PHPackages flagrow/upload - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [File & Storage](/categories/file-storage) 4. / 5. flagrow/upload Abandoned → [fof/upload](/?search=fof%2Fupload)Flarum-extension[File & Storage](/categories/file-storage) flagrow/upload ============== The file upload extension for the Flarum forum with insane intelligence. 0.7.1(7y ago)10251.7k101[42 issues](https://github.com/flagrow/upload/issues)[6 PRs](https://github.com/flagrow/upload/pulls)MITPHPCI passing Since Nov 3Pushed 1mo ago6 watchersCompare [ Source](https://github.com/flagrow/upload)[ Packagist](https://packagist.org/packages/flagrow/upload)[ RSS](/packages/flagrow-upload/feed)WikiDiscussions 2.x Synced 1mo ago READMEChangelog (10)Dependencies (6)Versions (49)Used By (0) Upload by FriendsOfFlarum ========================= [](#upload-by-friendsofflarum) [![MIT license](https://camo.githubusercontent.com/7013272bd27ece47364536a221edb554cd69683b68a46fc0ee96881174c4214c/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d626c75652e737667)](https://github.com/FriendsOfFlarum/upload/blob/master/LICENSE.md) [![Latest Stable Version](https://camo.githubusercontent.com/61961df5d2d6c20d6cd2c86bed60800f19ad10fb1949755304e581410e413d88/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f666f662f75706c6f61642e737667)](https://packagist.org/packages/fof/upload) [![Total Downloads](https://camo.githubusercontent.com/feb366ed3de14ecb3dff8a616f121fa4650da5eee4759b3ee341948a2afa5883/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f666f662f75706c6f61642e737667)](https://packagist.org/packages/fof/upload) [![OpenCollective](https://camo.githubusercontent.com/1903c197bb0307e60d6328653532b8a6b9890b898fbc92e314ab39d699491e74/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6f70656e636f6c6c6563746976652d666f662d626c75652e737667)](https://opencollective.com/fof/donate) An extension that handles file uploads intelligently for your forum. Features -------- [](#features) - For images: - Auto watermarks with proportional scaling, opacity and padding controls. - Auto resizing. - Dimension storage (width × height) for JPEG, PNG, and GIF — prevents layout shifts when images lazy-load. - WebP thumbnail generation at upload time — reduces bandwidth; clicking the thumbnail opens the original in a new tab. - Animated GIF support for resize operations. - Mime type to upload adapter mapping. - Whitelisting mime types. - Uploading on different storage services (local, imgur, AWS S3 for instance). - Drag and drop uploads. - Uploading multiple files at once (button and drag and drop both support this). - Easily extendable, the extension heavily relies on Events. - Extender interface to disable or force particular adapters (see below) Installation ------------ [](#installation) Install manually: ``` composer require fof/upload:"*" ``` Updating -------- [](#updating) ``` composer require fof/upload:"*" php flarum migrate php flarum cache:clear ``` Configuration ------------- [](#configuration) Enable the extension, a new tab will appear on the left hand side. This separate settings page allows you to further configure the extension. On new installations, a pre-defined regex will be inserted for you that enables image uploads, restricted to safe image types. We now include SVG as safe, due to our SVG sanitization method. Default image types allowed are: - JPEG - PNG - GIF - WebP - AVIF - BMP - TIFF - SVG The regex for these types is `^image\/(jpeg|png|gif|webp|avif|bmp|tiff|svg\+xml)$`, and can be modified as required. We **STRONGLY** discourage the use of a wildcard such as `^image\/.*`, as this could introduce vulnerabilities in the uploaded files. Versions of `fof/upload` prior to `1.8.0` used this as default, and is considered insecure. Make sure you configure the upload permission on the permissions page as well. ### Per-Mime-Type Permission Scoping [](#per-mime-type-permission-scoping) Each mime type row can be given an optional **Permission label** (e.g. `Images`, `Videos`, `Documents`). When a label is set, FoF Upload automatically: 1. Creates a dedicated permission in the Flarum permission grid — e.g. `Upload Images` — scoped to the **Start** section. 2. Defaults that permission to the **Member** group on first use, preserving existing access. 3. Enforces **AND logic**: a user must hold *both* the base `Upload files` permission *and* the mime-specific permission to upload that file type. **Use cases:** - Allow Members to upload images but restrict video uploads to Staff. - Require a "Trusted" group role to upload ZIP archives or executable files. - Mix restricted and unrestricted types freely — mime types without a permission label require only the base upload permission (fully backwards-compatible). **How to configure:** 1. Go to **Admin → Extensions → FoF Upload**. 2. In the Mime Types section, enter a label in the **Permission label** field for any type you want to restrict (e.g. `Images`). 3. Save settings — the permission appears immediately in **Admin → Permissions** under the Start section. 4. Adjust which groups have that permission as needed. ### Watermark Configuration [](#watermark-configuration) When **Watermark images** is enabled, FoF Upload stamps every uploaded JPEG or PNG with a watermark image. Three settings let you control how the watermark looks: SettingDefaultDescription**Watermark size (% of image width)**`25`The watermark is scaled so its width equals this percentage of the uploaded image's width. A value of `25` means the watermark will always be one-quarter the width of the image, regardless of upload dimensions.**Watermark opacity (0–100)**`100`Opacity of the placed watermark. `100` is fully opaque; `0` is invisible.**Padding from edge (px)**`10`Inward pixel offset from the corner or edge set by the **Position** field. Set to `0` to place the watermark flush against the edge.**How to configure:** 1. Go to **Admin → Extensions → FoF Upload**. 2. Enable **Watermark images** and upload your watermark file. 3. Choose a **Position** (e.g. `bottom-right`). 4. Adjust size %, opacity, and padding to taste. 5. Save — the settings are applied to every new image upload. > **Backwards compatibility:** Existing installs that used watermarks before these settings were introduced will use the defaults on next upload: 25% width, 100% opacity, 10 px padding. Set padding to `0` to restore the previous flush-edge behaviour. ### Image Dimensions & Layout Shift Prevention [](#image-dimensions--layout-shift-prevention) FoF Upload automatically stores the width and height (in pixels) of every JPEG, PNG, and GIF processed at upload time. These are recorded after any resizing or EXIF orientation correction is applied, so they always reflect the **final image as stored**. The stored dimensions are injected as `width` and `height` HTML attributes on the `` tag rendered by the **Image Preview** template. Modern browsers use these attributes to reserve the correct amount of layout space before the image has loaded, eliminating [Cumulative Layout Shift (CLS)](https://web.dev/cls/) in threads that contain lazy-loaded images. **No configuration is required** — this happens automatically for all new JPEG, PNG, and GIF uploads. Images uploaded before this feature was added will not have stored dimensions; they continue to render without `width`/`height` attributes and are unaffected. > **GIF support:** Animated GIF uploads now also benefit from the **Resize images** setting. Watermarks are intentionally not applied to GIFs to avoid palette quality degradation. ### Image Thumbnails [](#image-thumbnails) FoF Upload can generate a **downscaled thumbnail** at upload time to significantly reduce bandwidth for large-image forums. The original file is always kept intact. When enabled, the **Image Preview** template displays the thumbnail as the visible image and wraps it in a link to the original — clicking the image opens the full-resolution file in a new tab. #### How it works [](#how-it-works) 1. After the image is processed (resize, watermark, orientation), a copy is scaled down to a configurable maximum width (default: **1000 px**). 2. The thumbnail is encoded as **WebP** by default (~30% smaller than JPEG at equivalent quality) or in the original format if WebP is disabled. 3. The thumbnail is stored alongside the original in the same storage backend (Local, S3, Qiniu). Imgur uploads are excluded — Imgur manages its own thumbnails. 4. The thumbnail **path** is stored in the database. The full URL is derived from the live storage hostname at render time (same as the main file URL), so CDN domain changes are reflected automatically without re-processing. #### Settings [](#settings) SettingDefaultDescription**Generate thumbnails on upload**OnMaster toggle. Disable to revert to full-resolution images in the Image Preview template.**Encode thumbnails as WebP**OnUse WebP encoding for the thumbnail. Disable to use the original image format (JPEG/PNG/GIF).**Thumbnail max width (px)**`1000`Thumbnails are scaled down so neither dimension exceeds this value. Images smaller than this are not upscaled.#### Backwards compatibility [](#backwards-compatibility) - **Old posts:** Existing posts have no `thumbnail_path` stored. The formatter falls back to the original full-resolution URL — no change in appearance. - **Imgur uploads:** Thumbnails are not generated (Imgur handles image hosting directly). - **Private-shared files:** Thumbnails are not generated for private files. ### Storage Configuration [](#storage-configuration) FoF Upload supports configuration via both the admin panel (database settings) and environment variables. **Environment variables take precedence** over database settings when configured. #### Environment Variable Configuration [](#environment-variable-configuration) You can configure storage adapters using environment variables, which is particularly useful for: - Docker/containerized deployments - CI/CD pipelines - Multi-environment setups (dev/staging/production) - Keeping credentials out of the database ##### AWS S3 / S3-Compatible Storage [](#aws-s3--s3-compatible-storage) To configure S3 via environment variables, set **all four required variables**: ``` # Required (all 4 must be set) FOF_UPLOAD_AWS_S3_KEY=your-access-key FOF_UPLOAD_AWS_S3_SECRET=your-secret-key FOF_UPLOAD_AWS_S3_BUCKET=your-bucket-name FOF_UPLOAD_AWS_S3_REGION=us-east-1 # Optional FOF_UPLOAD_AWS_S3_ACL=public-read # Object ACL (public-read, private, etc.) FOF_UPLOAD_AWS_S3_ENDPOINT=https://s3.example.com # For S3-compatible services (MinIO, Wasabi, etc.) FOF_UPLOAD_AWS_S3_PATH_STYLE_ENDPOINT=true # Required for MinIO and some S3-compatible services FOF_UPLOAD_AWS_S3_CUSTOM_URL=https://cdn.example.com # Custom domain for your bucket FOF_UPLOAD_CDN_URL=https://cdn.example.com # CDN URL for serving files ``` **IAM Role Authentication (EC2/ECS/EKS)**: For environments with IAM roles (EC2 instances, ECS tasks, EKS pods), you can omit credentials: ``` # Required for IAM mode FOF_UPLOAD_AWS_S3_BUCKET=your-bucket-name FOF_UPLOAD_AWS_S3_REGION=us-east-1 FOF_UPLOAD_AWS_S3_USE_IAM=true # Enable IAM role authentication # Optional (same as above) FOF_UPLOAD_AWS_S3_ACL=public-read FOF_UPLOAD_CDN_URL=https://cdn.example.com ``` When `FOF_UPLOAD_AWS_S3_USE_IAM=true`, credentials are not required and the AWS SDK will automatically use the instance/pod IAM role. **Important Notes:** - Traditional mode: All 4 variables (`KEY`, `SECRET`, `BUCKET`, `REGION`) must be set - IAM mode: Only `BUCKET`, `REGION`, and `USE_IAM=true` are required - If any required variable is missing, the extension falls back to database settings - Environment variables always override database settings when fully configured ##### S3-Compatible Services [](#s3-compatible-services) **LocalStack** (local development): ``` FOF_UPLOAD_AWS_S3_KEY=test FOF_UPLOAD_AWS_S3_SECRET=test FOF_UPLOAD_AWS_S3_BUCKET=uploads FOF_UPLOAD_AWS_S3_REGION=us-east-1 FOF_UPLOAD_AWS_S3_ENDPOINT=http://localhost:4566 FOF_UPLOAD_AWS_S3_PATH_STYLE_ENDPOINT=true # Required for LocalStack! ``` **MinIO** (self-hosted): ``` FOF_UPLOAD_AWS_S3_KEY=minioadmin FOF_UPLOAD_AWS_S3_SECRET=minioadmin FOF_UPLOAD_AWS_S3_BUCKET=uploads FOF_UPLOAD_AWS_S3_REGION=us-east-1 FOF_UPLOAD_AWS_S3_ENDPOINT=https://minio.example.com FOF_UPLOAD_AWS_S3_PATH_STYLE_ENDPOINT=true # Required for MinIO! ``` **DigitalOcean Spaces**: ``` FOF_UPLOAD_AWS_S3_KEY=your-spaces-key FOF_UPLOAD_AWS_S3_SECRET=your-spaces-secret FOF_UPLOAD_AWS_S3_BUCKET=your-space-name FOF_UPLOAD_AWS_S3_REGION=nyc3 FOF_UPLOAD_AWS_S3_ENDPOINT=https://nyc3.digitaloceanspaces.com ``` **Wasabi**: ``` FOF_UPLOAD_AWS_S3_KEY=your-wasabi-key FOF_UPLOAD_AWS_S3_SECRET=your-wasabi-secret FOF_UPLOAD_AWS_S3_BUCKET=your-bucket FOF_UPLOAD_AWS_S3_REGION=us-east-1 FOF_UPLOAD_AWS_S3_ENDPOINT=https://s3.wasabisys.com ``` **Backblaze B2**: ``` FOF_UPLOAD_AWS_S3_KEY=your-key-id FOF_UPLOAD_AWS_S3_SECRET=your-application-key FOF_UPLOAD_AWS_S3_BUCKET=your-bucket FOF_UPLOAD_AWS_S3_REGION=us-west-004 FOF_UPLOAD_AWS_S3_ENDPOINT=https://s3.us-west-004.backblazeb2.com ``` ##### Local Storage with CDN [](#local-storage-with-cdn) For local storage with a CDN in front: ``` FOF_UPLOAD_CDN_URL=https://cdn.example.com ``` #### Configuration Priority [](#configuration-priority) 1. **Environment Variables** (highest priority - when all required vars are set) 2. **Database Settings** (admin panel configuration) 3. **Defaults** (null values if neither is configured) ### Mimetype regular expression [](#mimetype-regular-expression) Regular expressions allow you a lot of freedom, but they are also very difficult to understand. Here are some pointers, but feel free to ask for help on the official Flarum forums, or check out [regex101.com](https://regex101.com/) where you can interactively build and test your regex pattern. In case you want to allow all regular file types including video, music, compressed files and images, use this: ``` (video\/(3gpp|mp4|mpeg|quicktime|webm))|(audio\/(aiff|midi|mpeg|mp4))|(image\/(gif|jpeg|png))|(application\/(x-(7z|rar|zip)-compressed|zip|arj|x-(bzip2|gzip|lha|stuffit|tar)|pdf)) ``` A mimetype consists of a primary and secondary type. The primary type can be `image`, `video` and `application` for instance. The secondary is like a more detailed specification, eg `png`, `pdf` etc. These two are divided by a `/`, in regex you have to escape this character by using: `\/`. ### Disable or Force a particular adapter [](#disable-or-force-a-particular-adapter) In some circumstances, you may wish to either disable an adapter, or force the use of one. This is set in your root `extend.php` file. For example, you may disable `imgur` ``` (new FoF\Upload\Extend\Adapters()) ->disable('imgur'), ``` Chaining of multiple commands is also possible: ``` (new FoF\Upload\Extend\Adapters()) ->disable('imgur') ->disable('aws-s3'), ``` You may also force an adapter: ``` (new FoF\Upload\Extend\Adapters()) ->force('imgur'), ``` Adapter names currently available: - `local` - `imgur` - `qiniu` - `aws-s3` Commands -------- [](#commands) ### MapFilesCommand [](#mapfilescommand) The `php flarum fof:upload` command helps you keep file storage clean by mapping uploaded files to the posts they appear in, and removing files that were never used in any post (e.g. uploaded by a user who never submitted their draft, or by spammers abusing the upload endpoint). #### How matching works [](#how-matching-works) When a post is saved or edited, files are automatically linked to it based on what appears in the post content. The command's `--map` flag lets you rebuild these associations in bulk — useful after an import, a migration, or if associations were lost. Matching looks for the file's **URL or UUID** in post content, so all built-in templates are covered: TemplateWhat appears in post contentDefault File Download`[upl-file uuid=… size=…]name[/upl-file]` — UUID onlyImage Preview`[upl-image-preview uuid=… url=…]` — bothImage`[upl-image uuid=… url=…]` — bothText Preview`[upl-text-preview uuid=… url=…]` — bothJust URLraw URLMarkdown Image`![alt](url)`BBCode Image`[URL=…][IMG]…[/IMG][/URL]`> **Note:** Shared files (uploaded via the shared file manager) are intentionally not associated with individual posts and are **never** removed by cleanup. #### Options [](#options) OptionDescription`--map`Scan all posts and link files to the posts where they appear. Safe to run at any time.`--cleanup`Delete files that have no post associations and were uploaded before the cutoff date. Always run `--map` first.`--cleanup-before=DATE`Set the cutoff date for cleanup. Any date string accepted by PHP's `strtotime` works: `"yesterday"`, `"1 week ago"`, `"2024-01-01"`, `"now"`. Defaults to 24 hours ago.`--force`Skip per-file confirmation prompts. **Use with caution.**#### Examples [](#examples) Map files only (no deletions): ``` php flarum fof:upload --map ``` Map and clean up files uploaded more than a month ago that have no post association — with per-file confirmation: ``` php flarum fof:upload --map --cleanup --cleanup-before="1 month ago" ``` Same, but skip confirmation prompts (suitable for a cronjob): ``` php flarum fof:upload --map --cleanup --cleanup-before="1 month ago" --force ``` #### Recommended workflow [](#recommended-workflow) > **Always run `--map` before `--cleanup`.** Without mapping first, files that are genuinely in use may appear orphaned and be deleted. 1. Run `--map` first to rebuild file-to-post associations. 2. Review what would be deleted by running `--cleanup` without `--force` (you will be prompted per file). 3. Once satisfied, add `--force` for unattended runs. For ongoing maintenance, a daily cronjob is a sensible setup: ``` # Remove files older than 24 hours (the default) that are not in any post php flarum fof:upload --map --cleanup --force ``` ### BackfillImageDimensionsCommand [](#backfillimagedimensionscommand) The `php flarum fof:upload:backfill-dimensions` command retroactively stores `image_width` and `image_height` for existing JPEG, PNG, and GIF uploads that were created before the dimension-storage feature was introduced. The command downloads each image (using whatever storage backend the file was uploaded to — local, S3, CDN, etc.), reads its dimensions with Intervention Image, and saves them to the database. Images that already have dimensions stored are skipped automatically. #### Options [](#options-1) OptionDescription`--chunk=N`Process files in batches of N (default: `100`). Reduce this if memory is a concern.`--dry-run`Print how many images would be processed without making any changes.#### Examples [](#examples-1) Preview how many images need backfilling: ``` php flarum fof:upload:backfill-dimensions --dry-run ``` Run the backfill with the default chunk size: ``` php flarum fof:upload:backfill-dimensions ``` Run with a smaller chunk size on a large forum: ``` php flarum fof:upload:backfill-dimensions --chunk=25 ``` > **Note:** The command is safe to run multiple times — it only processes images where `image_width` is still `NULL`. If a file is unreachable (e.g. deleted from storage) it is skipped with a warning and the command continues. ### BackfillThumbnailsCommand [](#backfillthumbnailscommand) The `php flarum fof:upload:backfill-thumbnails` command generates thumbnails for existing JPEG, PNG, and GIF uploads that were created before the thumbnail feature was introduced (or while the feature was disabled). The command downloads each image via the same storage backend used to upload it, scales it to the configured thumbnail width, encodes it as WebP (or the original format if WebP is disabled), and writes the thumbnail file alongside the original. Uploads already having a `thumbnail_url` are skipped automatically. > **Note:** Imgur and private-shared uploads are skipped — thumbnails are not supported for those backends. #### Options [](#options-2) OptionDescription`--chunk=N`Process files in batches of N (default: `50`). Reduce this on very large forums.`--dry-run`Print how many images would be processed without making any changes.#### Examples [](#examples-2) Preview how many images need thumbnails: ``` php flarum fof:upload:backfill-thumbnails --dry-run ``` Run with the default chunk size: ``` php flarum fof:upload:backfill-thumbnails ``` Run with a smaller chunk size on a large forum: ``` php flarum fof:upload:backfill-thumbnails --chunk=20 ``` > **Note:** The command is safe to run multiple times. If a file is unreachable it is skipped with a warning and processing continues. Testing and Security Measures ----------------------------- [](#testing-and-security-measures) FoF Upload includes **automated tests** to ensure: ✅ Valid files upload successfully ✅ Restricted files are blocked ✅ SVG sanitization removes potential XSS risks ### 🔍 Security Tests for Malicious Files [](#-security-tests-for-malicious-files) We specifically test against: - HTML Injection (`.html` disguised as an image) - MIME Spoofing (e.g., `.png` containing a script) - Polygot Files (Files that act as two different formats) - SVG Sanitization (``, ``, event handlers, external styles, etc) - ZIP & APK Handling (Ensuring APKs are valid and ZIPs are not misclassified) ### Submitting Additional Test Cases [](#submitting-additional-test-cases) We welcome community contributes in all our extensions! Especially where security is concerned. If you find a new edge case or a file format that bypasses validation, please: - Open an issue on [GitHub](https://github.com/FriendsOfFlarum/upload/issues) - Submit a test case as a PR under `tests/` - Describe the expected behaviour (Should the file be accepted? Should it be sanitized?) 🚀 These tests ensure FoF Upload remains secure and reliable for all Flarum users! 🚀 FAQ --- [](#faq) - **AWS S3**: read the [AWS S3 configuration page](https://github.com/FriendsOfFlarum/upload/wiki/aws-s3). - **Adding Templates**: read the [Custom Templates wiki page](https://github.com/FriendsOfFlarum/upload/wiki/Custom-Templates). - **Upgrading from flagrow/upload**: read the [wiki article](https://github.com/FriendsOfFlarum/upload/wiki/Upgrade-from-Flagrow-Upload). Links ----- [](#links) - [![OpenCollective](https://camo.githubusercontent.com/8ea53c451470d1a72789d650c77e2b22eee915f7fbf2cbeeeeaa25f47301efe2/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f646f6e6174652d667269656e64736f66666c6172756d2d3434414545353f7374796c653d666f722d7468652d6261646765266c6f676f3d6f70656e2d636f6c6c656374697665)](https://opencollective.com/fof/donate) - [Flarum Discuss post](https://discuss.flarum.org/d/4154) - [Source code on GitHub](https://github.com/FriendsOfFlarum/upload) - [Report an issue](https://github.com/FriendsOfFlarum/upload/issues) - [Download via Packagist](https://packagist.org/packages/fof/upload) An extension by [FriendsOfFlarum](https://github.com/FriendsOfFlarum) ### Health Score 50 — FairBetter than 96% of packages Maintenance51 Moderate activity, may be stable Popularity44 Moderate usage in the ecosystem Community30 Small or concentrated contributor base Maturity66 Established project with proven stability Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~18 days Recently: every ~100 days Total 43 Last Release 2708d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/504687?v=4)[Daniël Klabbers](/maintainers/Luceos)[@luceos](https://github.com/luceos) --- Top Contributors [![luceos](https://avatars.githubusercontent.com/u/504687?v=4)](https://github.com/luceos "luceos (187 commits)")[![imorland](https://avatars.githubusercontent.com/u/16573496?v=4)](https://github.com/imorland "imorland (100 commits)")[![flarum-bot](https://avatars.githubusercontent.com/u/39334649?v=4)](https://github.com/flarum-bot "flarum-bot (62 commits)")[![clarkwinkelmann](https://avatars.githubusercontent.com/u/5264300?v=4)](https://github.com/clarkwinkelmann "clarkwinkelmann (34 commits)")[![StyleCIBot](https://avatars.githubusercontent.com/u/11048387?v=4)](https://github.com/StyleCIBot "StyleCIBot (15 commits)")[![davwheat](https://avatars.githubusercontent.com/u/7406822?v=4)](https://github.com/davwheat "davwheat (13 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (11 commits)")[![DavideIadeluca](https://avatars.githubusercontent.com/u/146922689?v=4)](https://github.com/DavideIadeluca "DavideIadeluca (10 commits)")[![rylat](https://avatars.githubusercontent.com/u/6824779?v=4)](https://github.com/rylat "rylat (7 commits)")[![SychO9](https://avatars.githubusercontent.com/u/20267363?v=4)](https://github.com/SychO9 "SychO9 (5 commits)")[![ImakuTranslate](https://avatars.githubusercontent.com/u/25817039?v=4)](https://github.com/ImakuTranslate "ImakuTranslate (3 commits)")[![rafaucau](https://avatars.githubusercontent.com/u/25438601?v=4)](https://github.com/rafaucau "rafaucau (3 commits)")[![askvortsov1](https://avatars.githubusercontent.com/u/38059171?v=4)](https://github.com/askvortsov1 "askvortsov1 (3 commits)")[![tony199555](https://avatars.githubusercontent.com/u/11675398?v=4)](https://github.com/tony199555 "tony199555 (2 commits)")[![Hiobi](https://avatars.githubusercontent.com/u/2171856?v=4)](https://github.com/Hiobi "Hiobi (2 commits)")[![KonstantinCodes](https://avatars.githubusercontent.com/u/844484?v=4)](https://github.com/KonstantinCodes "KonstantinCodes (2 commits)")[![KyrneDev](https://avatars.githubusercontent.com/u/13856015?v=4)](https://github.com/KyrneDev "KyrneDev (2 commits)")[![skmedix](https://avatars.githubusercontent.com/u/3246162?v=4)](https://github.com/skmedix "skmedix (2 commits)")[![theFlob](https://avatars.githubusercontent.com/u/9917848?v=4)](https://github.com/theFlob "theFlob (2 commits)")[![Nexulo](https://avatars.githubusercontent.com/u/25121005?v=4)](https://github.com/Nexulo "Nexulo (1 commits)") --- Tags clipboarddrag-and-dropflagrowflarumflarum-extensionuploadfileuploadflarumflagrow ### Embed Badge ![Health badge](/badges/flagrow-upload/health.svg) ``` [![Health](https://phpackages.com/badges/flagrow-upload/health.svg)](https://phpackages.com/packages/flagrow-upload) ``` ### Alternatives [fof/upload The file upload extension for the Flarum forum with insane intelligence. 188171.7k15](/packages/fof-upload)[kartik-v/bootstrap-fileinput An enhanced HTML 5 file input for Bootstrap 5.x, 4.x, and 3.x with features for file preview for many file types, multiple selection, ajax uploads, and more. 5.4k7.9M13](/packages/kartik-v-bootstrap-fileinput)[unisharp/laravel-filemanager A file upload/editor intended for use with Laravel 5 to 10 and CKEditor / TinyMCE 2.2k3.3M74](/packages/unisharp-laravel-filemanager)[sonata-project/media-bundle Symfony SonataMediaBundle 4625.5M71](/packages/sonata-project-media-bundle)[kartik-v/yii2-widget-fileinput An enhanced FileInput widget for Bootstrap 3.x, 4.x & 5.x with file preview, multiple selection, and more features (sub repo split from yii2-widgets) 2286.8M95](/packages/kartik-v-yii2-widget-fileinput)[czim/laravel-paperclip Laravel Eloquent file attachment solution 80802.1k6](/packages/czim-laravel-paperclip) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)