PHP Upload Manager

Easier uploads than FTP…

This project presents a simple way to upload, download and manage files on a PHP enabled HTTP server. There are times when you just want someone to be able to simply upload a file to your website so that you can later access the file at your leisure.

I am aware of several such situations where a file was too large to go through the email system, and the person with the file was not PC savvy enough to be able to use an FTP tool without significant hand holding. So, an easy solution was to utilize PHP to provide for a web service via which the user could upload the file to a server. The administrator can then simply download the file.

Using an HTTP based web-browser approach for transferring a file (rather than FTP) provides for a platform independent solution that is very simple for the end user. The bulk of the work takes place on the server via several PHP scripts. Once the user has filled out the form and pressed the “Upload File” button, the file is uploaded to the server and placed in a sub-directory.

How the Application works:

The user:

  1. Accesses the application by browsing to the application directory.
  2. Enter’s there full name for license generation purposes.
  3. Enters the password (if it is enabled by the administrator in the config.php file).
  4. Selects the file(s) to upload.
  5. Uploads the file(s) by pressing the “Upload” button.

In response to the user’s submission of the the form, the Application does the following:

  1. The web server automatically serves the index.php file which redirects the users browser to uploadFile.php.
  2. If a file is being uploaded:
    • If the simple password feature is enabled:
      • Check to see that the user supplied password matches the correct password. If so, then continue to allow the file upload.
    • If the user supplied a name, then continue to allow the file to be uploaded.
    • In the case that either of the 2 previous checks fail, then do not allow the upload.
    • Upload the file and move into the upload directory.
    • If the email notification feature is enabled, then send the email.
  3. If a delete command has been received:
    • Delete the file, if it exists.
  4. Lists the files that are currently in the upload directory (which is set in config.php).

Application File Descriptions:

The solution is comprised of the following PHP files which reside on the web server:

  • config.php
    • The first file to look at is config.php. This file provides for the configuration of the application. It contains a number of values that the user will set prior to enabling the service on their web server. Settings include:
      • Business/Organization Name
      • Simple password
      • Email notification
      • Upload directory
      • License file generation
  • index.php
    • This file contains the user interface for the application.index .php generates an HTML page which provides an introduction to the user and also presents various information that the user might want to know prior to uploading a file to the site. For example, one could indicate the specific rules for use of the service on this page or technical information such as the max file size, etc…
    • This file contains all of the functions of the application including:
      • User interface
      • File upload
      • File metrics collection
      • License file generation
      • File delete
      • File listing
      • Basic upload security

Installation on your web-server:

Requirements:

  • Your web server must support PHP version 4+.
  • HTTP file uploads must be enabled in your PHP setup.
  • To use the email notification function, your PHP setup must enable the mail() function.

Installation:

  1. Download the distribution zip file to your PC and unzip it.
  2. Modify the config.php file to suit your particular needs.
  3. Create a new directory for the application on your web server.
    • Be sure to consider how you will secure access to the application.
  4. Upload all of the contents of the distribution to the new directory.
  5. Browse to the application directory.

A note on security:

Securing your web server and any applications that you host on your server is your responsibility.

This application is neither designed, nor intended to be placed on the open Internet in an unprotected manner.

This application provides a very simple password check to help protect the service from allowing anyone to upload files to your server. At the very least, you should enable Basic HTTP authentication on the directory that this application resides in. A more secure solution would be to utilize HTTPS for session encryption and a database to provide for username/password authentication.

In addition to protecting your site from people that you do not want to use the service, you must also consider what types of files that you will allow to be uploaded. For example, this application provides a very simple method of blocking certain files with pre-defined extensions from being uploaded. Examples of some files that you may want to block may include .php, .html and .js files. These settings are located in the config.php file.

Screenshot:

phpfileuploader-237x300

Download SimplefileManager: [download id=”3″]

Copyright 2008-2010 HenryRanch LLC.

Leave a Reply