Download the PHP package fof/upload without Composer

On this page you can find all versions of the php package fof/upload. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package upload

Upload by FriendsOfFlarum

MIT license Latest Stable Version Total Downloads OpenCollective

An extension that handles file uploads intelligently for your forum.

Features

Installation

Install manually:

Updating

Configuration

Enable the extension, a new tab will appear on the left hand side. This separate settings page allows you to further configure the extension.

On new installations, a pre-defined regex will be inserted for you that enables image uploads, restricted to safe image types. We now include SVG as safe, due to our SVG sanitization method. Default image types allowed are:

The regex for these types is ^image\/(jpeg|png|gif|webp|avif|bmp|tiff|svg\+xml)$, and can be modified as required. We STRONGLY discourage the use of a wildcard such as ^image\/.*, as this could introduce vulnerabilities in the uploaded files. Versions of fof/upload prior to 1.8.0 used this as default, and is considered insecure.

Make sure you configure the upload permission on the permissions page as well.

Mimetype regular expression

Regular expressions allow you a lot of freedom, but they are also very difficult to understand. Here are some pointers, but feel free to ask for help on the official Flarum forums, or check out regex101.com where you can interactively build and test your regex pattern.

In case you want to allow all regular file types including video, music, compressed files and images, use this:

A mimetype consists of a primary and secondary type. The primary type can be image, video and application for instance. The secondary is like a more detailed specification, eg png, pdf etc. These two are divided by a /, in regex you have to escape this character by using: \/.

Disable or Force a particular adapter

In some circumstances, you may wish to either disable an adapter, or force the use of one. This is set in your root extend.php file.

For example, you may disable imgur

Chaining of multiple commands is also possible:

You may also force an adapter:

Adapter names currently available:

Commands

MapFilesCommand

Using php flarum fof:upload you have a powerful tool in your hands to map uploads to posts and clean up unused files. To do so there are two steps to take into consideration:

The intent of this command stems from the original concept of understand what uploads are used where and to allow removal of unused, stale files. You can run this command manually or as a cronjob.

Example 1; only mapping files:

Example 2; map and clean up

Once you're happy with how the command operates, you can append the flag --force, which removes the need to confirm the action:

The following (to resume) will happen when this command is put into a recurring cronjob:

Testing and Security Measures

FoF Upload includes automated tests to ensure:

✅ Valid files upload successfully ✅ Restricted files are blocked ✅ SVG sanitization removes potential XSS risks

🔍 Security Tests for Malicious Files

We specifically test against:

Submitting Additional Test Cases

We welcome community contributes in all our extensions! Especially where security is concerned. If you find a new edge case or a file format that bypasses validation, please:

🚀 These tests ensure FoF Upload remains secure and reliable for all Flarum users! 🚀

FAQ

Links

An extension by FriendsOfFlarum


All versions of upload with dependencies

PHP Build Version
Package Version
Requires php Version ^8.1
ext-json Version *
enshrined/svg-sanitize Version ^0
flarum/core Version ^1.8.3
guzzlehttp/guzzle Version ^6.0 || ^7.0
ramsey/uuid Version ^3.5.2 || ^4
softcreatr/php-mime-detector Version ^4.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package fof/upload contains the following files

Loading the files please wait ....