clem’s labs: entry

The author published this entry on Sunday 11 November, 2007 at 23:46. It's been filed in the projects category

w2box file repository for PHP

A simple php script to upload and download files. There is no complex user management as it aims for private file repository use. Supporting direct file deletion using AJAX, instant table sort using a self modified version of sorttable.js and finally upload file progressbar using a cgi(perl) script.

If you want to know more about those technologies, go to more information section.


  • Easy upload form
  • Allow to define which kind of file can be uploaded
  • Limit max file size
  • On page table sort (by name, date, type, size)
  • Direct deletion using AJAX
  • View file by clicking on them
  • Direct download by clicking on the download arrow
  • Protect and hide upload or/and delete functions only for admin
  • Logging upload/delete actions (time ip action)
  • Upload progress bar (disable by default)

Online Demo

Visit the online demo. Delete the deleteme.txt file or upload some meaningless files.

How to Install

Download w2box 4.1 (~46 KiB)


This script is licensed under a Creative Commons License. It allows you to use and modify the script for noncommercial purposes only. If w2box solves your needs, please make a small donation. Thank you!

For commercial use, make a fair donation of at least €10 or more, especially if you using it on multiple domains or for contract work.


  • 4.1 Bug fixes, more languages and icons
  • 4.0.0Beta5 Redirection and security fixes and more languages
  • 4.0.0Beta4 More folders bug fixes
  • 4.0.0Beta3 Folders bug fixes
  • 4.0.0Beta2 Safari fix
  • 4.0.0Beta Folder and multi language support
  • 3.3.2 Security fix
  • 3.3.1 Extention fix
  • 3.3 Authentification fix for some host and cgi redirection fix
  • 3.2 Fixed chmod issues, simplified directory structure and files
  • 3.1.3 Improved upload.cgi error and aborted upload cleanup
  • 3.1 Added icons, date and auto-deleting
  • 3.0.3 Fixed file perms bug
  • 3.0.2 Fixed direct linking
  • 3.0.1 Fixed minor strange bug
  • 3.0 Finally a upload progress bar (under windows&linux)
  • 2.5.1 Fixed hide upload form
  • 2.5 Easier configuration, localisation & many fixes
  • 2.3 Possibilty to log upload and delete actions
  • 2.2 Deletion is working for international charsets
  • 2.1 Fixed some weird FF bug and allow client without javascript
  • 2.0.1 Fixed a javascript bug for Opera
  • 2.0 Added admin authorization to protect/hide upload/delete
  • 1.6 Fixed issues with filename characters
  • 1.5.2 Fixed some css bugs
  • 1.5 Better error management, removed sajax using prototype.js
  • 1.0 Initial Release


I’ve just unpacked w2box and got an error 500 ?

It seems that some server configuration doesn’t support the .htaccess file. Just delete that file.

How to enable the upload progress bar ?

Enabling the progress bar can be a bit trickier. That’s why it is disabled by default. Before enable it, make sure the script works without it.

If it’s working, make sure the first line of upload.cgi is right according to where you have perl (on standard unix config, you probably don’t need to do anything) and the file will probably require to be chmod 755 in order to be executed. You can check if the perl script is working by opening it. You should get “CGI Working” like by example on my server.

If you don’t get an error, the default temporary dir is working. By default, it is set to “tmp” in the same folder as w2box. However, you might prefer to change it to a full path like /tmp or ~/tmp. Make sure to change it in both upload.cgi and config.php.

Finally, you can turn the variable upload_progressbar to true in config.php and hopefully it will works.

How could I password protect entriely w2box ?

The best was to protect the whole box and your files is to use apache http access protection. You can use this utility to make the required files. If you are using the admin feature, do not forget to add the admin username/password as a user in the htpassword file.

How to increase the maximum file size limit ?

By default the script is set to a maximum file size of 50MiB and use a .htaccess file to try to configure php to allow such maximum file size. However, if it doesn’t work you should modify the post_max_size & upload_max_filesize variables in php.ini which is the php configuration file. It is related to your webhost, therefore you should check with them if you are allowed to change them and how to do it.

Why files aren’t complete when using the downloading feature ?

There is an inherent problem with readfile() in PHP 5.0.4. Upgrade to the last version of php.

Why am I getting error 404 when I am accessing folders ?

Folders require the .htaccess file to work properly (which might be hidden depending your OS). Be sure that the .htaccess file is in the w2box folder and enable .htaccess support and mod_rewrite in your httpd.conf of the apache webserver.


The Buzz {9 trackbacks/pingbacks}

  1. Pingback: FTP Download help requested. - on November 8, 2008
  2. Pingback: 今日のリンク | Oyaji Blog on May 8, 2009
  3. Pingback: W2box - File repository! | Gomah TV © 2009 on May 22, 2009
  4. Pingback: w2box – file repository for PHP » Angelikovo on January 26, 2010
  5. Pingback: [Linkdump #15] PHP – Przyszedł Haker i… Popsuł. | Tomasz Kowalczyk on October 31, 2010
  6. Pingback: Ca mange pas de pain » Systèmes de gestion de dossiers en ligne on December 9, 2010
  7. Pingback: W2Box 4.1 – Gérer les fichiers présents sur son FTP! | Gomah on June 4, 2011
  8. Pingback: Send File to Owner on June 28, 2011
  9. Pingback: Recommendations for a secure (and simple) dropbox system - Admins Goodies on August 21, 2011

The Conversation {152 comments}

  1. Ahmaz 13 October, 08 @ 6:56 am

    Great program..has a lot of potential!

  2. Ahmaz 13 October, 08 @ 7:12 am

    Oh by the way, folder support won’t work without enabling direct link support =o
    But then again, it’s still a WIP ;]

  3. Michael 14 October, 08 @ 10:37 pm

    Hi AHMAZ,

    U manage to get the folders to work? how to enable direct link support = 0?

  4. Ahmaz 17 October, 08 @ 2:52 am

    Hi Michael,
    Actually I did not get it to work….I keep getting 404 errors. I’m pretty sure I’ve set everything right…

    What I meant with the last comment was that in order for folder support to work, you needed to enable direct link support. Logically, it can be enabled through config.php

  5. Hi Profile 20 October, 08 @ 11:32 am

    I can’t seem to get the cgi file to work to show file upload progress bar.
    The manager works great and the file uploads are wokrling fine. I get the following message from the upload.cgi file when it is run. ” The tmp directory doesn’t exist. Please correct upload.cgi!” hen the file does not upload
    If i change the line $config[‘upload_progressbar’]=false; o $config[‘upload_progressbar’]=true; in the config file.
    Any suggestions or ideas as the how to properly setup the path. I ususally just leave the tmp path as tmp and it works okay for other scripts. I have also tried the direct path fro mthe server to a temp folder. I also chmod the temp folder to make sure it can write to the folder but still not luck. thansk for any tips etc..

  6. Mike 21 October, 08 @ 10:17 pm

    AWESOME product. I was impressed with how easy it was to install and configure.

    Feature requests =):

    – Ability to restrict the total amount of disk space taken up… that way malicious users can’t eat up the entire hard disk.

    – E-mail notifications. Ability for admins to become aware if/when a file is uploaded.

    – Upload/Download rights by one-time use tags. Combined with e-mail notifications. Just a thought. =)

    Thank you again for making this app. IT’s sooooo helpful!

  7. Dexter 22 October, 08 @ 4:06 pm

    really great script!
    I’ve tweaked it to suite my needs and its really easy to modify.

    One thing that it misses is the password protection for each directory, I’m working on a mod that can implement it

    It should need:
    -new boxes in the form (username/password)
    -if around the script to print out a lock icon on selected folders
    -htaccess creation/update for each directory

  8. clem 23 October, 08 @ 10:43 am

    Using full unix path instead of relative path might helps. You should edit the upload.cgi file to correct this.


  9. JURI 24 October, 08 @ 4:37 pm

    very interesting script!

    But it upload files without upload.cgi… Why?
    I try local (WindowsXP, EasyPHP1-8, w2box 3.3.2 )

    Script worked normally.

    Further I attempted enable progress bar.
    I set temporary dir to “/tmp” in upload.cgi, config.php and $config[‘upload_progressbar’]=true.
    But progress bar do not work.

    I watched for temporary files (“xxxx_postdata”, “xxxx_flength” …)
    where uploading big files.
    But I have not seen it …

    Then I deleted upload.cgi
    I was surprised, script prolonged to work, and normally uploaded files

    Why ??????????

    w2box 4.0.0Beta5 worked without upload.cgi too

  10. interesteduser 28 October, 08 @ 3:25 pm

    Did the 4.0.0Beta5 version fix the vulnerability identified in Bugtraq ID: 23975?

    If so, please notify SecurityFocus:

  11. Jank 28 October, 08 @ 5:33 pm

    Great project! I too am having problems with the folders. Error 404, keeps coming up…I tried .htaccess, and checked to make sure the .htaccess support and mod_rewrite was enabled….

    I will look into trying to enable the direct link support via the config.php

    Any additional thought on the folder support CLEM?


  12. clem 31 October, 08 @ 5:57 pm

    upload.cgi is needed only when the progress bar is active.
    yes, there shouldn’t be any exploit now otherwise my demo site would be hacked.
    404 for folders is usually a non working mod_rewrite or htaccess support. Be sure that it works. you might contact your webhost.

  13. amorvi 02 November, 08 @ 3:55 am

    Hey, great script thanks works just as wanted.

    I have a question about dates, both those used in the log and in the table to show when a folder was updated. How would I change those to reflect UTC time?

    Thanks again!

  14. PinesSigns 05 November, 08 @ 4:26 pm

    Hi All, great app. Question:

    I’ve password protected the directory that this application sits in with .htaccess, however, now when I try and log-in to admin, it fails. It will not accespt the user/pass at all. Is there a conflict I am unaware of? Is my htaccess file missing something?

    AuthUserFile .htpasswd
    AuthGroupFile /dev/null
    AuthName “EnterPassword”
    AuthType Basic

    require valid-user

    RewriteEngine on

    RewriteCond %{QUERY_STRING} ^$
    RewriteRule ([^\s]+).php$ $1.php?BAD_HOSTING=%{HTTP:Authorization}

    RewriteCond %{QUERY_STRING} ^(.+)$
    RewriteRule ([^\s]+).php $1.php?%1&BAD_HOSTING=%{HTTP:Authorization}

  15. stan 06 November, 08 @ 4:27 pm

    interesting script, but very short on installation instructions. this is what I did:

    – set $config[‘upload_progressbar’]=true; in config file
    – set tmp directory to “/home/username/tmp” (or whatever…) in both config and cgi file
    – upload all (non-cgi) files and (non tmp) directories to some directory on your server
    – upload tmp directory to place of your choice (if not already in place)
    – chmod data directory 777
    – upload cgi file to cgi directory on your server
    – chmod cgi file 755

    it now works for me if I set upload_progressbar=false. But if true, then I see no progress bar, and once upload is done, I get an error:

    Warning: chmod() [function.chmod]: Operation not permitted in /home/username/public_html/testupload/index.php on line 178

    the file is safely uploaded, so that is no problem, but the chmod didn’t work out. what is likely to be the problem? And why is there no progress bar?

  16. PINESSIGNS 08 November, 08 @ 6:18 pm

    Any support? No one has tried to password protect the directory that W2BOX resides in? I’m almost 100% certain that its a conflict of interest for the administrator’s password to work when the directory is .htaccess’d.

    CLEM, can you assist?


  17. Signs Pembroke Pines 12 November, 08 @ 3:08 am

    What a bunch of slackers you guys are! I’m just messin’ around. I figured it out on my own dime… here’s the problem to all & Clem (suggest updating your ‘How could I password protect entriely w2box ?’ Faq above):

    You can’t have 2 HTTP authentications in the same layer. The config.php script uses HTTP auth to authenticate the administrator. Well, when you add HTACCESS to the mix, they conflict.

    The fix? So easy… just make sure your admin user/pass combo in the config.php script matches the admin user in your .htpasswd file.

    In my case, I have multiple users configured into my .htpasswd files.

    admin | alkj2;4j234jaj (matches config admin user/pass)
    ftpuser | 20-iia-sdf-0=2
    newb | 23042-3402-]sfdk
    newb2 | caisdfj9asdfas

    I reserved one for administrator and matched it up with the config.php scripts admin user/pass combo.

    The result? When you authenticate as the admin through .htaccess, the admin features are automatically enabled in the script.

    You don’t even need the “administrator” link in the footer anymore.

    I’ll be you guys later. Good luck to all!

  18. clem 13 November, 08 @ 6:07 pm

    You can try to change your timezone date_default_timezone_set(‘UTC’)
    php might not have the right to chmod. Remove the warnings or comment the line.
    Signs Pembroke Pines is right the admin password conflict with htaccess thus your should put the admin as a htaccess user as well.

  19. Luciano 25 November, 08 @ 2:45 am

    Hi, great script, easy to use and modify. Can make it work on Apache, IIS6 with no ploblems, but with IIS7 there are “500 erro” all over, did anyone tryed this under IIS7?

  20. Aw 27 November, 08 @ 3:02 pm

    Still cant get folders to work, istead of going to
    it goes to

  21. clem 28 November, 08 @ 3:06 pm

    @AW: It should be that way… it is not working because you haven’t mod_rewrite enable and the .htaccess file. Read the faq.

  22. Mike 09 December, 08 @ 12:22 am

    Whenever I enable the upload.cgi bar, I’ll get errors that state that the filesize is larger than the filesize limit. But the .htaccess file is fine and the config.php is fine. What am I missing… seems to only happen for larger files >400 MB.

  23. Morgan Daly 11 December, 08 @ 3:04 pm


    I am just wondering what happened to this feature?
    // if true, show file only for admin
    $config[‘hide_files’] = true;


  24. DrWeB 11 December, 08 @ 3:46 pm


    Great script Clem !!!

    Just two questions :

    1) I can see the upload-bar, but it remains empty. The files are uploaded though.

    2) I would like that the people who visit the page;
    – can upload
    – can see the uploaded files and their size
    – but can’t download the files

    Kind regards,

  25. DrWeB 11 December, 08 @ 3:48 pm

    By the way, I’ve also translated the script in dutch :

    “Het verzonden bestand is groter dan de instelling upload_max_filesize van de php.ini”,
    2 => “Het verzonden bestand is groter dan de instelling MAX_FILE_SIZE van het HTML-formulier.”,
    3 => “Het verzonden bestand werd slechts gedeeltelijk verzonden.”,
    4 => “Er werd geen bestand verzonden.”,
    6 => “De tijdelijke map ontbreekt.”);

    $lang[‘upload_error_sizelimit’] = “Het verzonden bestand is te groot.”;
    $lang[‘upload_error_fileexist’] = “bestaat reeds in deze map.”;
    $lang[‘upload_error_nocopy’] = “Het is niet mogelijk om het bestand in deze map te kopiëren.”;
    $lang[‘upload_error_sid’] = “Het is niet mogelijk om het gevraagde bestand te vinden.”;
    $lang[‘upload_error_badext’] = “Dit bestandstype is niet toegestaan !”;
    $lang[‘make_error_exist’] = “Deze map bestaat reeds !”;
    $lang[‘make_error_cant’] = “Het is niet mogelijk om een nieuwe map te maken.”;
    $lang[‘make_error_maxdepth’]= “U kunt geen sub-map meer maken.”;

  26. tjohio 12 December, 08 @ 1:39 am

    I noticed that Mike had a feature request for email notification. This would also be very helpful to me. I have done some coding and testing of email notification. The good news is that an email notification is sent. The bad news is that downloads no longer work properly. Maybe someone can figure this out, I’ve spent several hours and what I have found is that ANY change to index.php, causes downloads to stop working properly. Could this just be something unique to my server? Even just adding a blank space on a line gets the same result.

    Anyway, adding email notification was accomplished by adding these lines in config.php:
    //— email —
    $config[’email_to’] = “youremail@your.domain”;
    $config[’email_from’] = “From: your website [files]”;

    and this one line of code in index.php just before the end of the function logadm($str):
    mail($config[’email_to’], $_SERVER[“REMOTE_ADDR”].’ ‘. $str, date(“D M d Y H:i:s”).’
    ‘.$_SERVER[“REMOTE_ADDR”].’ ‘. $str.”\n”, $config[’email_from’]);

    That’s it — three lines of code.

  27. al 14 December, 08 @ 7:01 pm

    awesome script! only one problem tho… .htaccess isn’t supported by my server. i read the faq and deleted the file and it still redirects to the root. any help? i’m sure i’m missing something simple here… thanks in advance

  28. tjohio 14 December, 08 @ 11:12 pm

    Regarding email notification, after further testing, I don’t know why this doesn’t work properly in v4.1, but it works just fine in v4.0 Beta5.

    Add this code to config.php:
    //— email —
    $config[‘send_email’] = true;
    $config[’email_to’] = “youremail@your.domain”;
    $config[’email_from’] = “your website name [files]”;

    Modify index.php – find function deletefile($cell){
    change this line:
    $str=substr($str, strpos($str,’href=”‘)+6);
    to this:
    $str=substr($str, strpos($str,’href=”‘)+16);

    Add this code to index.php, as the last thing in function logadm($str):
    // added email code
    if ($config[‘send_email’]) {
    $to = $config[’email_to’];
    $subject = $_SERVER[“REMOTE_ADDR”].’ ‘. $str;
    $msg = date(“D M d Y H:i:s”).’ ‘.$_SERVER[“REMOTE_ADDR”].’ ‘. $str.”\n”;
    $mailheaders = “From: ” . $config[’email_from’];
    mail($to, $subject, $msg, $mailheaders);
    // end added email code

    It functions perfectly in v4.0 not in v4.1???

  29. clem 16 December, 08 @ 6:13 pm

    @mike: I never uploaded such large file. It might be some perl or apache limitation.
    @drweb: I guess you’ll have to do the change yourself as they are not standard behaviour. It should be fairly simple. ( you could just htpasswd the data folder to totally lock it)
    @tjohio: There aren’t much difference between the two version. It is certainly the change you do in the deletefile function. It shouldn’t be require.

  30. ray 07 January, 09 @ 12:18 pm


    Great script. thx, just the thing i was looking for.
    I only have this proplem:

    I can see the upload-bar, but it remains empty until the file is uploaded, then the upload-bar goes immediately to 100%

    b.t.w. i’m using lighttpd

  31. ray 13 January, 09 @ 12:42 pm

    switched to apache and the upload-bar is working now. only folders are not working -> 404 error

  32. ray 13 January, 09 @ 12:57 pm

    my mistake. i accidentaly deleted the .htaccess file. folders are working now

  33. fsmedh 24 January, 09 @ 2:53 am

    Cant get the progressbar working.

    The page works perfectly fine without it, but when i enable it theres just and empty bar, nothing happens and the file doesnt get uploaded.

    upload.cgi has 755

    Path to perl is correct

    perl upload.cgi returns that its working

    If i open it in a browser i only get the text in the file.

  34. Andreas 31 January, 09 @ 11:13 pm

    Hi there,

    Thanks for a really useful and well programmed script.

    Took the liberty to add 2 snippets of code in it:
    – Line 27 in en.php: $lang[‘go_up’] = ‘Up one level';
    – Line 475/475 in index.php
    $uplink = $lang[‘go_up’];
    echo ‘‘.$uplink.’‘;

    Makes the (go up) vary from language.

    One question though:
    I’ve enabled the progress bar and uploading works fine. However when uploading large files (30 mb+) the progress/status bar in IE6 says the upload completed, but the included progress bar is still at something like 85-90%. The file never arrives at the server either.

    Anyone know anything about this?

  35. David Cog 08 February, 09 @ 3:28 pm

    Hi Clément,

    Great script. Thank you.

    I’ve spotted a bug: if you create a folder in w2box that is the same name as one of the install folders (data, images, lang, tmp), then clicking on that folder from the w2box interface produces a blank screen. E.g. Any suggestions on a fix for that?

    Also, the header h1 URL always goes to the current page – so it’s actually of no use. I modified it so that it always goes to the root of the w2box data:

    <?php $path = rooturl(); echo ‘‘.$config[‘w2box_title’].’‘;?>

    Thanks again.


  36. Flemming 09 February, 09 @ 3:08 pm

    where to send translations files – translated it to Danish…

    otherwise it is found at

  37. verana_ss 17 February, 09 @ 10:58 am

    this is absolutely great!

    Im a very very beginner of server runner and couldnt run your prog at first, but finally, because of your kindness explanation, I could run your program.

    thankyou verymuch!


  38. Ugur onur 17 February, 09 @ 12:12 pm

    You can download Turkish Language file from


    Ugur Onur

  39. Davvan 18 February, 09 @ 4:30 pm

    Swedish languagefile

    “Den uppladdade filen överstiger upload_max_filesize inställningen i php.ini”,
    2 => “Den uppladdade filen överstiger MAX_FILE_SIZE inställningen som specificerades i HTML formuläret.”,
    3 => “Filen blev bara delvis uppladdad.”,
    4 => “Ingen fil blev uppladdad.”,
    6 => “Temp mappen saknas.”);

    $lang[‘upload_error_sizelimit’] = “Filen är större än den maximalt tillåtna filstorleken.”;
    $lang[‘upload_error_fileexist’] = “Finns redan i mappen.”;
    $lang[‘upload_error_nocopy’] = “Kunde inte kopiera in filen i mappen.”;
    $lang[‘upload_error_sid’] = “Kan ej hitta filen.”;
    $lang[‘upload_error_badext’] = “Filändelsen är inte tillåten!”;
    $lang[‘make_error_exist’] = “Mappen finns redan!”;
    $lang[‘make_error_cant’] = “Kan inte skapa ny mapp.”;
    $lang[‘make_error_maxdepth’]= “Du kan inte skapa en ny mapp i detta katalogdjupet..”;

  40. Edwin Bush 20 February, 09 @ 7:39 pm

    I would like to see a download option for folders, where it would zip up the folder and then download it. Other than that, it looks fantastic.

  41. Nick Brown 03 March, 09 @ 6:21 pm

    Just thought I’d share this in case it helps anyone else. I have a shared web server hosted solution. In my .htaccess I had to add the following directives:

    Options +FollowSymLinks
    RewriteBase /w2box/

    (where “w2box” is the name of the directory that is my storage repository – a subfolder of my web root)

    Without these I got the infamous 404 error when accessing folders.

  42. dre 11 March, 09 @ 3:02 am

    Thanks Nick Brown. Got the folder working without an error by adding RewriteBase /w2box/ in the .htaccess.

  43. k feighan 11 March, 09 @ 5:43 pm

    Your script is awesome!

    I got the password protection and the upload portions of the script to work perfectly but I can’t seem to get the folders not to come up with a 404. I understand the reasoning behind but I’m not to familiar with how to modify the .htaccess to allow the folders to be viewed and I can’t seem to find any examples of the .htaccess code. What would a rewrite line look like if my upload folder is titled data?

  44. k feighan 11 March, 09 @ 7:00 pm

    nevermind — got it working finally. thanks Clem for a really great script!

  45. Azn 12 March, 09 @ 3:51 pm

    I got everything working just the progress bar which I need the most. Tried to do as suggested “How to enable the upload progress bar ?” but it seemed not to work.

    Any other ideas?

  46. Spence 13 March, 09 @ 4:50 am

    Any way to do multiple file uploads?
    Thanks for a great script

  47. joseph chrzempiec 17 March, 09 @ 11:04 pm

    ok i have a Question i download it just to try it ok i got it to work……i make a directory. folder comes up when i click on the folder it gose to page can not be displayed? in the demoi tryed in on thispage i made a directory and go into the folder and it comes up. and i upload into thefolder. how come when i do make a directory in my hosting and click on that folder it gose to a page cant not be displayed what am i doing wrong?? cna someone tell me i have yahoo messenger its jchrzempiec and my email is where the uploader is can someone help please thanx you.

  48. joseph c. 20 March, 09 @ 9:35 am

    my question is i got the scripts uploaded but when they go to make a directory folder that works….. butthe problem is when clicking on the folder to uploads stuff it gives me a error of 404 page can not be deisplayed can someone tell me why that is im pretty sure i did everything to work right but can not see it.can someone help pleae??????? this is a great script…. one otherthing i put in the config to accpect mp3 that works but after it up0loads it shows in the main index page but no icon next to it…. like a music icon or something how can i add something to it??

  49. clem 01 April, 09 @ 2:19 pm

    It seems that most error get resolved… I do not do much support at the moment.

  50. fredde 17 April, 09 @ 4:38 pm

    Is it possible to post larger files then 500mb?
    i have set in php.ini max size and post size to 1000 but it still shows 500mb in w2box, ideas?


  51. acerimmer 29 April, 09 @ 5:20 am

    Anyone know why, when I have intergrated this into a page to test, it works with IE but not with firefox??

  52. jonathan 03 May, 09 @ 6:52 pm

    Great script, though I am having trouble changing the [‘allowed_ext’] = array as I want to allow my users to upload any file extention without having to write in all the extentions I know.

    Does anyone know how to do this?

  53. Morgan Daly 17 May, 09 @ 12:28 pm


    I would like to enable the script to hide all the uploaded files from non-admin people not just just the delete function. Can anyone help me do this? The script used to function this way from memory.

  54. Jorge 29 May, 09 @ 9:25 am

    Exists any installation file, I don´t have experience. Thank you

  55. Jarrod 29 May, 09 @ 4:51 pm

    When I’m creating a new directory, it creates the directory in the right place, but the link to the directory goes to the root folder, where it isn’t.

    So if I make a folder named “test”, it will be created in “”, but the link will go to “”, where there isn’t a folder. I don’t get what’s going wrong here. Any help would be appreciated.

  56. ed 01 June, 09 @ 10:13 pm

    I keep getting this when i try to upload a file larger then 2gb:
    “http negative content length detected” and the upload basically stops. In the tmp dir it creates ####_flength file but the ####_postdata gets created but doesn’t grow in size(0kb)

    any ideas? i’ve changed the settings in the php.ini file to 10GB for POST and UPLOAD. i’ve changed the $HIGH_MAX_UPLOAD setting in upload.cgi.

    Note sure what else is the issue.



  57. Mike Lechmann 10 June, 09 @ 6:10 pm

    @Clem: Very nice Clem. Thank you for writing it. I searched for hours for a simple upload script, *that allows directory creation* before I stumbled upon your script. Just what I needed.

    @David Cog: did you resolve your problem? I have the same issue. Creating new directories works for all directories except “images.” That always produces a blank page. It could have something to do with embedding w2box within another app? (I have it inside a wiki to make image uploading easier.) Or possibly that I use a 3rd level domain name, i.e. Does the same situation apply for you? If I figure it out I will post back here.

  58. Mike Lechmann 10 June, 09 @ 6:14 pm

    Oh whoops nevermind. The same error happens at the demo for this script. Try to access the “images” folder here:

    to see what I mean.

  59. Mike Lechmann 10 June, 09 @ 6:22 pm

    OK very simple fix to this problem. I simply renamed the images folder w2boximages.

    And then did a search-and-replace on all calls to “images” and replace with “w2boximages.” Very easy:

    6 occurrances in index.php
    2 occurrances in
    3 occurrances in w2box.css

  60. Kelly Brown 13 June, 09 @ 3:13 am

    The best information i have found exactly here. Keep going Thank you

  61. KattyBlackyard 15 June, 09 @ 8:48 am

    The article is ver good. Write please more

  62. GarykPatton 16 June, 09 @ 9:57 am

    Hi! I like your srticle and I would like very much to read some more information on this issue. Will you post some more?

  63. mrheat 24 June, 09 @ 4:34 pm


    im using your script it works perfectly, but i have a question.

    when im sending a link, via email or whatever, and the file doesnt exist,
    the script enters the parent directory automatically. i dont want that.
    it should display an error file not found or 404.

    how can i make that?


  64. tim 28 June, 09 @ 7:58 pm

    To allow all file extensions, change allowed_ext to:

    $config[‘allowed_ext’] = array(“*”);

    Comment out the following lines in index.php:

    // if (!in_array(strtolower(extname($filename)),
    //$config[‘allowed_ext’])) {
    // $errormsg = $lang[‘upload_badext’];
    // return;
    // }

    And finally, comment some of the following lines (as below) in w2box.js:

    // if (ALLOWED_TYPES.indexOf(ext) == -1) {
    // document.getElementById(“allowed”).className =’red';
    // document.getElementById(“upload”).disabled = true;
    // } else {
    document.getElementById(“allowed”).className =”;
    document.getElementById(“upload”).disabled = false;
    // }

  65. Kinjal Shah 03 July, 09 @ 6:31 pm

    I m not able to upload large video like more than 50 MB.

    Can you please help me how to resolve this issue???

    Please reply me as soon as possible.

    Thanks in advance.

  66. none 20 July, 09 @ 7:50 am

    index.php UTF-8 encode plz:p

  67. Toby 23 July, 09 @ 11:20 am

    Your script is awesome! Thats what I’ve been looking for so long!

    – an user management
    – an email notifier after finished upload or
    – file upload in chunks
    – admin panel for settings

    After that, I will donate 20 extra Euros!

  68. David 28 July, 09 @ 6:52 pm

    @Toby: You are taking the wrong approach. Donate *first* and hope that donations will entice the author to add the features you are requesting.

  69. David Collantes 29 July, 09 @ 1:06 am

    Clem, could you add sanitizing to the filename of the file to upload? Right now, for example, if the filename has \’ (test\’ing.txt) it will break functionality.

    I tried to do it myself to no avail.

  70. David Collantes 30 July, 09 @ 10:13 pm

    The problem with bad names resides on the renaming part. I replaced the line:




    And set:

    $config['hide_rename'] = true;

    On the configuration file. Only admins can rename.

  71. Bris 31 July, 09 @ 12:35 pm

    Anyone who know how I can change default sort-type in that way to show newest file in the top, descending?

    Right now it loads with sorting filenames. I got it changed to file date by changing:




    but how to make it descending from start as well?

  72. Serge 18 August, 09 @ 2:56 pm

    Hi Clément, great script. Thank you.
    To make the progressbar working it need to correct w2box.js

    The line:
    //ajax magic
    uploadUpdater = new Ajax.PeriodicalUpdater({},

    Should be replaced:
    uploadUpdater=new Ajax.PeriodicalUpdater(“upload_progress”,


  73. David Collantes 18 August, 09 @ 8:08 pm

    Excellent Serge, thanks!

  74. mrheat 14 September, 09 @ 3:25 pm

    how can i prevent jumping back to parent directory
    when trying to download non-existant files?
    trying to download

    but file has been deleted a time ago, so clicking this link
    goes to

    and showing its contents..can i turn this off somewhere?

  75. St0nehead 20 October, 09 @ 5:01 pm

    Thank you for script! Great job!
    Feature requests:
    – Ability to make custom permissions for users.
    e.g. John Doo have read-write access to their folder “Uploaded by J.D.”, but read-only to other folders.
    – e-mail notifications.
    – RSS
    – percentage indicator when uploading
    P.S. Thanks again for great job.
    Redesigned ( Mac OS X Snow leopard style). Enjoy:

  76. Martim 22 October, 09 @ 11:05 am

    Great script!

    I’m having 2 problems:
    1. When I create a dir it always leads to a 404 if I click on it. It seems it’s pointing back to the root… any ideas?
    2. The progress bar is working, but it get’s stuck just right at the end and nothing is uploaded. Uploads work fine w/o progress bar.

  77. St0nehead 22 October, 09 @ 6:25 pm

    Edit your .htaccess

  78. St0nehead 22 October, 09 @ 6:27 pm

    Rewrite engine mod must be turned on.

    RewriteEngine on
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{QUERY_STRING} ^$
    RewriteRule ^(.*)$ index.php?d=$1&BAD_HOSTING=%{HTTP:Authorization} [L]

    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{QUERY_STRING} ^(.+)$
    RewriteRule ^(.*)$ index.php?%1&d=$1&BAD_HOSTING=%{HTTP:Authorization} [L]

    RewriteCond %{QUERY_STRING} ^(.*)$
    RewriteRule (.+).php $1.php?%1&BAD_HOSTING=%{HTTP:Authorization}


  79. Martim 23 October, 09 @ 4:45 pm

    Thanks for the help ST0NEHEAD
    My .htaccess looks exactly like yours plus these lines:

    SecFilterScanPOST Off

    I see the apache solution up in the FAQ, except I’m not using apache. I’m using Abyss web server: Any more ideas?

  80. Dexter 23 October, 09 @ 5:43 pm

    HI, Uploaded to 4.1 but still get a login bug on IE8 (works on IE6 and FF)

    line 43
    char 2
    file w2box.js
    how can I fix it?

    also in w2box.css
    line 151
    overflowù: none is not valid
    Value: visible | hidden | scroll | auto | inherit

  81. Eric Peacock 06 November, 09 @ 1:36 am

    I’ve got a correction for this correction:

    The line:
    //ajax magic
    uploadUpdater = new Ajax.PeriodicalUpdater({},

    Should be replaced:
    uploadUpdater=new Ajax.PeriodicalUpdater(”upload_progress”,

    should actually be
    uploadUpdater=new Ajax.PeriodicalUpdater(‘upload_progress’,

  82. Dexter 17 November, 09 @ 6:31 pm

    its not working with the ajax mod.

    BTW also with Firefox 3.5.5 the
    Error: document.getElementById(“filename”) is null
    line: 43

    issue prevent the software from working.

  83. Rick 19 November, 09 @ 1:00 am

    regarding the 404 and htaccess:

    Hey on our server, mod-rewrite is activated however we need to put a forward slash “/” in front of the index.php named in the htaccess file (I know this because I’ve had to make that adjustment to other htaccess mod-rewrite files in the past to get them working).

    So I added the extra / in the 2 obvious places (see below), but it does not seem to activate and still gets the 404 on folders.

    amended htaccess as follows:

    RewriteEngine on
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{QUERY_STRING} ^$
    RewriteRule ^(.*)$ /index.php?d=$1&BAD_HOSTING=%{HTTP:Authorization} [L]

    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{QUERY_STRING} ^(.+)$
    RewriteRule ^(.*)$ /index.php?%1&d=$1&BAD_HOSTING=%{HTTP:Authorization} [L]

    RewriteCond %{QUERY_STRING} ^(.*)$
    RewriteRule /(.+).php /$1.php?%1&BAD_HOSTING=%{HTTP:Authorization}

    SecFilterScanPOST Off


    Should I also be making another forward slash “/” somewhere in the last cond & rule to complete this requirement?
    or do I also have to mke some change somewhere else in the application files to allow for this forward slash addition?

    If you can advise what should be the best corse of action that would be great as I think your application would be a real asset if I can get it past this issue.


    Note: As I said earlier, the mod-rewrite module IS ACTIVATED on our server, but requires the additional forward slash to be compatible.

  84. Jason 23 November, 09 @ 10:35 am

    Hi all,

    I got this script working on my test box.

    I also got the max filesize to 100MiB but I can’t get the progress bar to work.

    When enabled, the progress bar shows up but it stays 0% filled and the file never actually uploads.

    What information do people need from me?
    I’m running in an hosted enviroment and my tmp directories are set to full path.

    If I can get it working I’ll use it for work which means a nice donation for Clem :)

  85. Jason 23 November, 09 @ 10:39 am

    BTW I thought I might add,

    I’m using a .htaccess as a method of security, if I go to the this works fine and I can login and see the index page, but if I got to directly I get a Forbidden 403 Error, even if after I authenticate on index.cgi/htm

  86. Wout 09 December, 09 @ 12:20 pm

    I managed to install this great script, i can create maps, i can upload files but…i can not delete anything…
    Even when i delete httacces file, it doesnt work, i always get an 403
    Can somebody please help me out?

  87. Wout 09 December, 09 @ 7:51 pm

    It seems that when uploading the ownership of the files and folders is switched in apache apache so thats why i cant delete them.
    Is there a solution for?
    Kind regards

  88. FOX 10 December, 09 @ 6:50 pm

    Really nice module ! congratz
    i wish to add an email notification when a file are uploaded, but i add a mail(à just after FINISHED, and i not receive the mail:(
    Someone to help me ?

  89. GUIL 10 December, 09 @ 7:47 pm

    How to go in another page when the upload are finished?

  90. jose gregorio 21 January, 10 @ 9:21 pm

    lo estoy instalando en debian 4, pero cuando creo la carpeta y acceso a ella, me lleva a la carpeta w2box, es decir se sale de la carpeta data.. ayuda por favor.. creo que debe ser por el Rewrite, donde modifico esto? y lo del tamaño maximo de archivo por favor…

  91. Michelle Xu 21 January, 10 @ 10:45 pm

    hi, i using wamp (with php 5.3)
    it’s error at :

    // coefficient

    Undefined offset: 5 in …..\lang\index.php

    it will works if change to 1 or 3 only.
    but i dont know what’s the effect later.

  92. iodev 01 February, 10 @ 11:42 pm

    Thanks for great script. Everything works fine and progress bar works ok.

    I need help with one thing. I have made div#filelisting hidden, so customers when uploading files cannot see list of files. Now, I would like to make a notifications for successful upload, because when upload is finished there is no any message. Can you help me with this?

    Oh yes one more thing. Sometimes files just do not upload, there is no any error message. This happens in one of ten uploads.

  93. Juanitou 05 February, 10 @ 7:08 pm

    Hi and thanks for the script!

    Here, the progress bar sticks to echoing 0.

    Look index.php between lines 143 and 148: I’ve checked with Firebug and the Ajax response is almost always 0. With relatively big files (over 1 Mb with a slow DSL connection), you can sometimes display $total (the size of the info_file) but never $current (the size of $data_file). All these files are being correctly created, but somewhat file_exists() do not find them.

    I’ve tried adding clearstatcache() in line 118 with no avail.

    Could be the problem related to the way the host server manages files?

    Best regards,

  94. Dave 08 February, 10 @ 6:49 am

    Possible root disclosure security issue due to function.opendir?

    Default: /t/?download=test.jpg
    POC: /t/test.jpg

    Will return root image storage dir. Example it is /data/

    Warning: opendir(/var/www/t/data/test.jpg) [function.opendir]: failed to open dir: Not a directory in /var/www/t/index.php on line 371

    With this information you could point to /t/data/test.jpg allowing someone to hotlink and more.

  95. Mahmoud Sayed 12 February, 10 @ 2:57 pm

    magnificent code

    may I suggest an addition update for uploading large files?

    if there a way to split the temp files into 2 or 4 or 8mb each then merge them into a one large file
    so we can upload the large files without the limits of those server dictator administrators

    thanks alot

  96. Juan Carlos G 24 February, 10 @ 7:14 pm

    Hello from Mexico:

    Very grateful for the code, I only have a problem …

    I can browse directories, I click on one and tells me that IE “is not the page”.

    Could give me some advice, please?


  97. Juan Carlos G 24 February, 10 @ 10:34 pm

    I have edited the file. Htaccess as this:

    RewriteEngine on
    RewriteCond% (REQUEST_FILENAME)!-D
    RewriteCond% (REQUEST_FILENAME)!-F
    RewriteCond% (QUERY_STRING) ^ $
    RewriteRule ^(.*)$ / index.php? D = $ 1 & BAD_HOSTING =% (HTTP: Authorization) [L]

    RewriteCond% (REQUEST_FILENAME)!-D
    RewriteCond% (REQUEST_FILENAME)!-F
    RewriteCond% (QUERY_STRING) ^(.+)$
    RewriteRule ^(.*)$ / index.php?% 1 & d = $ 1 & BAD_HOSTING =% (HTTP: Authorization) [L]

    RewriteCond% (QUERY_STRING) ^(.*)$
    RewriteRule /(.+). php / $ 1.php?% 1 & BAD_HOSTING =% (HTTP: Authorization)

    SecFilterScanPOST Off

    SecFilterScanPOST Off

    But I still have this error when clicking a directory:

    HTTP 404 – File not found
    Internet Information Server

    Any suggestions, please?

  98. Beasiswa 24 March, 10 @ 7:54 pm

    Hi, Just need to know, if i donate some $$ would you please install it for me ?

  99. clem 25 March, 10 @ 10:08 am

    @Beasiswa: It is not so hard, you just need to unpack the zip and it should work out of the box.

  100. John 27 March, 10 @ 1:08 am

    This is a really good program but try as I might I cannot change the max file size above 64mb. Looking to set it at 2 gig but although I can set it lower than 64mb i cant set it higher. Any clues? Will be looking to make a donation once successfully installed as it will be for commercial use.

  101. clem 27 March, 10 @ 12:05 pm

    @John: Try to read the faq on this page about increase the maximum file size limit. If it doesn’t work or you do not have the right to change it, you can try to enable the progress bar (read the faq as well) and bypass php max filesize limit.

  102. intanjayble 02 April, 10 @ 8:02 pm

    Hi there guys,

    First – This is a GREAT script! works really well (after several attempts at getting the .htaccess file right for the folders to work!)

    Question tho – I have enabled the admin in the config.php file so that people not signed in (not admin) cant seem some options – this works fine for IE 7, Firefox and Opera – however NOT in Safari 4.04 …. I try to log in and it just spits me back to same page :S

    Clem – amazed to see that you’re still giving support for this – any ideas on why this may be happening?!

  103. Fred 03 April, 10 @ 11:06 am


    I am using my own IIS server and have been setting the temp directory in both the config.php and upload.cgi file.
    No matter what I set as the temp directory, the upload always fails saying that C:\WINDOWS\Temp\phpE0.tmp do not exist!
    This is really frustrating, and I am running out of ideas.
    Hopefully you can point me in the right direction so I can resolve this issue.
    BTW… It works fine on my WAMP server.

  104. Vanarie 16 April, 10 @ 9:52 pm

    If you allow uploads and use Apache, MAKE SURE you lock down your php interpreter so it doesn’t execute uploaded files like file.php.ext (ex. sunnyday.php.jpg). Most DEFAULT installs will allow you to run this kind of file!

    If you ONLY store php files as *.php, you can add this to php.conf:

    AddType text/html .php
    AddType application/x-httpd-php .php
    AddHandler php-script .php
    <FilesMatch "\.php$">
    SetHandler application/x-httpd-php

    Otherwise, you can use .htaccess to achieve the same lockdown.


  105. Vanarie 19 April, 10 @ 7:55 pm

    *Fix for inconsistent small file upload*

    I don’t know if this is a bug or just a problem with my install, but I was having issues uploading smaller files with the progress bar turned on. I suspect that if the file is uploaded too quickly, it breaks the progress bar routine and the file never makes it or doesn’t get copied to the data folder. I changed “sleep(1)” to “sleep(5)” in upload.cgi, and the problem went away.

    Hope that helps someone! :)

  106. DRSK 22 April, 10 @ 4:09 am

    How about a real administration login and the ability to logout? I’ve set so only I have restrictions to add directories. And whilst in the directory, I can only upload files. So, limited to 1 directory, and admin only. But I want o be able to logout! How’s this done? unset($_GET[‘admin’])? or… unset what? session_close()? What does need to be done. I’m happy to share what I’ve done, it’s a repository for FireFox add-on, ChatZilla (motifs/skins). You select the theme/skin you want, and then “drag-and-drop” it on your ChatZilla window. Works great, but I want to be able to log out correctly.. The login system is a bit weird!

  107. Eric Peacock 22 April, 10 @ 5:53 pm

    I figured it was time to share some of my experiences as I’ve been running w2box as a “beta” hidden file repository where I work for some time. I’ve ended up customizing it quite a bit over the years.

    So far I’ve re-skinned it via CSS and some revised HTML, changed various defaults, updated the Prototype and Sortable libraries (seems faster) and probably some other changes I have forgotten. Clem, if you ever update w2box I’ve got a lot of careful forking to do.

    I’ve never gotten the progress bar to work on my host, but also never put much time into it either. It’s sort of the last problem to solve whenever I get time.

    It would appear that Sortable v1 was used when this was originally built. I dabbled with replacing that with Sortable v2 which seems to be quite the rewrite. Or I’m completely wrong and the customizations completely masked whatever version of Sortable was used.

    I can say that Sortable v2 works and you can roll over some of the customizations (I may have missed a few) and everything seems to work fine. Doing that upgrade seems to add some options and improves the speed when sorting. It does change the default sorting behavior as well which is why I tried it in the first place. We need to sort by date, newest file on top and it’s never worked quite right. I’m probably closer to that now but haven’t had time to do any more since the update.

    The Prototype update was simply to catch up with the bug fixes in Prototype. It appears that the nicely optimized Prototype Ajax library hasn’t changed since the version included in w2box so if you do this you’re adding bulk to the page load by loading the entire Prototype library. Figured I’d try this and aside from potentially being more robust in modern browsers it is faster. I usually work with JQuery so I can’t really say much else about Prototype right now. If I had more time I’d consider doing my own reduced version.

    Thanks for the script Clem. I’ve learned some things and even though my customized version is just a functional beta, I owe you a donation sometime soon.

  108. Mich43l 24 April, 10 @ 10:06 am

    Hi were i can download stable version ??

  109. Max 06 May, 10 @ 7:20 pm

    Is there anyways that i can exclude some files from being shown ?

  110. gwmbox 11 June, 10 @ 1:03 pm

    Great script and works straight out of the box :)

    Just need a way to enable multiple uploads and it will be complete :)

    Thanks Clem :)

  111. dj_tony 24 June, 10 @ 3:14 am

    sorry to bothr you, clem.

    i’m not able to make admin work.

    if i enable it, after pushig powered, it asks me the pw. if i provide the right one it asks me the pw 3 times and then tell me that i’m not authorized. if i give a wrong one it takes me to a empty page and i’ve to cloe/reopen the browser to try another time.

    and also have the same warning of “post 80″ from dexter .

    really not able to make it works. (even progress bar and directory exploring doesn’t work but i don’t need that at the moment).

    thank you if you can help me.

    i’ve already read all the post and all the faq.

  112. dj_tony 24 June, 10 @ 3:23 am

    the pw in config.php are admin and w2pass

    i can write everything for the username

    but when i write for the pw : adm(what i want) it stucks


    any other word (also the right w2pass) doesn’t work.

    sorry for my english


  113. Ruth 09 July, 10 @ 2:24 am

    Hello, I’m a novice programmer and I tried this–so great, very easy! I did have a question though…how do I add allowed file types? I have some PSD files I’d like to place in here, but it seems that I can’t do it.

    Please let me know…thanks!

  114. helaku 09 July, 10 @ 10:48 am

    @Ruth: Edit the file config.php and simply add psd to the line following $config[‘allowed_ext’]

  115. gwmbox 18 July, 10 @ 9:50 am

    What can I say, excellent script, works straight out of the box and the upload bar works as it should.

    For those that cannot get the progress bar please make sure you have given that file execute permissions (755) otherwise it will not work. Also on some hosts they only allow cgi files to run in the cgi-bin directory, try moving it there and update the config to point to the cgi file

    Some requested features.

    1. Multiple uploads, via ajaz with a plus symbol to add a new line to get a new file.
    2. Additional user level(s). As in upload and download only with no delete options and no directory creations.

    Keep up the great work


  116. BIG 24 July, 10 @ 1:25 pm

    How to change the script to display longer filenames?

  117. Dave 12 August, 10 @ 8:43 pm

    Cool script. Got it installed….able to upload files fine, but nothing is displayed in the file/folder area….any ideas?

  118. Andjeo 15 August, 10 @ 9:11 am

    how can i add more file in the same form?

  119. Pil Gaw 20 August, 10 @ 9:32 pm

    Hi, fantastic script. In my installation I need to install the W2Box scripts and PHPs in a directory that already exist another INDEX.PHP, doing something else, and it is can not be changed at all.

    So I renamed W2Box INDEX.PHP to UFILES.PHP and found two reference to “index.php” on W2Box.Js, what I changed to ufiles.php. Found no other references to index.php, except inside the .htaccess file.

    Populating manualy the Data directory with directories, subdirectories and files, the first level appears at W2Box (runing the ufiles.php), but when clicking any directory it gaves me 404 error. I already copied the .htaccess file (from your zipped) to the data and each data directory.

    Even so, the 404 continues.

    Other than that, I can not make the admin + password works, it return the login screen over and over.

    The same config.php from the test installation (using index.php) is being used here, same userid, same password.

    I am getting crazy here, can’t find anywhere else to go to try to fix it.

    As a suggestion to avoid future problems like mine, the index.php could be renamed to something else, in future releases, perhaps w2box.php ?

    Please, any help, I am desperate here, need to make it work and fast.


    Pil Gaw

  120. Pil Gaw 22 August, 10 @ 3:32 am

    I would love to have the following two functions in a new version of W2BOX:

    1) Administrator LOGOFF button.

    2) An option at the CONFIG.PHP to allow any user to upload files to a specific directory at the file server, like “unsorted_files”. Config.php could have options for this be available, directory name, secondary password or not for common users. By this way, any user could upload files to that particular directory, then administrators could sort files to the correct directories.

    We use to create a text file in each directory, containing file name, size and a simple description of the file. Sometimes just by the file name is impossible to figure out correctly the what the file is for.

    I will try to include in your php the reading of such file and if the file name/size is found in the text file, then more info will be on screen. It will be a wonderful feature.

  121. valerio 28 October, 10 @ 10:53 am

    I can not create folders, why?

  122. dj tony 12 November, 10 @ 8:53 pm

    hi all.

    my cgi works. (i have “You should get “CGI Working””.

    i can do everithing. but when i upload files the progress bar remain empty and in the left bottom corner of iexplore/chrome i see a percentage growing. when reach 100% the prograss bar suddenly turn full of red, refresh the page and the file is uploaded. what’s wrong with showing progress on the proper progress bar?

    thank you all.

    i’m on a linux server. just buyed to make this great script working fine.

  123. GW 19 November, 10 @ 4:42 am

    Can I please request a multiple login feature, as in leave the admin login as is, but also have a User login feature of which we can then set what the user can and cannot do, i.e. the hide admin options or not in config.

    Also please a multiple upload feature is greatly needed.



  124. Pikos 07 January, 11 @ 7:27 pm

    For multiuser log in you have to create a mysql authentication function, or file based by reading the user & password to 2 variables on page loading…

  125. Mich43l 08 January, 11 @ 6:58 pm

    Hi i have problem with make new Dir// I can make but if i opened this folder i have error 404 what do Wrong // Help me

  126. rasmus stoltenberg 11 February, 11 @ 11:08 pm

    Great Script, only misses 1 thing!

    Any way to do multiple file uploads?

  127. scholarships 21 March, 11 @ 8:52 pm

    Are you also update your script? It’s important, to avoid hack of other.

  128. Svendus 07 April, 11 @ 11:05 pm

    Firefox 4 trubbles
    admin do not funktion here
    in Windows Mac and Linux

  129. Svendus 08 April, 11 @ 5:01 am

    Works nicely in IE 8 Windows 7
    and Safari Version 5.0.4 (6533.20.27)
    and Opera 11.01/1190 Mac OS X Version 10.6.7

  130. Andre 09 May, 11 @ 4:31 am

    Warning: move_uploaded_file(data/ [function.move-uploaded-file]: failed to open stream: Permission denied in /home/habbog3/domains/ on line 231

    Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move ‘/tmp/phpCz6eYY’ to ‘data/’ in /home/habbog3/domains/ on line 231

    Warning: rename(data/ [function.rename]: failed to open stream: Permission denied in /home/habbog3/domains/ on line 232

    Warning: rename(/tmp/phpCz6eYY,data/ [function.rename]: Permission denied in /home/habbog3/domains/ on line 232

    Warning: mkdir() [function.mkdir]: Permission denied in /home/habbog3/domains/ on line 258

  131. Andrei Neculau 26 June, 11 @ 3:32 pm

    Through the years, I added a bit of knowledge to the project

  132. Alejandro 24 August, 11 @ 8:40 am

    404 error when I enter a directory, plus I loaded files (containing the writable) left the links to try it who can help me in the project.
    I expect a quick answer to the question, because it is a project for my work.

    many thanks and greetings from Argentina

  133. Justin 28 September, 11 @ 6:26 pm

    I like the script, but noticed one error, when I am finished with the admin area, there is no way to log-out of the admin area. Is there some way to log-out of the admin area when I am done?

  134. Mirza 31 October, 11 @ 9:31 pm

    Can I use folder outside of /w2box, on another disk?
    I installed xampp for linux, so the path to w2box is


    I want to use this script for listing


    So, this is what i tried:
    $config[‘storage_path’] = “/media/Files/d/”;

    I get error message: opendir(/media/Files/d/) [function.opendir]: failed to open dir: Permission denied in /opt/lampp/htdocs/f/index.php on line 371

    How to make this working? Thanks!

  135. MIRZA 01 November, 11 @ 9:11 pm

    I resolve my issue by formating disk to linux filesstem and changed permissions. I couldnt do this change couse my disk was ntfs before.

    My current problem is that files over 2GB are not visible…

  136. Jürg Baur 06 November, 11 @ 1:17 pm

    Great Script! Some changes needed to work under Win 7, XAMPP 1.7.4 and PHP 5.3.5:
    – index.php: split(…) -> @split(…)
    – lang\index.php: ereg(…) -> @ereg(…)

  137. Jürg Baur 06 November, 11 @ 1:54 pm

    And to use the progress bar under under Win 7, XAMPP 1.7.4 and PHP 5.3.5 your first row of upload.cgi should look like this (path to the perl.exe):
    # if you’re using windows, you should remove the first line

  138. Amr elsayed 14 February, 12 @ 7:11 pm

    the arabic language translation file


    change the charset value in index.php to UTF-8 otherwise you gonna end up with shitty text

  139. Amr elsayed 14 February, 12 @ 7:18 pm

    note: to change the language…

    go to lang folder open index.php and replace the en with the name of the required language file

    to install addittional languages just translate the base en file to your language and put it and use it >it’s that simple :)) and don’t forget to share translations here…

    ps: some languages need utf-8 to be displayed the lang file in utf-8 instead of ansi and change the charset in index.php to utf-8

    thnx for the great script

  140. Delicia Zappolo 24 February, 12 @ 6:32 pm

    I subscribed to your rss feed as I wasn’t able to find your e-mail subscription link or newsletter service. Do you’ve any?

  141. sheffgraph 09 June, 12 @ 11:20 am

    I have a PDF on my webproof which will not delete. It says “Error: file not found. (data/title of the document.pdf)”
    Can anyone suggest a way of deleting this PDF? Many thanks

  142. Valencia Fan 26 October, 12 @ 11:46 pm

    Hi! Someone in my Myspace group shared this site with us so I came to look it over. I’m definitely loving the information. I’m bookmarking and will be tweeting this to my followers! Excellent blog and fantastic design.

  143. Michael 20 December, 12 @ 2:24 pm


    with update to php 5.4, which does not support register globals anymore, the w2box does not work anymor…

    What could i do?

  144. BMF360 21 March, 13 @ 12:22 am

    $config[‘admin_username’] = “admin”;
    $config[‘admin_password’] = “w2pass”;

    How to change this for a mysql database?

  145. K Foley 02 May, 13 @ 5:30 pm

    I want include a logout button? where is appropriate and can I use session destroy

  146. Enrico 27 June, 13 @ 6:15 pm

    Hi Clem, i was looking at previous post but I am still facing the”404 not Found” error.
    .htaccess file is the default provided within file.
    Do I have to change in there?
    httpd.conf contains the following (in line with your FAQ)
    “LoadModule rewrite_module modules/”
    Still 404 when trying to access created folder.
    Please advice

  147. Enrico 27 June, 13 @ 10:44 pm

    Hi Clem, I figured out what was missing. Now not anymore 404 message.
    As next step I need to allow the file upload greater then 4GB.
    I have tried to set php.ini and config.php parameters, but still not able to upload file , even if I can see 400MB as file size limit, smaller file such as 30MB.The upload icon is grey-out.
    Please advice

  148. Rafael Vitor 09 July, 13 @ 5:10 am


    Warning: move_uploaded_file(data//Grade.png) [function.move-uploaded-file]: failed to open stream: Permission denied in C:\inetpub\vhosts\\httpdocs\adm\index.php on line 205

    Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move ‘D:\WINDOWS\Temp\php3109.tmp’ to ‘data//Grade.png’ in C:\inetpub\vhosts\\httpdocs\adm\index.php on line 205

    Warning: rename(D:\WINDOWS\Temp\php3109.tmp,data//Grade.png) [function.rename]: Permission denied in C:\inetpub\vhosts\\httpdocs\adm\index.php on line 206

  149. Rafael Vitor 09 July, 13 @ 5:12 am


    Warning: move_uploaded_file(data//Grade.png) [function.move-uploaded-file]: failed to open stream: Permission denied in C:\inetpub\vhosts\\httpdocs\adm\index.php on line 205

    Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move ‘D:\WINDOWS\Temp\php3109.tmp’ to ‘data//Grade.png’ in C:\inetpub\vhosts\\httpdocs\adm\index.php on line 205

    Warning: rename(D:\WINDOWS\Temp\php3109.tmp,data//Grade.png) [function.rename]: Permission denied in C:\inetpub\vhosts\\httpdocs\adm\index.php on line 206

  150. cibus 18 August, 13 @ 6:04 pm

    Nice post. I learn something new and challenging on blogs I stumbleupon everyday. It’s always exciting to read through articles from other writers and use something from other websites.

  151. lenis 19 August, 13 @ 3:51 am

    Please let me know if you’re looking for a author for your site. You have some really good posts and I believe I would be a good asset. If you ever want to take some of the load off

  152. LUCIANO 01 October, 13 @ 8:00 pm

    Hi folks!

    Help me!

    How can I hide files from the list, for example, html and php files???


Sorry, comments for this entry are closed at this time.

You can follow any responses to this entry via its RSS comments feed.

Copyright © 2005-2015Clément Beffa-Return to the Top ↑