Pretty cool component. I’ve just tested this thing but it isn’t suitable for uploading large files (which i was actually looking for). Does someone have a good alternative which can upload large files and has a good status indicator?

you can also try swfupload they added image resizing in the latest version.

haha, beware of this script. i just injected a php file in the uploader and i could take root access to the box if i wanted using this will make your website’s vulnerables to attacks.

you can see the php file I uploaded here:

http://www.shift8creative.com/app/webroot/agile-uploader/examples/temp/test.php

( none malicious, only an alert to the developer )

my I ask is there a simple way to protect from the php injection mention by (thanks ) CrossedBones ?

@Alex & @OJ
> Is there a simple way to protect…

Yes, as always when users are to upload their own stuff you should

a) Limit the uploader by filetype
b) disable execution of certain filetypes.

In scenario b) you are looking for a .htaccess fix like this:

RemoveHandler .php .php3 .php4 .shtml .cgi .pl

This way a php file will be treated as a TXT file, and the above “hack” would not work. It’s more of a sloppy setup by the scripts author, accepting php files in the first place without removing their handler.