FileChucker

Multi-User File Manager & Uploader with Progress Bar

Quick Links
View Demo
Download
Purchase

About
Live Demo
Features
FAQ
Download
Instructions: Mac/Linux Servers
Instructions: Windows Servers
Performance
Support
Changelog

What People Are Saying...

Thank you for your excellent service.
-- Dick K.

FileChucker is awesome! I've been looking
for a solution like this for a long time.
-- Nathanael E.

Very good script, continue to upgrade this!
-- Julien T.

I looked all over trying to find a simple cgi script. I found that filechucker was by far the best. If you have issues with your hosting service's PHP.INI max upload size then this is the way to go. Looking forward to future enhancements.
-- Bob C., spindot.com

About

FileChucker is an AJAX-based web application that lets you accept file uploads on your own website. It's simple to install, packed with features, fully configurable, nice looking, and very handy for when you want to share files with anyone. And during uploads FileChucker shows a progress bar & table, so the user knows how much time is left before the upload is complete.

FileChucker can also function as a full-fledged online file manager for your server: it can allow moving/renaming/deleting of uploaded files & folders right in the browser. Of course these features are configurable and password-protectable so you can customize FileChucker however you'd like.

To top it all off, FileChucker works in all major browsers (Moz/FF, IE, Opera, Safari), and runs on virtually any server, with no programming required! It's a single Perl script, and most servers support Perl CGI scripts automatically; for the rare server that doesn't, Perl can usually be easily added. If your site is more of a PHP site, don't worry: FileChucker will run just fine alongside your PHP scripts, and you can even integrate it into your existing framework with a PHP virtual() call, if you want to!

Live Demo

You can try out the FileChucker Live Demo right now.

Features

Share files that are too large for e-mail by simply uploading them and then sending the link to your friend
Real-time progress bar and time elapsed/remaining during uploads
Built-in password protection: two separate passwords allow "admin" and "member" access levels without usernames; or, integrate with UserBase or your site's existing login system
If you don't want to bother with passwords at all, FileChucker can also be configured to automatically create a private directory for each upload, perfect for single-use uploads; the private directory is optionally re-usable for new uploads by the user who created it
E-mail notification of new uploads; can be sent to the webmaster and/or to the person performing the upload
Create, move, rename, and delete files/folders on your server through the browser, functioning as a web-based FTP system or FTP replacement
Multiple folders/subfolders for uploads, optionally user-creatable
Can function as a photo gallery script, with automatic image thumbnailing, image rotation, and a grid-layout display of your photo albums and thumbnails
Supports custom folder permissions so you can specify read-only or read-write access for users/groups on a per-folder basis
Can automatically rename all uploaded files to remove any "unfriendly" characters, append a time/datestamp, or rename to a completely custom format that you specify
Logs information about each upload, like uploader's IP address, hostname, browser & operating system
You can configure unlimited custom form fields anywhere on the upload form, so your users can enter comments or information about the file(s) they're uploading; supports text fields, radio buttons, checkboxes, drop-down lists
Can integrate with your site's login framework to store each user's uploads in his own directory automatically, and after an upload, can redirect to a page that you specify
Restrict what kinds of files can be uploaded and/or displayed based on file extension
Has a built-in human test to prevent spambot abuse (sometimes called a CAPTCHA system; "CAPTCHA" is (TM) by Carnegie Mellon University)
Works on a standard server or a secure server (https://)
Supports i18n and l10n (internationalization and localization) in most areas of the application, so it can be translated into other languages by simply modifying the settings containing the text strings
Adjustable max upload size (in bytes), up to as large as your server can support (typically multiple gigabytes)
Adjustable user quotas
Can upload one or multiple files, up to whatever limit you specify
Fully customizable via preferences that you can adjust
Check out the preferences file in the trial version to see all the adjustable features and documentation.

Download

You can download the FileChucker trial version and install it on your site right now. The trial is designed for you to test on your server before purchasing the full version. The trial has limitations compared to the full version; the main limitations are:

after accepting an upload, it saves the file as an empty document (size 0 bytes) and automatically adds a serial number to the end of the filename.
only the progress bar itself is shown; progress table, elapsed/remaining time, upload speed, etc, are not shown
deleting files/folders has been disabled
creating new folders with the file-manager has been disabled

Prior to version 2.0, FileChucker was free for personal use, but as more and more people use it and request support & new features, it requires more and more of our development time and effort. So we now charge a small fee for use on personal sites.

Purchase

To get the full version of FileChucker, please choose your license type below.

FileChucker Full Version:
Personal Website License: 1-site	$19.99
Business Website License: 1-site	$39.99
Business Website License: 3-site	$89.99
Business Website License: 10-site	$249.99
Instant credit card payments through PayPal. No sign-up required!

Quick Instructions: Mac/Linux Servers

(If you're not sure what kind of server you have, this is probably it.)

Unzip your filechucker.zip file (either the trial version or your full version) and then upload the contents of the www.example.com folder onto your website. Then visit the following address, replacing example.com with your own domain name:

www.example.com/cgi-bin/filechucker.cgi

If that works, then you can also try:

www.example.com/upload/index.php
www.example.com/upload/index.shtml

If one or both of those works, then delete the index file that doesn't work (if any), and then you should be able to use this shorter URL:

www.example.com/upload

To configure FileChucker, edit the /cgi-bin/filechucker_prefs.cgi file in a plain text editor. If you're on Windows, try Wordpad, not Notepad nor Word. If the short /upload URL worked for you, then you'll want to set $PREF{here} to '/upload' in your prefs file (it's in PREFs Section 02).

Finally, read the FAQ; and if nothing works, read the full instructions.

Quick Instructions: Windows/IIS Servers

First make sure your server has Perl installed; www.activeperl.com has a free version. You may need to reboot the server after installing Perl. Open a command prompt and type perl -v and if you get some output about Perl and its version info, you should be all set.

Unzip your filechucker.zip file (either the trial version or your full version) and then move the contents of the cgi-bin folder into the upload folder. Then delete the cgi-bin folder. Upload the "upload" folder onto your website, then visit the following address, replacing example.com with your own domain name:

www.example.com/upload/filechucker.cgi

If that doesn't work, try renaming filechucker.cgi to filechucker.pl. If it still doesn't work, open filechucker.cgi in a text editor like Wordpad and change the first line from #!/usr/bin/perl to either #!c:\perl\bin\perl.exe or just #!perl and try again.

Once it's working, you can open IIS and get the properties on the upload folder, and under "Default content page", enter filechucker.cgi or filechucker.pl into the list; then you should be able to use www.example.com/upload as a short URL.

To configure FileChucker, edit the /upload/filechucker_prefs.cgi file in a plain text editor. If you're on Windows, try Wordpad, not Notepad nor Word. If the short /upload URL worked for you, then you'll want to set $PREF{here} to '/upload' in your prefs file (it's in PREFs Section 02).

Finally, read the FAQ; and if nothing works, read the full instructions.

Full Instructions: Mac/Linux Servers

Wait! Try the quick instructions first.
Also available: Instructions for Windows Servers
See also: Frequently Asked Questions

Want us to install it for you? Just purchase the FileChucker Installation Package. We also provide customization and integration services -- just ask!

Note I: in newer versions of FileChucker, the filechucker.zip file contains a www.example.com folder along with a quick-instructions file, which simplifies the installation process on most servers. Read that before trying the full instructions here.

Note II: Do not edit the filechucker.cgi script unless absolutely necessary; instead, edit filechucker_prefs.cgi for all your customizations.

Note III: if you are using Windows on your own computer (not necessarily your server), and when you open the *.cgi file, the lines all appear to be crunched together, then try opening it in Wordpad (not Word) instead of other editors like Notepad.

On your website:

Put the script at /cgi-bin/filechucker.cgi. (You could also name it filechucker.pl, or in fact, whatever.cgi or whatever.pl.) And put the prefs file at /cgi-bin/filechucker_prefs.cgi.
Set the permissions on filechucker.cgi (aka, chmod it) to world-readable and world-executable, that is, a+rx or mode 0755. Do NOT use 0777.
Create the directory /cgi-bin/encdata/ and set the permissions on it to world-readable, -writable, and -executable, that is, a+rwx or mode 0777.
Create the directory /upload/files/ and set the permissions on it to world-readable, -writable, and -executable, that is, a+rwx or mode 0777.

Now visit yoursite.com/cgi-bin/filechucker.cgi in your browser and FileChucker should be working properly. If not, don't try any of the following optional steps; go back and fix whatever's necessary to get the script working first.
(Optional) If you'd like to use yoursite.com/upload/ instead of yoursite.com/cgi-bin/filechucker.cgi to access the script, then you can use one of these methods:

SSI/shtml (most servers support this):
Create /upload/index.shtml and put this line in it:



You may also have to put these lines into your .htaccess file:

DirectoryIndex index.shtml index.php index.html index.htm
Options +Includes
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml

Then set $PREF{here} = "/upload/"; in your filechucker_prefs.cgi file, and put the following line in your /upload/.htaccess file:

Header set Connection close

PHP:
Create /upload/index.php and then use one of these methods:

Method A: copy and paste this line to the /upload/index.php file:

<?PHP virtual("/cgi-bin/filechucker.cgi"); ?>

Or:

<?PHP virtual("/cgi-bin/filechucker.cgi?" . $_SERVER['QUERY_STRING']); ?>

Method B: save this file as call_filechucker.php in your website's document-root (its top level), and then add this line to the /upload/index.php file:

<?PHP require($_SERVER['DOCUMENT_ROOT'] . "/call_filechucker.php"); ?>

Then set $PREF{here} = "/upload/"; in your filechucker_prefs.cgi file, and put the following line in your /upload/.htaccess file:

Header set Connection close

META Refresh:
Create /upload/index.html and put this into it:
```
<html><head><meta http-equiv="refresh"
 content="0;url=http://www.yoursite.com/cgi-bin/filechucker.cgi" />
</head><body></body></html>
```
Note that this just redirects your visitors from /upload to /cgi-bin/filechucker.cgi, so while it's better than nothing, the SSI or PHP methods above are better if your server supports them.
(Optional; recommended) If your server is running Apache (most likely it is), then inside your /upload/ directory create a text file named .htaccess (notice the period at the start of the filename). In that file put the single line "Options -Indexes" without the quotes. This will prevent people from getting at the raw directory listings in your upload directory, bypassing FileChucker altogether. Of course, if for some reason you want people to be able to see the raw listings, then skip this step.
(Optional; recommended) FileChucker is not written in PHP, but many servers do run PHP, and they will usually execute PHP code in any directory, including your upload directory. This means that someone could upload arbitrary PHP code (like a PHPShell script) and do bad things to the files on your server. So if your server runs PHP, you will probably want to disable it for your upload directory. One simple way would be to add the following lines to your /upload/files/.htaccess file:

RewriteEngine on
RewriteCond %{REQUEST_URI} \.php [NC]
RewriteRule .* / [L,R]
(Optional; recommended) Download the filechucker-images.zip file and upzip it, then create a folder on your website called /upload/fc_icons_etc/ and put the unzipped files into there. Do not create a subfolder within the /fc_icons_etc/ folder; for example, don't put the images at /upload/fc_icons_etc/filechucker-images/ but instead put them directly in the /upload/fc_icons_etc/ folder.
(Optional; recommended) Read the FAQ.

Now the script is ready to run, and you can access it by going to yoursite.com/cgi-bin/filechucker.cgi or yoursite.com/upload/ if you enabled that option.

FileChucker works "out of the box" on most servers, but one problem that appears on a small handful of servers is that the progress bar doesn't move even though uploads complete just fine. See this FAQ item for solutions.

Full Instructions: Windows/IIS Servers

Wait! Try the quick instructions first.
Also available: Instructions for Mac/Linux Servers
See also: Frequently Asked Questions

Want us to install it for you? Just purchase the FileChucker Installation Package. We also provide customization and integration services -- just ask!

Note II: Do not edit the filechucker.cgi script unless absolutely necessary; instead, edit filechucker_prefs.cgi for all your customizations.

On your website:

Install ActivePerl if your server doesn't already have Perl installed. You don't need ActivePerl Studio or Enterprise or any of that stuff, just the regular, free ActivePerl distribution. Be sure to check all the boxes at the end of the installation about enabling the various options.
Run the inetmgr command and change the CGI web service extension from "prohibited" to "allowed".
Open My Computer or Windows Explorer, and go to your website's document-root; this is usually c:\inetpub\wwwroot. Within there, create a new folder named "upload" and put filechucker.pl and filechucker_prefs.pl into it. (Rename those files from *.cgi to *.pl if necessary.) Create 2 subfolders within the "upload" folder: one named "encdata" and the other named "files".
For the "encdata" and "files" folders, do the following: right-click on the folder, choose Properties, and go to the Security tab. Find or add the IUSR_computername account, and give it "Full Control". This account is sometimes called the Internet Guest Account.
Open filechucker.pl in a text editor and change the first line from #!/usr/bin/perl to either #!perl or #!c:\path\to\perl.exe
Create the c:\temp\ folder if it does not exist; if this isn't possible, then set $PREF{disable_upload_hook} = 'yes' in filechucker_prefs.cgi.
Open your web browser and go to yoursite.com/upload/filechucker.pl. It should execute successfully and you should see the upload form.

If not, then run the inetmgr command and right-click on the website and choose Properties. Go to the "Home Directory" tab, then to "Application Settings", and set "Execute permissions" to "Scripts and Executables".

If it still doesn't work, you may need to go to "Application Settings" then "Configuration", and add an application extension for .cgi with the executable set to: C:\Perl\bin\perl.exe "%s" %s

Then do the same thing for the .pl extension.
(Optional; recommended) Run the inetmgr command and create a new virtual directory within your website and name it "upload". For the virtual directory's source, choose the "upload" folder where you put the CGI/PL scripts. Once the virtual directory is created, get its Properties, go to the "Documents" tab, then to "Enable default content page". Add filechucker.pl to the top of the list. You should now be able to use the shortcut URL yoursite.com/upload/ without having to include the filechucker.pl on the end. Or, if you want to call FileChucker from within a PHP page, see step #5 in the UNIX instructions.
(Optional; recommended) FileChucker's image features (thumbnails, rotation) require an image-processing library like GD or ImageMagick. To install the GD Perl module, open a command prompt and run the command ppm install http://theoryx5.uwinnipeg.ca/ppms/GD.ppd or ppm install http://cpan.uwinnipeg.ca/PPMPackages/10xx/GD.ppd one of which should work depending on your version of Windows and ActivePerl.

To install ImageMagick, go to www.imagemagick.org and download & install the binary release for Windows. Then read this FAQ item for instructions on setting $PREF{convert_command}.
(Optional; recommended) To increase IIS's CGI timeout, run the inetmgr command, right-click "local computer", choose Properties, then check "Enable Direct Metabase Edit". Then edit the file c:\windows\system32\inetsrv\metabase.xml in a text editor (you may need to use Notepad, not Wordpad). Find the setting CGITimeout="300" and change it to a much larger value like 5000 or 10000.
(Optional; recommended) You may want to disable directory-listing for your /upload/ directory; you can do this through inetmgr.
(Optional; recommended) If your server runs PHP, then you should disable it for your /upload/files/ directory, so that visitors can't upload PHP applications and modify the files on your server.
(Optional; recommended) Download the filechucker-images.zip file and upzip it, then create a folder on your website called /upload/fc_icons_etc/ and put the unzipped files into there. Do not create a subfolder within the /fc_icons_etc/ folder; for example, don't put the images at /upload/fc_icons_etc/filechucker-images/ but instead put them directly in the /upload/fc_icons_etc/ folder.
(Optional; recommended) Read the FAQ.
(Optional) If you plan to use any of FileChucker's extra features which require a database, and you don't have a database system installed on your server, then you'll need to install MySQL, which is free. (By default, FileChucker does not require a database.) Once you have MySQL itself installed, then you'll need to install the related Perl modules. First try the command ppm install DBD::MySQL or ppm install DBD-MySQL which may work. If not, then try ppm install http://cpan.uwinnipeg.ca/PPMPackages/10xx/DBD-mysql.ppd or ppm install http://theoryx5.uwinnipeg.ca/ppms/DBD-mysql.ppd one of which should work depending on your version of Windows and ActivePerl.
(Optional) If you want to use email notifications, then open a command prompt and run ppm install MIME::Lite to install the MIME::Lite Perl module.

Now the script is ready to run, and you can access it by going to yoursite.com/upload/filechucker.pl or just yoursite.com/upload/ if you enabled that option.

Performance

First, it should be noted that FileChucker itself imposes no limits on the amount of data that can be transferred (except whatever limit you specify in your setting for $PREF{sizelimit}). FileChucker also does not place any limit on the speed of an upload. If you are having trouble with uploading large files, or with uploads going really slow, the problem is in your network, or somewhere else in your server's hardware or software configuration. Many FileChucker users on many platforms (Windows, Linux, IIS, Apache, OS X Server) are uploading files sized in the hundreds of megabytes, so the problem is not within FileChucker.

In a test upload of a 700MB file across a 100mbit LAN, the transfer ran at about 5MB/sec, requiring about 2.5 minutes to complete. ~~After the actual data-transfer was complete, the server spent ~50 seconds processing the file (CGI.pm's internal processing) before the script finished running.~~ (FileChucker now has the ability to avoid this extra processing time altogether, as long as your server is running a relatively recent Perl distribution.) The server was a Dell Dimension 1100 desktop system, with an Intel Celeron 2.53GHz CPU (256 KB cache, 5061.56 bogomips), 512MB RAM, 1GB swap, and a standard 7200RPM ATA IDE disk. The server was running Apache 2.0.54 with a fairly standard installation. During the upload, the server's RAM and swap usage did not increase significantly (probably a few KB or a few tens of KB), because the uploaded file got streamed to disk (to a temporary file) by CGI.pm. This is why the server needed to spend ~50 seconds processing the file after the upload was complete: it was decoding the raw POST data from the temporary file into the actual final destination file. (Again, FileChucker no longer needs to do this.)

In a second test upload on the same server as above, a 1.4 gigabyte file took about 5 minutes to upload, and when the data finished transferring, the server spent just under 2 minutes doing POST-processing before the script finished.

The one thing we've seen that's helped to increase performance during file-uploads (aside from faster hardware and/or a faster network link) is to make sure the server has a recent version of the CGI.pm Perl module. In FileChucker, if you enable the debugging PREFs, then visit your server's FileChucker installation in your browser and pass ?debug on the end of the URL, then view the page's source-code, at the bottom you'll see a bunch of debugging information inside of an HTML comment. One of the items near the top of this info is the CGI version that your server is running. The current version is somewhere around 3.20 or greater; if you're in the 2.xx series, or even the low 3.0x series, then upgrading your Perl installation (which will upgrade your CGI.pm module) may give you better performance during uploads.

If you want to upload files larger than 2 gigabytes, then you can't use Apache 1.3.x or 2.0.x. You need to use Apache 2.2.x, as explained on the "New Features in Apache 2.2" page:

Large File Support
httpd is now built with support for files larger than 2GB on modern 32-bit Unix systems. Support for handling >2GB request bodies has also been added.

Support

If you need any help with FileChucker, please complete the following steps in order:

Make sure you've followed the installation instructions.
Make sure you've read the FAQ.
If you're getting an Internal Server Error, read the Internal Server Error page.
If you're getting errors about missing Perl modules, read the installing Perl modules page.
The troubleshooting page has some FileChucker-specific solutions that may help.
Set the $PREF{enable_debug} option in PREFs Section 01. Then go to yoursite.com/cgi-bin/filechucker.cgi?debug (i.e. visit the script and pass ?debug on the end). When the page loads, use your browser's View-Source feature and scroll to the very bottom. Here you'll see some debugging information that may help you.
If you still need help, you can contact us. Be sure to send us the full URL to the script on your server.

ChangeLog

v4.58 (20091215):

New $PREF{admin_usernames_list} setting, for when you're integrating with a non-UserBase login system, and you want to specify which of your users are administrators. This replaces the PHP_ENC_ISADMIN variable and the $PREF{admin_usernames_for_apache_auth} setting, and the two $PREF{member_username_cookie_name} & $PREF{admin_username_cookie_name} settings have been consolidated into a single $PREF{username_cookie_name} one.
The $PREF{groups_allowed_to_list_files} setting has been renamed to $PREF{groups_allowed_to_view_download_page}, just to make its purpose more clear; similarly the _list_files_in_top_level permission is now instead called _view_top_level_of_download_page.
New "Show All Prefs" feature, available on the Administration page, shows the values of all your prefs.
Updated the blacklist/whitelist feature so that in addition to all-or-nothing whole-app blocking, you can specify that users matching the lists are automatically added to special encblacklisted/encwhitelisted groups, which you can use in any of the $PREF{groups_allowed_to_*} settings.
New $PREF{get_userdir_from_username} setting, to simplify the enabling of the userdir feature when integrated with a non-UserBase login system (we've always done this when integrated with UserBase).
Large overhaul of the email notification prefs to allow more than just 2 email templates (webmaster and user); you can now create separate templates for the various kinds of email notifications (user-entered email addresses, UserBase folder owner, logged-in user's email address, etc).
New $PREF{app_output_template} setting allows you to fully customize the overall structure of the markup we output. This replaces some previous settings like $PREF{intro}, $PREF{outer_container} & $PREF{inner_container}, etc.
Updated the CSS for the drop-shadows in the shadowlight (default) and shadowdark styles; they no longer use fixed-width images, so the app's overall width can be set to any arbitrary value and the shadows will adjust to suit.
New $PREF{formfield_NN_only_for_these_groups} feature allows you to specify that a given field on the upload form should only be displayed if the user is a member of a certain group.
New $PREF{formfield_NN_dont_send_email} feature allows you to create a form field that collects email addresses but does not send notification emails to the entered addresses.
Renamed the "Options Menu" at the top of the downloads page to "View Menu" to disambiguate it from the "options" menu on each individual file/folder in the downloads list.
For prefs that default to filechucker@example.com, such as the sender address on notification emails, if you leave it set to the default we'll automatically change it to filechucker@<thisdomain.com> at runtime.
Changed some of the CSS to remove specified widths on inner parts of the pages, so that a single outer width value is all that's specified, which makes it easier to adjust that width.
If the server's version of the CGI module is ancient, we'll display an error saying so right in the footer of every page, since it's likely to prevent the app from working correctly.
The Check Image Modules feature in the Administration section now does a few checks for a "convert" command in some of the likely locations.
Automatically fix the DOCUMENT_ROOT on GoDaddy servers, which set it incorrectly for subdomains.
Bugfix: some notification emails displayed percent symbols between sections for no good reason.
Bugfix: specifying a form field to be both required and an email field could result in a confusing error message if the user left the field blank.
Bugfix: the 3 $PREF{show_link_to_uploads_for_strangers} (and _members and _admins) settings got broken in a previous update; they had no effect so you had to manually modify the template for the Upload Complete page to adjust that output.
Bugfix: a previous update caused us to fail to autodetect when HTTPS was in effect.

v4.57 (20091017):

New $PREF{enable_username_from_apache_auth} feature provides support for Apache's htpasswd-based user accounts, in case you don't want to use a proper login system like UserBase.
On the file list, if you check a single file's checkbox then use the Actions Menu to download it, we now pretend that you actually clicked on that single file itself, rather than going through the multi-file download process with only the single file (which worked fine, it was just overkill, since zipping a single file is kind of pointless).
Bugfix: a previous update caused the login link to always point to the full filechucker.cgi URL, even if you set $PREF{here} to something else.

v4.56 (20090928):

New $PREF{default_filelist_sort} setting in case you want the file list to be sorted by something other than filename by default.
New $PREF{filefield_template} setting in case you want to adjust the HTML for the file fields on the upload form.
Miscellaneous updates to the database viewer/editor behind features such as the upload log and download log.
Improved performance of the file list's pagination feature on servers with large numbers of files in a single directory (~1000 or more).
Bugfix: a recent update could cause a MySQL error on servers with older versions of MySQL, on pages that use the database viewer/editor.
Bugfix: in rare situations involving features which require the script changing into a different directory (such as the multi-file download feature), some errors that could occur would fail to be properly reported, and instead a more obscure and confusing error would result.
Bugfix: a previous update broke our ImageMagick detection (or rather how we handled the result of it) so we didn't use ImageMagick even if it was available on the server.
Bugfix: with userdirs enabled, a particular malformed query-string could allow a user to view the list of other userdir folders (but not access those folders) on the server.
Bugfix: in Opera, when the user chooses a file for upload and we automatically add another file field, the new field was pre-filled with the same file that was selected in the first file field.
Bugfix: if using both $PREF{show_upload_status_in_popup_window} and $PREF{default_page} = 'filelist', the progress bar didn't display.

v4.55 (20090811):

There is now an Administration page which contains links to a few new features (a help page, a configuration instructions page, a server variables page, and an image-module-testing page) as well as a few features that were previously linked directly from the footer (upload log and download log).
New image-module-testing page which shows whether your server supports the ImageMagick Perl module and the GD Perl module, and explains what it means and what to do if your server doesn't support them.
We now automatically internally disable the try_to_use_* prefs for ImageMagick and GD when both are unavailable on the server, rather than displaying an error telling the user to manually disable those.
The file-list page now supports pagination, for situations where you have lots of files at a single level rather than within multiple subfolders.
Bugfix: the %%ub_var_name%% variable didn't work in notification emails; it's now been replaced by %%ub_var_username%% and %%ub_var_realname%%.

v4.54 (20090727):

The administrator password hash is now null by default, and visiting the login page will prompt you to create a password.
On the upload form, we now use a better method for highlighting any unfilled required fields, the main benefit of which is that they regain their original styling correctly when un-highlighted.
On the upload form, any checkbox fields that you add now default to being recorded as "yes" or "no" rather than 1 or 0. This is adjustable via a formfield_NN_binary pref if you prefer to have 1/0 instead.
Custom fields on the upload form now support formfield_NN_transform_foo prefs, where for any field, a value of "foo" will be transformed into whatever other value you specify.
Tweaked the layout of the upload form and the overall app styling, mainly to make the various items on the upload form (including any custom form fields) line up more nicely. Also, most kinds of custom form fields are now template-based, and you can even specify a different template on a per-field basis.
Various small improvements to the database-viewer/editor function that's behind features like the uploadlog and downloadlog.
When the uploaded files folder doesn't exist, the error message that we display will now show the current DOCROOT value and whether that exists, to aid in troubleshooting.
Our debug-mode output is now more friendly, with any HTML converted so that it will show up properly, and can be viewed directly on the bottom of the page rather than having to view the page's source-code.
When embedded within another page and using username/userdir from a PHP session, we now ignore the username/dir if the PHP session is null. This is sort of a bugfix depending on your perspective.
Bugfix: the $PREF{allow_userdir_on_url_insecurely} feature got broken in a prevous update.
Bugfix: on systems with inconsistent case-sensitivity rules (Windows), having SQL table/field names that aren't entirely lowercase can result in errors if you need to check for the existence of a table/field and auto-create it if DNE. So we now convert them all to lowercase first.
Bugfix: with the new non-redirecting upload feature enabled, certain messages and errors would fail to be displayed.
Bugfix: more older versions of IE failed to show the Upload Complete message for the new non-redirecting upload feature.

v4.53 (20090629):

Bugfix: older versions of IE failed to show the Upload Complete message for the new non-redirecting upload feature.

v4.52 (20090627):

New $PREF{prevent_direct_cgi_access} option for users who want to embed FileChucker within an existing page and don't want it to be possible to visit the CGI script directly.
New experimental support for the netpbm image-processing library as a backend for our human test feature, for those rare servers lacking the GD Perl module and the ImageMagick Perl module and ImageMagick itself.
Specifying a custom icon for a specific file type on the file list page now causes the generic icon to be hidden, and now by default the custom icon has no border applied.
Bugfix: when embedding FileChucker into an existing page, and using static CSS and JS files from FileChucker in that page's header, and using the human test feature in the non-invisible mode, the human test image would fail to display.
Bugfix: on a small percentage of servers, the ImageMagick installation seems to require that you explicitly specify the font name when creating an image containing text, such as in our human test feature. On those servers, failing to specify the font name results in an image being created successfully but lacking any text. So we now specify a font name.

v4.51 (20090601):

New blacklist/whitelist feature to block users based on IP address or hostname.
Modified the upload process so it now occurs in-page in a more AJAX-y way: it now displays the "Upload Complete" message in the same page without reloading or redirecting the page. In most cases this makes no difference, but it makes it easier to embed FileChucker into existing layouts/pages which are dynamically generated or otherwise complex. As a nice side-effect, this also allows the progress bar to work in-page in Safari, no longer requiring a popup window.
Can now scan uploads for viruses and reject them if they're infected, assuming your server has a command-line virus scanner available.
Changed some widths from pixel values to percentages, in order to simplify the process of editing the CSS to make FileChucker narrower to fit within narrow existing layouts.
New $PREF{progressbar_update_delay} setting, for servers that are slow or overloaded, where making the progress bar updates occur less frequently may help to improve performance.
Bugfix: on servers with GD, without ImageMagick, and with the human test feature enabled, we would sometimes display an error saying that GD was not available, when it really was.
Bugfix: due to a change in a previous update, setting some options to null (including $PREF{title}) would make the upload progress bar fail to display.

v4.50 (20090523):

Simplified the installation process by including a new folder called "www.example.com" within the filechucker.zip file; this folder contains the full directory structure and all files necessary for FileChucker to work, so you don't need to manually create any files or folders -- just upload the contents of the folder to your server. So although the installation process was pretty straightforward before, now it's basically just drag-and-drop.

v4.49 (20090514):

Moved icons and other app images into the /upload/fc_icons_etc/ folder, instead of having them directly in the /upload/ folder by default as before.

v4.48 (20090504):

We now attempt to detect whether we're being executed via command line, and print a useful error in that case, to prevent getting the FAQ about why it doesn't work from the command line (answer: because it's a web app).
When integrated with UserBase and using its subgroup-manager feature, FileChucker now automatically gives such managers access to the files & folders of the users that they "own".
When displaying thumbnails, if the server doesn't support our figuring out their dimensions, then we'll omit the width and height attributes altogether, rather than setting them to null, to work around an IE bug in which it treats null as meaning "1 pixel". Ugh.
When a user does a multi-file download, we now check to make sure our zip file exists before attempting to send it for download, and if it doesn't exist, then we display a more useful error message indicating the likely cause (that there is no "zip" command on the server) with links to zip apps that could be installed on the server.
We now support shared prefs files, for specifying prefs a single time to be used in multiple apps, or in multiple copies of an app.
The pages which display database contents now handle reverse-sort differently: instead of reversing the order of whichever N items were displayed on the current page, we now reverse the whole dataset itself. So the N items displayed on say page #3 of the data will not be the same N items displayed on page #3 in reverse-mode.
We now attempt to automatically correct Network Solutions' screwy configuration on servers that are afflicted by it.
Bugfix: in rare cases, an apparent bug somewhere in the Perl MySQL stack causes dropped connections, which are not reconnected even if that flag has been set for the connection. So we now always do a check-and-reconnect before doing any database communication.
Bugfix: the allow_userdir_on_url_insecurely setting interferes with the serial_is_userdir setting, so ignore it if the user inadvertently enables both.
Bugfix: on Windows servers, in situations where we need to create new folders which include multiple levels, if the server is using drive-letter paths instead of UNC paths, then we failed to create the new folder.

v4.47 (20090409):

New multi-download feature allows users to select multiple files/folders on the downloads page and then select a "Download" option from the Actions Menu at the bottom; this will cause FileChucker to create a zip file of the selected items and then offer it to the user for download.
The download-landing-page feature now supports a countdown timer, which will hide the download link for a period of time; this is useful for situations where you want to display ads on the landing page.
We now use a timeout when creating thumbnail images, so that any image/video files which are corrupt or too big can be skipped, rather than causing the page to take minutes to load, or fail to load completely.
When deleting multiple files from the downloads page, we now keep a running log of any errors that occur and display them at the end, rather than stopping on error and not even attempting to delete the rest of the items that were selected.
For the automatic_new_subdir_name and reformat_filenames_for_all_uploads features, the format for inserting date variables has changed from simply %v to %DATE{%v}. And this format is now part of the standard set of external variables that we support within all pref values.
Bugfix: the previous update introduced a bug which prevented form fields with the _save setting from correctly displaying the saved values; they were displayed as a "1" regardless of what the value really was.

v4.46 (20090325):

All prefs can now include variables from the URL, cookies, environment variables, other prefs, and from MySQL select queries. See this FAQ item for details. For example such variables can be used within a $PREF{formfield_NN_default} setting to set the default value of a form field from any of those data sources.
The file list on the "Download Files" page can now be set to hide file extensions. [$PREF{hide_file_extensions_in_filelist___from_first_dot}, $PREF{hide_file_extensions_in_filelist___from_last_dot}]
The upload serial number can now be cut down to a shorter length even after hashing, mainly for use with the $PREF{serial_is_userdir} feature for situations where a shorter URL is desired. [$PREF{cut_serial_to_this_length_even_after_hashing}]
Added note to prefs file about how to use an image as the submit button on the upload form.

v4.45 (20090308):

When a user tries to access a page that he doesn't have permission to access, instead of just printing the access-denied/login-required page, we'll use Javascript to automatically redirect there.
New $PREF{enable_perfile_passwords} setting to explicitly enable this feature, rather than implicitly enabling it based on the existence of a _password form field as before.
New $PREF{userdir_shared_secret} setting to allow the userdir to be passed on the URL in a secure way, for situations where you're integrating with an existing non-UserBase login system and the other methods (cookies, PHP env vars) are not available on your server or in your login system.
You can now set $PREF{title} and $PREF{intro} on a per-page basis (i.e. a different title for the upload form, the file list, etc). Actually this has been possible for a while for $PREF{title}, but the per-page variations of the prefs are all explicitly enumerated in the prefs file now.
New $PREF{formfield_NN_displayname} option, to specify extra text with the form field's title on the upload form, that you don't want to be displayed elsewhere (in the notification emails for example).
Added a few more file types and strings to the default lists of disallowed and hidden types/filenames.
Renamed the $PREF{hide_topmost_level_in_breadcrumbs} setting to $PREF{hide_links_to_topmost_level_from_userdir_users} so its purpose and scope are more clear; also cleaned up the handling of leading/trailing slashes for the various permutations that affect the breadcrumbs display.
For the extra upload fields that are now automatically generated (by default at least) once the user selects the first file to upload, we now display the text "(optional; may be left blank)" so that the user doesn't think that he must upload multiple files.
You can now create multiple copies of the style preference ($PREF{css1}, $PREF{css2}, etc) and call them as ?css1, ?css2, etc, in case you want to embed FileChucker in multiple different pages with different styles.
Modified how our built-in password protection handles redirection: instead of having ?target=foo with individually-specified cases for where to redirect, we now just redirect to the referer, as UserBase does.
When displaying the error stating that our onload actions failed to run, and that you must remove any onload from your page's body tag, we now include a link to a page explaining how to use multiple onload events so you can preserve your existing one.
Bugfix: when processing download links internally (so we can check permissions for example), we presented the file for download even if the file no longer existed, or if it was empty -- the downloaded file would simply contain an error message. We now check for empty/nonexistent files and display a sensible error message in the browser directly.
Bugfix: the upload-complete page now displays newlines as HTML newlines (instead of as spaces which is the default with HTML) for any form fields whose submitted values contain newlines.
Bugfix: on IIS servers where the docroot is a virtual UNC path, we now correctly auto-detect that, rather than requiring it to be specified manually.
Bugfix: the $PREF{try_to_use_identify_for_dimensions} setting didn't work because we weren't enabling $PREF{identify_available} with it (only affects those using the image features on servers without the ImageMagick and/or GD Perl modules).

v4.44 (20090202):

Bugfix: the previous update introduced a bug which caused FileChucker to fail to submit insertions/edits/deletions when editing the database tables for certain features (upload and download logs for example) when FileChucker was embedded within another page.

v4.43 (20090109):

Default data directory name changed from "fcdata" to "encdata"; also removed the dot from default image directory names ".fcht" and ".fcimages"; renamed our default make-new-directory query-string variable from "mkdir" to "makefolder" because some servers treat any mention of "mkdir" as a security threat.
In situations where we need to display some output but we're currently outside of any page we might be embedded in (which typically means when we're POSTed to), we now perform a redirect to ourselves within the embedded page before displaying the output.
For the various features that require the enabling of the $PREF{download_links_go_through_FileChucker} setting, we now enable it automatically when the feature in question is enabled.
New $PREF{add_new_file_upload_fields_automatically} setting automatically creates a second file upload field when the user selects a file in the first one. This is as opposed to the previous behavior, where the user had to click an "Add another file?" link.
Renamed the $PREF{automatically_delete_old_files} setting to $PREF{automatically_delete_old_uploads} so its purpose is more clear, and to distinguish it from the $PREF{automatically_delete_old_logfiles} setting.
The upload log and the download log now support a vertical display mode, and now support the editing & deleting of records.
Clarified the error message displayed when the human test is enabled but the server doesn't support the necessary image processing features.
Made the client-side file extension filtering be case-insensitive.
Bugfix: users who recently updated from older versions and who also use UserBase would sometimes receive an error about a missing column during login; that's fixed now.
Bugfix: a small number of servers treat an "http" in the URL as an error (other than the one at the very beginning), so we now remove that in any situation where we're passing addresses on the end of the URL.

v4.42 (20081028):

For the serial_is_userdir feature, we now do a forced redirect to ourself passing the userdir on the URL, so that repeated visits to the script don't create lots of empty userdirs (since a new serial/userdir gets generated each time if it's not specified on the URL).
New $PREF{force_https} setting, which causes us to do a forced redirect to ourself using https:// if we were visited without it.
New hide_leading_slash_in_breadcrumbs (and _trailing_) settings, which affect the path displayed at the top of the "Download Files" page. Also code refactoring so that if the features & text are all disabled within this top row of the file listing, then the row itself is not displayed.
Renamed some of the prefs used by the upload and download log pages, and changed the styling of those pages.
For extra form fields, you can now specify default values that include variables from the URL and PREF values (previously this was only possible for *hidden* extra form fields).
When loading pref values from UserBase's prefs file, we now include strings from the %TEXT hash.
Updates to shared code to support new UserBase features (logging of failed & successful logins, last-active-time logging, password expiration).

v4.41 (20081006):

Removed the $PREF{smtp_port} setting; this should be specified on the end of the $PREF{smtp_server} value, because some Perl installations don't honor the separate port spec.
Bugfix: don't require $PREF{store_upload_info_in_database} in order to use extra formfields, in case the user wants to simply email the values, or pass them on the URL to another page post-upload.

v4.40 (20080928):

Removed the $PREF{store_upload_info_in_files} feature, because virtually all servers have SQL available, so $PREF{store_upload_info_in_database} is a better option; and because removing this feature greatly simplifies some aspects of the code, and significantly reduces the size of the application.
Bugfix: when deleting a file with the store_upload_info_in_database feature enabled, if the file was not in a subfolder, then the file's upload info would fail to be deleted from the database.

v4.39 (20080927):

Bugfix: the show-all-permissions page was failing to display due to a change in the name of the permissions table preference.

v4.38 (20080925):

New $PREF{populate_each_new_userdir_from_this_folder} feature for situations where new userdirs need to be pre-filled with files/folders from a default set.
New $PREF{add_www_to_hostname} and $PREF{remove_www_from_hostname} settings, for situations where that can't be done at the server level.
Any custom fields defined in UserBase can now be used in various FileChucker settings using the %PREF{ub_var_foo} syntax. For example a UserBase custom field named "city" would be %PREF{ub_var_city}.
On the Download Files page, for files that are displayed as thumbnails (images, videos), we now check the timestamp on the thumbnail and the original file to determine if we need to recreate the thumbnail, in case the original file has changed.
For the $PREF{resize_uploaded_images} feature, we now only resize images that are larger than your specified dimensions; we no longer upscale smaller images.
Added new method of calling UserBase, for servers without PHP and which don't allow executing external commands (mainly particular IIS versions).
Consolidated our writable_dir_perms* and writable_file_perms* settings.
Bugfix: the "round" style had an issue where the header on it file-list page was getting squished.
Bugfix: we now do multiple iterations of %PREF{foo} interpolations for the preferences, so that in situations where nested interpolations exist, we can resolve them correctly.

v4.37 (20080912):

Changed the default value of the $PREF{userdir_folder_name} setting from "home" to "users" to make its purpose more clear.
Added new $PREF{custom_form_fields_namelist} setting, so that when using custom HTML code for the upload form, you can more easily specify the names of your form fields. The previous method (still supported because it allows more flexibility) is to create a set of $PREF{formfield_NN} settings for each custom form field.

v4.36 (20080908):

The "Upload Complete" page is now template-based and thus fully customizable. It also now automatically displays the data for any extra formfields that you've defined.
On the file info page and in the notification emails, we now hide the "Form fields:" section altogether if you haven't defined any extra form fields, rather than displaying the section but leaving it empty.
We now delete thumbnails when their corresponding image/video files are deleted.
When creating our human-test images, we now check that the output image exists and has a nonzero file size before attempting to use it, because of strange issues on some servers where ImageMagick/GD are installed but not functioning properly.
New ?output=firsthalf and ?output=secondhalf modes to make it possible to embed FileChucker into an existing page containing an existing form and have FileChucker process that form. This is useful for existing forms that are large or complex; otherwise, our already-existing methods of specifying extra form fields or custom HTML for a smaller number of form fields usually suffice.
Bugfix: when displaying directory lists (in the dropdown menu on the upload form for example) we were using a depth-based sort, but that produced a strange sort order in many cases where there are multiple nested directories with foldernames of varying lengths. This is now a straight alphabetical sort.
Bugfix: when deleting a file, we attempted to delete its corresponding database entry without checking whether the entry existed, resulting in an error if you've got files in FileChucker's uploads folder that you put there via some other method. We now check to make sure the upload record for the file exists before trying to delete it.
Bugfix: on the file list, disabling folder thumbnails now applies to both kinds of thumbnails -- video and image -- not just image.

v4.35 (20080902):

Bugfix: if you didn't read the instructions with the new $PREF{log_all_downloads} feature which state that you have to set the database settings in PREFs Section 12, and you left those settings null, we'd display an obscure error. We now check for the db settings when $PREF{log_all_downloads} is enabled, and if they're missing we explicitly state that.

v4.34 (20080828):

New setting to ignore any errors that may occur while creating thumbnails for video files ($PREF{ignore_video_thumbnailing_errors}), rather than breaking the page and halting the output on that file, since corrupted video files are fairly common.
We can now display video thumbnails as folder thumbnails when a folder contains a video, as we do for image thumbs.

v4.33 (20080826):

Bugfix: some of our background images weren't being displayed because of a bug in the CSS in the prefs file.

v4.32 (20080820):

We can now log download information to a database ($PREF{log_all_downloads}), in addition to upload information as before.
We can now send notification emails on downloads, too ($PREF{send_download_notification_emails}).
We now have built-in pages to view the upload info database and the download info database.
Storing upload information into a database is now much simpler to set up. (See $PREF{store_upload_info_in_database}.) We now create the database table automatically, store a set of default fields automatically, and we automatically store the values of any formfields that you define. We didn't do this stuff automatically before because of the fact that users might want to create column types specific to the data they're requesting; but in most cases it does make sense to simply default all columns to TEXT, and advanced users can simply modify their column types if they want to.
Our database date field is now formatted as YYYYMMDD-HHMM instead of the previous format which was longer, less standard, and included the day of week, etc.

v4.31 (20080819):

Hidden form fields can now be set to totally custom values including variables from the URL and from cookies.
If you're storing upload info in a database, but some of your column names don't match our internal names (for things like filename, path, etc), you can use the new $PREF{db_column_name_conversions} setting to avoid having to modify your database table or manually modify the filechucker.cgi code.
New $PREF{enable_custom_sql_commands} setting allows you to specify totally custom SQL statements to be executed upon upload.
Added some CSS so that the filelist page does a better job of retaining its built-in styling when embedded into a page with additional styling.
The custom_form_fields feature now supports URL and cookie variables, as well as populating dropdown fields using SQL queries.
The fileinfo page (displayed when you click the options menu on a file and then choose info) can now be generated by a custom query using the new $PREF{fileinfo_query} setting. This is probably not necessary for most uses though.
Removed a bunch of settings from the prefs file that were required when integrating with UserBase; we now read the UserBase prefs file directly to get these settings.
Simplified the database settings: you no longer need to use separate files to specify your SQL information.
The "upload complete" page can now optionally display the code for an [IMG] tag to be copied & pasted.
On certain error conditions, we now include the original query-string that we received, to help maintain the state of any page we might be embedded in.
Refactored some of the code for AJAX-based functions to make it more straightforward and easier to replicate when adding additional AJAX-based functionality.
Added support for negative permissions: in addition to the standard groups_allowed_to_* settings, you can also create groups_not_allowed_to_* settings, for more fine-grained control over permissions.
Values from checkbox formfields are now automatically converted to a one or a zero by default. This could be considered a bugfix if you were previously using FileChucker to store checkbox values into an SQL column of type BOOL or TINYINT.
Bugfix: when using the custom_form_fields feature, depending on how you set your formfield prefs, the labels on the fileinfo page might have been missing.
Bugfix: in some cases depending on server & browser caches as well as your particular FileChucker configuration, using your "Back" button to return to the upload form after completing an upload could result in the "Begin Upload" button being disabled. We now automatically enable this button when the form loads in case it was disabled before.

Older Changelog Items

Products

Web Design

Information

Visitors

Search