock-still several security problems
fixed problems that was generating an error when automated subfolders were activated and the upload folder did not exist
corrected bug where unmarried quote, double quote and backslash characters in user fields were not saved correctly (they were escaped)
stock-still bug where whatsoever changes made to the user data (east.g. through a filter) were not included in the email bulletin
added unique_id variable in wfu_before_file_check and wfu_after_file_upload filters
changed column titles in the tables of plugin instances in Main tab in Dashboard
stock-still bug where if a user field was modified from the file editor, custom columns were changing order

iii.10.0

an culling Iptanus server is launched in Google Cloud for resolving the notorious error "file_get_contents(https://services2.iptanus.com/wp-admin/admin-ajax.php): failed to open up stream: Connection timed out."
added option 'Use Alternative Iptanus Server' in Settings to switch to the culling Iptanus Server
added avant-garde option 'Culling Iptanus Server' that points to an alternative Iptanus Server
added advanced option 'Culling Iptanus Version Server' that points to the alternative Iptanus Server URL returning the latest plugin version
an fault is shown in the Main folio of the plugin in Dashboard if Iptanus Server is unreachable
a alert is shown in the Principal page of the plugin in Dashboard if an alternative insecure (http) Iptanus Server is used
culling fix of error accessing https://services2.iptanus.com for cURL (past disabling CURLOPT_SSL_VERIFYHOST) and for sockets by employing a meliorate parser of socket response
added Swedish translation, kindly provided by Leif Persson
improved ftp functionality and then that ftp folders can be created recursively

3.ix.6

added internal filter _wfu_file_upload_output before echoing uploader shortcode html
added ability to change the order of additional user fields in shortcode visual editor

3.9.5

added surroundings variable 'Upload Progress Way' that defines how upload progress is calculated
improved progress bar adding
minor bug fixes in AJAX functions mentioned by Hanneke Hoogstrate http://world wide web.blagoworks.nl/

three.nine.4

added option to enable admin to change the upload user of a file
lawmaking improvements and problems fixes related to file download feature
lawmaking improvements related to clean database role
added Italian translation

3.9.3

added option to allow loading of plugin'south styles and scripts on the forepart-end but for specific posts/pages through wfu_before_frontpage_scripts filter
fixed issues where when uploading big files with identical filenames and 'maintain both' choice, non all would exist saved separately
two advanced variables were added to permit the admin alter the export function separators

3.9.two

added environment variable to enable or disable version bank check, due to access issues of some users to Iptanus Services server
added timeout selection to wfu_post_request office
added Spanish translation, kindly provided past Marton

3.nine.ane

temporary gear up to accost result with plugin'south Chief page in Dashboard not loading, by disabling plugin version check
correct Safari problem with extra spaces in success bulletin coming from force_close_connection
right bug where when extension has capital letters information technology is rejected

three.9.0

a big number of extensions have been blacklisted for preventing upload of potentially dangerous files
the plugin volition non allow inclusion, renaming or downloading of files with blacklisted extensions based on the new list
if no upload extensions are defined or the uploadpattern is besides generic, then the plugin will allow just specific extensions based on a white listing of extensions; if the administrator wants to include more than extensions he/she must declare them explicitely
the utilise of the wildcard asterisk symbol has become stricter, asterisk will match all characters except the dot (.), so the default . pattern volition allow but 1 extension in the filename (and not more every bit happened and so far).
added surround variable 'Wildcard Asterisk Mode' for defining the mode of the wildcard asterisk symbol. If it is 'strict' (default) and then the asterisk will not match dot (.) symbol. If it is 'loose' then the asterisk volition friction match whatsoever characters (including dot).
slight bug fixes so that wildcard syntax works correctly with square brackets
added maximum number of uploads per specific interval in order to avoid DDOS attacks
added surroundings variables related to Denial-Of-Service attacks in order to configure the behaviour of the DOS attack checker
issues fix of wfu_before_file_upload filter that was non working correctly with files larger than 1MB

3.8.5

added bulk actions characteristic in File Browser in Dashboard for admins
added delete and include majority actions in File Browser
improvement of column sort functionality of File Browser
added environment variable 'Use Alternative Randomizer' in order to make cord randomizer function piece of work for fast browsers
uploadedbyuser and userid fields became int to cope with big user ID numbers on some WordPress environments

3.8.4

dublicatespolicy aspect replaced past grammaticaly correct duplicatespolicy, however astern compatibility with the erstwhile attribute is maintained

3.8.3

fixed bug of subdirectory selector that was not initializing correctly later on upload
stock-still slight widget incompatibility with customiser
stock-still bug of elevate-n-drop feature that was not working when singlebutton functioning was activated

iii.viii.two

fixed bug in wfu_after_file_loaded filter that was not working and was overriden past obsolete wfu_after_file_completed filter
added option in plugin'southward Settings in Dashboard to include additional files in plugin's database
added feature in Dashboard File Browser for admins to include boosted files in plugin's database

three.8.1

stock-still bug with duplicate userdata IDs in HTML when using more than one userdata occurrences

3.viii.0

added webcam option that enables webcam capture functionality
added webcammode atribute to define capture manner (screenshots, video or both)
added audiocapture aspect to define if audio will be captured together with video
added videowidth, videoheight, videoaspectratio and videoframerate attributes to constrain video dimensions and frame charge per unit
added camerafacing attribute to define the photographic camera source (front or back)
added maxrecordtime attribute to define the maximum record fourth dimension of video
added uploadmediabutton, videoname and imagename attributes to define custom webcam-related labels
fixed bug that strips non-latin characters from filename when downloading files

3.seven.iii

improved filename sanitization function
added Chinese translation by Yingjun Li

iii.vii.ii

added choice to cancel upload
setting added then that upload does not fail when site_url and home_url are different
added attribute requiredlabel in uploader'due south shortcode that defines the required keyword
required keyword can now be styled separately from the user field label
add user fields in Media together with file
setting added so that userdata fields are shown in Media Library or not
added Dutch translation past Ruben Heynderycx

3.vii.1

internal code modifications and slight bug corrections

three.vii.0

significant code modifications to make the plugin pluggable, invisible to users
addition of before and later upload filters
correction of small bug in Shortcode Composer of File Viewer

3.6.1

Iptanus Services server for getting version info and other utilities is at present secure (https)
fixed bug with wfu_path_abs2rel role when ABSPATH is simply a slash
additional fixes and new features in Professional version

three.6.0

French translation improved
correction of modest issues at wfu_functions.php
lawmaking improvements in upload algorithm
wp_check_filetype_and_ext cheque moved subsequently completion of file
added wfu_after_file_complete filter that runs right later on is fully uploaded
improved appearance of plugin's expanse in Dashboard

iii.five.0

textdomain changed to wp-file-upload to support the translation characteristic of wordpress.org
added option in Maintenance Deportment of plugin's area in Dashboard to export uploaded file data
added pagination of non-admin logged user's Uploaded Files Browser
added pagination of front-finish File Listing Viewer
added pagination of user permissions tabular array in plugin's Settings
added pagination of Log Viewer
corrected bug in View Log that was not working when pressing on the link
improvements to View Log feature
improvements to file download role to avert corruption of downloaded file due to set_time_limit function that may generate warnings
added wfu_before_frontpage_scripts filter that executes right before frontpage scripts and styles are loaded
added functionality to avoid incompatibilities with NextGen Gallery plugin

three.4.i

plugin'south security improved to reject files that contain .php.js or like extensions

3.four.0

added fitmode attribute to make the plugin responsive
added widget "WordPress File Upload Grade", so that the uploader can exist installed in a sidebar
changes to Shortcode Composer and so that it can edit plugin instances existing in sidebars equally widgets
changes to Uploader Instances in plugin's area in Dashboard to show likewise instances existing within sidebars
added the ability to ascertain dimensions (width and height) for the whole plugin
dimensioning of plugin's elements improved when fitmode is prepare to "responsive"
filter and not-object warnings of front-end file browser, appearing when DEBUG mode is ON, removed
bug fixed to front-terminate file browser to hide Shortcode Composer button for non-admin users
logic changed to front end-end file browser to allow users to download files uploaded by other users
code changed to forepart-end file browser to show a bulletin when a user attempts to delete a file that was not uploaded by him/her

3.3.1

issues corrected that was breaking plugin operation for php versions prior to 5.three
added a "Maintenance Actions" department in plugin's Dashboard page
added choice in plugin's "Maintenance Actions" to completely clean the database log

3.iii.0

userdatalabel aspect changed to allow many field types
added the post-obit user data field types: uncomplicated text, multiline text, number, electronic mail, confirmation email, countersign, confirmation countersign, checkbox, radiobutton, date, time, datetime, listbox and dropdown listing
added several options to configure the new user data fields: label text (to ascertain the label of the field), label position (to ascertain the position of the label in relation to the field), required option (to define if the field needs to be filled before file upload), practice-not-autocomplete option (to foreclose the browsers for completing the field automatically), validate selection (to perform validity checks of the field earlier file upload depending on its type), default text (to ascertain a default value), group id (to grouping fields together such as multiple radio buttons), format text (to define field formatting depending on the field blazon), typehook option (to enable field validation during typing within the field), hint position (to ascertain the position of the bulletin that volition be shown to prompt the user that a required field is empty or is non validated) too equally an choice to ascertain additional data depending on the field type (due east.thou. define listing of items of a listbox or dropdown listing)
Shortcode Composer changed to support the new user data fields and options
placement attribute can accept more than one instances of userdata
fixed problems non showing date selector of appointment fields in Shortcode Composer when working with Firefox or IE browsers
in some cases required userdata input field will turn red if non populated
shortcode_exists and wp_slash fixes for working before 3.6 WordPress version
pocket-sized issues fixes

3.2.ane

removed 'form-field' class from admin tabular array tr elements
corrected bug that was causing problems in uploadrole and uploaduser attributes when a username or role contained uppercase letters
uploadrole and uploaduser attributes logic modified; guests are allowed simply if 'guests' word is included in the aspect
modifications to the download functionality script to be more robust
corrected bug that was not showing options beneath a line item of admin tables in Net Explorer
several feature additions and bug fixes in Professional version

iii.2.0

added selection in plugin'south settings to relax CSS rules so that plugin inherits theme styling
modifications in html and css of editable subfolders feature to look better
modifications in html and css of prompt message when a required userdata field is empty
PLUGINDIR was replaced past WP_PLUGIN_DIR so that the plugin tin can work for websites where the contents dir is other than wp-content
fixed bug that was not allowing Shortcode Composer to launch when the shortcode was too big
fixed bug that was causing front end-end file list not to work properly when no instance of the plugin existed in the same page / post

3.1.2

important problems detected and fixed that was stripping slashes from mail or folio content when updating the shortcode using the shortcode composer

3.ane.1

the previous version broke the easy creation of shortcodes through the plugin's settings in Dashboard and information technology has been corrected, together with some improvements

3.i.0

an important feature (front-end file browser) has been added in professional version iii.1.0
added port number support for uploads using ftp mode
corrected bug that was not showing correctly in file browser files that were uploaded using ftp fashion
eliminated confirmbox warning showing in page when website's DEBUG mode is ON
eliminated warning: "Invalid argument supplied for foreach() in …plugins/wordpress-file-upload-pro/lib/wfu_admin.php on line 384"
eliminated warning: "Discover: Undefined index: postmethod in /var/www/wordpress/wp-content/plugins/wordpress-file-upload-pro/lib/wfu_functions.php on line 1348"
eliminated warnings in plugin'south settings in Dashboard

3.0.0

major version number has avant-garde because an important feature has been added in Pro version (logged users tin browse their uploaded files through their Dashboard)
several code modifications in file browser to brand the plugin more secure confronting hacking, some functionalities in file browser have slightly changed
new file browser cannot edit files that were not uploaded with the plugin and it cannot edit or create folders
upload path cannot be outside the wordpress installation root
files with extension php, js, pht, php3, php4, php5, phtml, htm, html and htaccess are forbidden for security reasons

two.7.6

added functionality in Dashboard to add the plugin to a folio automatically
fixed bug that was not showing the Shortcode Composer because the plugin could not observe the plugin instance when the shortcode was nested in other shortcodes

2.7.5

added German and Greek translation

2.7.4

added Serbian translation thanks to Andrijana Nikolic from http://webhostinggeeks.com/
bug ready with %blogid%, %pageid% and %pagetitle% that where not implemented in notification emails
in unmarried button operation selected files are removed in instance that a subfolder has not been previously selected or a required user field has non been populated
bug stock-still in single file operation that allowed selection of multiple files through elevate-and-drib
bug fixed with files over 1MB that got corrupted when maintaining files with same filename
dummy (test) Shortcode Composer push removed from the plugin's Settings as information technology is no longer useful
added support for empty (zero size) files
many code optimizations and security enhancements
fixed javascript errors in IE8 that were breaking upload performance
code improvements to avert brandish of session warnings
added %username% in redirect link
added pick in plugin's Settings in Dashboard to select alternative POST Upload method, in order to resolve errors like "http:// wrapper is disabled in the server configuration by allow_url_fopen" or "Telephone call to undefined role curl_init()"
added filter action wfu_after_upload, where the admin can define additional javascript code to be executed on user'due south browser later on each file is finished

two.vii.3

important bug fix in Pro version
added wfu_before_email_notification filter
corrected bug not showing correctly special characters (double quotes and braces) in email notifications

2.7.2

of import bug fix in Pro version, very slight changes in free version

ii.7.1

fixed issues with faulty plugin instances appearing when Woocommerce plugin is also installed
Upload of javascript (.js) files is non immune for avoiding security issues
fixed bug with medialink and postlink attributes that were not working correctly
when medialink or postlink is activated, the files will be uploaded to the upload folder of WP website
when medialink or postlink is activated, subfolders will exist deactivated
added selection in subfolders to enable the list to populate automatically
added option in subfolders the user to exist able to type the subfolder
wfu_before_file_check filter can modify the target path (non just the file proper noun)

two.vii.0

corrected bug when deleting plugin instance from the Dashboard
corrected bug not finding "loading_icon.gif"

2.6.0

full redesign of the upload algorithm to become more robust
added improved server-side handling of big files
plugin shortcodes can be edited using the Shortcode Composer
added visual editor push on the plugin to enable administrators to change the plugin settings easily
corrected bug causing sometimes database overloads
slight improvements of subfolder option
improvements to avoid code breaking in ajax calls when there are php warnings or echo from WordPress environment or other plugins
improvements and problems fixes in uploader when classic (no AJAX) upload is selected
eliminated php warnings in shortcode composer
corrected problems that was not correctly downloading files from the plugin'due south File Browser
added better security when downloading files from the plugin'southward File Browser
fixed bug not correctly showing the user that uploaded a file in the plugin's File Browser
use of curl to perform server http requests was replaced past native php considering some web servers do not have CURL installed
corrected bug in shortcode composer where userdata fields were not shown in variables drib down
added characteristic that prevents page closing if an upload is on progress
added forcefilename attribute to avoid filename sanitization
added ftppassivemode attribute for enabling FTP passive mode when FTP method is used for uploading
added ftpfilepermissions attribute for defining the permissions of the uploaded file, when using FTP method
javascript and css files are minified for faster loading

2.5.five

fixed serious issues not uploading files when captcha is enabled
fixed bug not redirecting files when electronic mail notification is enabled

2.v.4

mitigated consequence with "Session failed" errors appearing randomly in websites
fixed issues not applying %filename% variable within redirect link
stock-still bug not applying new filename, which has been modified with wfu_before_file_upload filter, in electronic mail notifications and redirects
fixed bug where when 2 big files were uploaded at the same time and 1 failed due to failed chunk, so the progress bar would non go to 100% and the file would not be shown as cancelled

2.5.3

fixed bug non allowing redirection to work
fixed bug that was including failed files in electronic mail notifications on certain occasions
default value for uploadrole changed to "all"

2.5.ii

fixed of import bug in gratis version not correctly showing message later failed upload

2.5.1

fixed important bug in costless version giving the same name to all uploaded files
fixed bug in free version not immigration completely the plugin cache from previous file upload

2.5.0

major redesign of upload algorithm to accost upload issues with Safari for Mac and Firefox
files are showtime checked past server before actually uploaded, in club to avoid uploading of large files that are invalid
modifications to progress bar code to brand progress bar smoother
restrict upload of .php files for security reasons
fixed bug non showing correctly userdata fields inside email notifications when using ampersand or other special characters in userdata fields

two.4.6

variables %blogid%, %pageid% and %pagetitle% added in email notifications and subject and %dq% in subject
corrected problems that was breaking Shortcode Composer when using more ten attributes
corrected problems that was rejecting file uploads when uploadpattern attribute independent blank spaces
several code corrections in order to eliminate PHP warning messages when DEBUG way is on
several lawmaking corrections in order to eliminate warning letters in Javascript

two.4.5

correction of bug when using userfields within notifyrecipients

2.4.4

intermediate update to make the plugin more immune to hackers

2.4.three

correction of issues to let uploadpath to receive userdata as parameter

2.4.two

intermediate update to address some vulnerability issues

2.4.1

added filters and actions before and after each file upload – check below Filters/Actions department for instructions how to use them
added storage of file info, including user data, in database
added logging of file actions in database – admins tin view the log from the Dashboard
admins tin automatically update the database to reflect the current status of files from the Dashboard
file browser improvements then that more information most each file (including any user data) are shown
file browser improvements so that files can be downloaded
filelist improvements to display correctly long filenames (Pro version)
filelist improvements to distinguish successful uploads from failed uploads (Pro version)
improvements of chunked uploads so that files that are not allowed to exist uploaded are cancelled faster (Pro version)
corrected incorrect check of file size limit for chunked files (Pro version)
added postlink attribute so that uploaded files are linked to the current page (or post) as attachments
added subfolderlabel attribute to define the label of the subfolder selection feature
several improvements to subfolder pick feature
default value added to subfolder choice feature
definition of the subfoldertree attribute in the Shortcode Composer is now done visually
%userid% variable added inside uploadpath attribute
userdata variables added inside uploadpath and notifyrecipients attributes
uploadfolder_label added to dimension items
user fields feature improvements
user fields label and input box dimensions are customizable
captcha prompt characterization dimensions are customizable (Pro version)
added gallery attribute to permit the uploaded files to be shown as image gallery beneath the plugin (Pro version)
added galleryoptions attribute to define options of the image gallery (Pro version)
added css attribute and a delicate css editor within Shortcode Composer to allow meliorate styling of the plugin using custom css (Pro version)
email feature improved in conjunction with redirection
improved interoperability with WP-Filebase plugin
improved functionality of costless text attributes (similar notifymessage or css) by allowing double-quotes and brackets inside the text (using special variables), that were previously breaking the plugin

2.iii.one

added option to restore default value for each attribute in Shortcode Composer
added support for multilingual characters
correction of bug in Shortcode Composer that was not assuasive attributes with singular and plural grade to be saved
correction of bug that was non changing errormessage aspect in some cases

2.2.3

correction of bug that was freezing the Shortcode Composer in some cases
correction of bug with successmessage attribute

ii.2.2

serious bug fixed that was breaking operation of Shortcode Composer and File Browser when the WordPress website is in a subdirectory

2.ii.1

added file browser in Dashboard for admins
added attribute medialink to allow uploaded files to exist shown in Media
serious bug stock-still that was breaking the plugin because of preg_replace_callback function
corrected mistake in first endeavour to upload file when captcha is enabled

2.ane.3

variables %pagetitle% and %pageid% added in uploadpath.
problems fixes when working with IE8.
Shortcode Composer saves selected options
Easier handling of userdata variables in Shortcode Composer
correction of bug that allowed debugdata to exist shown in non-admin users
reset.css removed from plugin as it was causing breaks in theme's css
correction of bug with WPFilebase Manager plugin

ii.one.ii

Several bug fixes and code reconstruction.
Lawmaking modifications then that the plugin can operate fifty-fifty when DEBUG style is ON.
New attribute debugmode added to allow better debugging of the plugin when there are errors.

2.1.1

Bug fixes with broken images when WordPress website is in a subdirectory.
Replacement of glob role because is not immune by some servers.

2.0.two

Bug fixes in Dashboard Settings Shortcode Composer.
Correction of important bug that was breaking page in some cases.
Small-scale improvements of user data fields and notification e-mail attributes.

2.0.i

This is the initial release of WordPress File Upload. Since this plugin is the successor of Inline Upload, the whole changelog since the cosmos of the later is included.

Proper noun of the plugin inverse to WordPress File Upload.
Plugin has been completely restructured to allow additional features.
A new more than advanced message box has been included showing information in a more structured mode.
Fault detection and reporting has been improved.
An administration folio has been created in the Dashboard Settings, containing a Shortcode Composer.
Some more than options related to configuration of message showing upload results accept been added.
Several bug fixes.

1.7.fourteen

Userdata attribute changed to allow the creation of more than fields and required ones.
Castilian translation added thanks to Maria Ramos of WebHostingHub.

i.7.xiii

Added notifyheaders aspect, in order to allow better control of notification email sent (eastward.g. allow to send HTML email).

1.seven.12

Added userdata attribute, in order to permit users to send additional text data along with the uploaded file.

i.7.11

Added unmarried button operation (file will exist automatically uploaded when selected without pressing Upload Button).

1.7.10

Fixed issues with functionality of attribute filebaselink for new versions of WP-Filebase plugin.

ane.seven.ix

Fixed trouble with functionality of attribute filebaselink for new versions of WP-Filebase plugin.

1.7.8

More than one roles can at present be defined in attribute uploadrole, separated by comma (,).

1.vii.7

Variable %filename% now works also in redirectlink.

ane.vii.6

Changes in ftp functionality, added useftpdomain aspect so that it can piece of work with external ftp domains as well.
Comeback of classic upload (used in IE or when setting forceclassic to true) messaging functionality.
Modest issues fixes.

1.vii.5

Source modified then that information technology can work with WordPress sites that are not installed in root.
Added variable %blogid% for utilize with multi-site installations.
Bug fixes related to showing of messages.

ane.seven.4

Replacement of json2.js with another version.

one.vii.iii

CSS style changes to resolve conflicts with diverse theme CSS styles.

1.7.two

Added variable %useremail% used in notifyrecipients, notifysubject and notifymessage attributes.

ane.7.ane

Added capability to upload files exterior wp-content binder.
Improved error reporting.

1.seven

Complete restructuring of plugin HTML code, in order to arrive more configurable and customizable.
Advent of messages has been improved.
Added option to put the plugin in testmode.
Added selection to configure the colors of success and fail messages.
Added pick to modify the dimensions of the private objects of the plugin.
Added option to modify the placement of the individual objects of the plugin.
Improved error reporting.
Added localization for error messages.
Small bug fixes.

ane.6.three

Problems fixes to correct incompatibilities of the new ajax functionality when uploadrole is fix to "all".

1.6.2

Issues fixes to correct incompatibilities of the new ajax functionality with redirectlink, filebaselink and adminmessages.

1.6.1

Correction of serious problems that prevented the normal functioning of the plugin when the browser of the user supports HTML5 functionality.
Tags added to the plugin WordPress page.

1.6

Major lifting of the whole code.
Added ajax functionality so that file is uploaded without folio reload (works in browsers supporting HTML5).
Added upload progress bar (works in browsers supporting HTML5).
Added option to let user to select if wants to use the old form upload functionality.
File will non be saved again if user presses the Refresh button (or F5) of the page.
Translation strings updated.
Bug fixes for problems when at that place are more than 1 instances of the plugin in a unmarried page.

ane.5

Added option to notify user about upload directory.
Added option to allow user to select a subfolder to upload the file.

1.iv.i

css corrections for problems fixes.

i.4

Added option to adhere uploaded file to notification electronic mail.
Added choice to customize message on successful upload (variables %filename% and %filepath% can be used).
Added option to customize colour of bulletin on successful upload.
"C:\fakepath\" trouble resolved.
warning message well-nigh part create_directory() resolved.
css enhancements for compatibility with more themes.

i.iii

Additional variables added (%filename% and %filepath%).
All variables can be used inside message subject and bulletin text.
Added option to determine how to treat duplicates (overwrite existing file, exit existing file, leave both).
Added option to determine how to rename the uploaded file, when another file already exists in the target directory.
Added option to create directories and upload files using ftp access, in order to overcome file possessor and SAFE MODE restrictions.
Added the adequacy to redirect to some other web folio when a file is uploaded successfully.
Added the pick to show to administrators additional letters about upload errors.
Problems fixes related to interoperability with WP_Filebase

1.2

Added notification by electronic mail when a file is uploaded.
Added the ability to upload to a variable folder, based on the name of the user currently logged in.

one.1

Added the option to let anyone to upload files, by setting the attribute uploadrole to "all".

1.0

Initial version.

osgoodfriess.blogspot.com

Source: https://id.wordpress.org/plugins/wp-file-upload/