PHPackages                             czim/laravel-cms-upload-module - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [File &amp; Storage](/categories/file-storage)
4. /
5. czim/laravel-cms-upload-module

AbandonedArchivedLibrary[File &amp; Storage](/categories/file-storage)

czim/laravel-cms-upload-module
==============================

Laravel CMS: File Upload Module

1.0.3(8y ago)01.6kPHPPHP &gt;=5.6.4

Since May 20Pushed 8y ago1 watchersCompare

[ Source](https://github.com/czim/laravel-cms-upload-module)[ Packagist](https://packagist.org/packages/czim/laravel-cms-upload-module)[ Docs](https://github.com/czim)[ RSS](/packages/czim-laravel-cms-upload-module/feed)WikiDiscussions master Synced 4w ago

READMEChangelogDependencies (6)Versions (7)Used By (0)

[![Latest Version on Packagist](https://camo.githubusercontent.com/ed1378a33485410f8426b103d74c989d2c972e9497dc2d575e58733974f962d6/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f637a696d2f6c61726176656c2d636d732d75706c6f61642d6d6f64756c652e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/czim/laravel-cms-upload-module)[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.md)[![Build Status](https://camo.githubusercontent.com/890f3d9c505e0a5604e1ebe452e1bdb1b7f5f8d745fd305e8937d4c0f33355b8/68747470733a2f2f7472617669732d63692e6f72672f637a696d2f6c61726176656c2d636d732d75706c6f61642d6d6f64756c652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/czim/laravel-cms-upload-module)[![Coverage Status](https://camo.githubusercontent.com/8d770c5a6b4f95fbcc370c6bdeb41ce5f0152cecda0dd50f6f50a7b6b3fb0792/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f6769746875622f637a696d2f6c61726176656c2d636d732d75706c6f61642d6d6f64756c652f62616467652e7376673f6272616e63683d6d6173746572)](https://coveralls.io/github/czim/laravel-cms-upload-module?branch=master)

CMS for Laravel - File uploader module
======================================

[](#cms-for-laravel---file-uploader-module)

Simple file uploading module for the CMS.

This module offers functionality for simple temporary file uploads, to be used by other modules to allow users of the CMS to upload files with AJAX requests.

To be used to with the [Laravel CMS Core](https://github.com/czim/laravel-cms-core).

This package is compatible and tested with Laravel 5.3 and 5.4.

Changelog
---------

[](#changelog)

[View the changelog](CHANGELOG.md).

Installation
------------

[](#installation)

Add the module class to your `cms-modules.php` configuration file:

```
    'modules' => [
        // ...
        Czim\CmsUploadModule\Modules\UploadModule::class,
    ],
```

Add the service provider to your `cms-modules.php` configuration file:

```
    'providers' => [
        // ...
        Czim\CmsUploadModule\Providers\CmsUploadModuleServiceProvider::class,
        // ...
    ],
```

To publish the config and migration:

```
php artisan vendor:publish
```

Run the CMS migration:

```
php artisan cms:migrate
```

The purpose of this module
--------------------------

[](#the-purpose-of-this-module)

This module is intended to help with situations where files should be uploaded using AJAX, before a form is submitted.

The happy-path flow for a user using a CMS form:

1. Form displays.
2. User selects files for upload and enters some data.
3. User submits form.
4. Data is stored.

However, when a validation error or some other problem occurs after form submission:

1. Form displays.
2. User selects files for upload and enters some data.
3. User submits form.
4. Form validation errors display.
5. User fixes data.
6. *User re-selects all files for upload.*
7. User submits form.
8. Data is stored.

The upload inputs are annoyingly cleared, forcing the user to re-select their files.

### The solution

[](#the-solution)

By uploading files asynchronously, the form can 'remember' a reference to these files.

1. Form displays.
2. User selects and uploads files and enters some data.
3. User submits form.
4. Form validation errors display.
5. User fixes data.
6. Data is stored.

Additionally, the files are only uploaded once, and the form submit request will be much smaller, since the files are already stored on the server.

This is the flow that this module facilitates.

Usage
-----

[](#usage)

This module does not have a CMS 'presence' directly; it does not do anything on its own. Its functionality may be employed by other CMS modules.

### Storing a file

[](#storing-a-file)

Files may be stored using the module's store route.

Send a `POST` request to `/cms/fileupload/file`, with the following data:

- `file` (file content, required)
    The file to be stored.
- `name` (string, required)
    The (original) filename for the file to be stored.
- `reference` (string)
    An optional custom reference. This is not guaranteerd to be unique.
- `validation` (string, json)
    Optional Laravel validation rules, encoded as JSON. If these are given, the file content will be validated using these rules; if validation fails, the upload is not stored and a validation error message is returned.

Don't forget to include a CSRF token (in any standard way that Laravel accepts).

An example success response returned by the server:

```
{
    "success": true,
    "id": 79,
    "reference": "REF:804747507",
    "name": "test-file.jpg",
    "size": 129059,
    "mimetype": "image/jpeg"
}
```

The `id` value should be stored and used for further access to the file, as it is the unique identifier for this upload.

An example error response:

```
{
    "success": false,
    "error": "The file must be a file of type: txt."
}
```

### Deleting a file

[](#deleting-a-file)

Files that have been uploaded (using the user's own session) may be deleted using the module's delete route.

Send a `DELETE` request to `/cms/fileupload/file/{id}`.

Don't forget to include a CSRF token (in any standard way that Laravel accepts).

### Retrieving a file

[](#retrieving-a-file)

File uploads each have a record that can be looked up using the `FileRepository`:

```
$repository = app(\Czim\CmsUploadModule\Contracts\Repositories\FileRepositoryInterface::class);

// Look up an upload record by ID ...
$record = $repository->findById($fileRecordId);

// ... or by a manually set reference (returns a Collection)
$records = $repository->findByReference($referenceString);
```

### Security

[](#security)

As with any module, only authenticated CMS users can access its routes.

Additionally a non-admin user must have the following permissions:

Permission keyDescriptionfileupload.file.createUpload new files.fileupload.file.deleteDelete (your own) uploaded files.Or simply set `fileupload.file.*` for all of the above.

#### Session Guard

[](#session-guard)

Asynchronous uploads require special attention to security.

In addition to requiring validation and checks during file upload as well as during form submission, uploads are at risk of being hijacked by other CMS users.

This module offers a `SessionGuard` class to help prevent It is enabled by default: each upload will be linked to the user's session.

However, note that custom calls, such as accessing records through the `FileRepository` are not protected. The SessionGuard must be manually invoked to check:

```
$guard = app(\Czim\CmsUploadModule\Contracts\Support\Security\SessionGuardInterface::class);

if ( ! $guard->check($fileRecordId)) {
    throw new \Exception('Not your file!');
}
```

The session guard may be disabled by setting the `cms-upload-module.upload.restrict.session` config key to `false`.

Security beyond these basics, such as linking uploads to (CMS) users specifically, are not available out of the box. This should be implemented in your application or CMS module, if required.

### Checking whether the module is available

[](#checking-whether-the-module-is-available)

When writing a CMS module that uses this upload module, it is recommended to create fall-back behavior, in case the upload module is not available.

To check whether this module is available, you can ask the Core's module manager:

```
/** @var Czim\CmsCore\Contracts\Modules\ModuleManagerInterface $moduleManager */
$moduleManager = app(\Czim\CmsCore\Support\Enums\Component::MODULES);

if ($moduleManager->has('file-uploader')) {
    // The file upload module is available...
}
```

### Example

[](#example)

For an example of this module in use, check out the [Models Module](https://github.com/czim/laravel-cms-models).

It features form display strategies for [Stapler file](https://github.com/czim/laravel-cms-models/blob/master/src/Strategies/Form/Display/AttachmentStaplerFileStrategy.php)and [image](https://github.com/czim/laravel-cms-models/blob/master/src/Strategies/Form/Display/AttachmentStaplerImageStrategy.php)uploads, and a [store strategy](https://github.com/czim/laravel-cms-models/blob/master/src/Strategies/Form/Store/StaplerStrategy.php)that uses the upload module if it is loaded.

Garbage Collection
------------------

[](#garbage-collection)

Uploaded files that are not used, may clutter and bloat your application.

To help prevent this, automatic garbage collection is enabled by default. This works by lottery (there's a 1% chance for each file upload that cleanup is performed), and cleanup will delete files older than a day (but this time is configurable).

There is also an Artisan command available to perform cleanup:

```
php artisan cms:upload:cleanup
```

Contributing
------------

[](#contributing)

Please see [CONTRIBUTING](CONTRIBUTING.md) for details.

Credits
-------

[](#credits)

- [All Contributors](../../contributors)

License
-------

[](#license)

The MIT License (MIT). Please see [License File](LICENSE.md) for more information.

###  Health Score

29

—

LowBetter than 57% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity15

Limited adoption so far

Community4

Small or concentrated contributor base

Maturity62

Established project with proven stability

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~68 days

Total

5

Last Release

3057d ago

Major Versions

0.9.0 → 1.0.02017-05-26

PHP version history (2 changes)0.9.0PHP &gt;=5.5.9

1.0.3PHP &gt;=5.6.4

### Community

Maintainers

![](https://www.gravatar.com/avatar/1657b09521b6030fe32d864a493ded8b1dbbdf737ef3772135dfc123cea34767?d=identicon)[czim](/maintainers/czim)

---

Tags

cmslaravelmoduleupload-filelaravelfilecmsuploadmodule

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/czim-laravel-cms-upload-module/health.svg)

```
[![Health](https://phpackages.com/badges/czim-laravel-cms-upload-module/health.svg)](https://phpackages.com/packages/czim-laravel-cms-upload-module)
```

###  Alternatives

[czim/laravel-paperclip

Laravel Eloquent file attachment solution

80833.2k6](/packages/czim-laravel-paperclip)[erlandmuchasaj/laravel-file-uploader

A simple package to help you easily upload files to your laravel project.

139.0k](/packages/erlandmuchasaj-laravel-file-uploader)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
