/laravel-filemanager

Laravel file manager / media gallery with CKEditor, TinyMCE and Summernote support.

Primary LanguagePHPMIT LicenseMIT

Laravel Filemanager

Latest Stable Version Total Downloads License

v1.8 released

  • Please follow the intructions in upgrade document.
  • Important changes :
    • Fix Windows compatibility (utf-8 file names and folder names).
    • New feature : Copy & Crop. Thanks gwleuverink.
    • Config document is refactored.

Security

It is important to note that if you use your own routes you must protect your routes to Laravel-Filemanager in order to prevent unauthorized uploads to your server. Fortunately, Laravel makes this very easy.

If, for example, you want to ensure that only logged in users have the ability to access the Laravel-Filemanager, simply wrap the routes in a group, perhaps like this:

Route::group(['middleware' => 'auth'], function () {
    Route::get('/laravel-filemanager', '\Unisharp\Laravelfilemanager\controllers\LfmController@show');
    Route::post('/laravel-filemanager/upload', '\Unisharp\Laravelfilemanager\controllers\UploadController@upload');
    // list all lfm routes here...
});

This approach ensures that only authenticated users have access to the Laravel-Filemanager. If you are using Middleware or some other approach to enforce security, modify as needed.

If you use the laravel-filemanager default route, make sure the auth middleware (set in config/lfm.php) is enabled and functional.

v2.0 progress

  • (done) Unit test
  • (done, need manual tests) Integrate with Laravel Storage
  • (in progress) Multiple selection
  • (in progress) Responsive design
  • (in progress) Config refactoring
  • JSON APIs
  • Move to folder function

Contributors & Credits

Developers / Maintainers

Contributors

  • All contibutors from GitHub. (issues / PR)
  • @taswler the original author of this package.
  • Nathan for providing security suggestions.

Credits