Drop Bocks is a complete, web-based file upload administration tool that makes adding file upload capabilities to any existing website simple and straight-forward.

• The simplest set-up configuration requires changing only two settings
• Installs in less than five minutes*
• Fully skinnable via CSS
• Free, open-source (BSD license), and written in PHP

(*this assumes you have access to your web server, are running PHP, know how to create directories and set permissions, and can read and edit a modicum of PHP)

The interface consists of two pages, the Upload Form and the Admin Interface. The Upload Form is the form people use to submit files for upload to your site. It looks something like this:

The Admin Interface is the form you use to view and delete files that have been submitted to your site. It looks something like this:

1. Download and decompress the Drop Bocks application. This will create a DropBocks directory on your machine
2. Copy all the files and folders in the DropBocks directory to the drop box directory on your web server
3. Create the directory that will store the uploaded files (and remember it, you'll need to set the $uploadDir setting to it). This should not be the same directory that houses the Drop Bocks application
4. Open inc.config.php and change, at the very least, these two settings:
   • $uberSecretPassword
   • $uploadDir
5. That should be it. Give it a try, see what happens

All configuration of Drop Bocks is done by changing settings in the inc.config.php file (located in the includes/ directory). It's a basic PHP file with lots of variables. Change the settings to change how the application behaves.

$requirePassword : Whether or not a password is required to access the admin area.
$uberSecretPassword : You admin password. This is the only value you absolutely must change
$maxUploads : The maximum number of uploads a user can submit at one time.
$maxUploadSizeInMegs : The maximum size, in Megabytes, that any one uploaded file can be.
$maxDropboxFileCount : The maximum number of files to allow in the drop box before it's 'full' (this is to prevent someone from stuffing your box with thousands of small files)
$uploadDir : The path to the directory in which to store the uploaded files. This must be relative to the Drop Bocks application directory. If it's absolute from the root of your website it won't work properly
$stylesheet : The name of the stylesheet in themes/ directory to use to skin the application
$isAllowedFileTypeArray : An array of file types that are allowed to be uploaded. Drop Bocks works on an 'explicit allow' rather than 'explicit deny' security model. If you don't allow a given file type to be uploaded, it won't be uploaded
$logEvents : Whether or not Drop Bocks should log upload and deletion events to a log file. Log files are small, I recommend leaving this on
$logFileName : The name of the file to which to log, aka: the log file name
$sendNotificationEmail : Whether or not you should be sent an email notifying you of newly-uplaoded files. The notification email contains the names of the uploaded files
$toEmail : Your email address (and you can fill out all the other standard email values as well)
$confirmDelete : Whether or not a Javascript confirmation dialog should be shown verifying that you want to delete the file you're about to delete
$ccreateThumbnails : Whether or not thumbnail images should be created when image files are uploaded
$displayThumbnailsInAdmin : Whether or not the thumbnails should be displayed in the admin interface. I'd turn this on, it's cool

Certain events cause messages to be displayed onscreen. You can configure these messages by changing the following values:

$siteName : If you want the drop box site to have a custom name, put it here
$dropboxWelcomeMsg : The message displayed to users when they come to your drop box. Appears above the uploads submission form
$dropboxFullMsg : The message to display to users when your drop box is full. When it's full, they can't upload
$dropboxFullMsgAdmin : The message to display to you in the admin interface when your drop box is full
$mailSentMsg : The message displayed to users informing them that a notification email has been sent to you. Appears above the uploads submission form after they've uploaded
$deleteConfirmationMsgAdmin : Message to display if deletion confirmation is turned on. A fail-safe of sorts

Three steps you can take to secure your drop box from prying eyes:

1. Obscure the $uploadDir directory name. Instead of leaving it as the default files/ name it something hard to guess, like ocQJTmKC/.
2. Put an index.php page into your $uploadDir directory. Anyone trying to view the directory contents should see this file instead.
3. Use .htaccess to protect the $uploadDir directory behind a username and password. The Drop Bocks application should still be able to upload files to it with this set.