timluedtke / minimalistic-php-upload Goto Github PK

Some users have reported that it is unclear if the browser is still uploading a file or has been finished, especially when uploading multiple files one after another. (Especially for bigger sized files which could take multiple minutes to upload, depending on the users conection speed.) Some users then close the website before the upload has been completed.

• Visualise that an upload process is active and when it has been completed successfully
• Let the visual box which indicates files have been successfully uploaded fade out after some time, to make sure the user is not irritated, when uploading multiple files one after another.

make server-directory for Link-generation configurable via settings.php to support non default installation paths

Task: Add a random hash to the filenames on the server to avoid users accessing the files other than reciever of emails

Why? Even if the directoy-path is custom-setable, at least the uploading user knows the filename and could - with try&error - find out the complete URL-Path to redownload his file. This could lead to any user uploading files and sharing the URLs public on the internet - making the PHP Upload-Skript vulnerable to filesharers.

Solution could be the add a random hash to the filename, which is only communicated with the email. Other solutions possible, but should not need a database.