説明
WP Dropzone integrates the powerful Dropzone.js library with WordPress, allowing you to upload files directly into the WordPress media library from any post, page, or front-end location. The plugin provides a modern, user-friendly drag-and-drop interface with extensive customization options and advanced features for file management.
Key Features
- Drag & Drop Interface – Modern, intuitive file upload experience
- Customizable Styling – Full control over appearance with CSS customization
- File Validation – Built-in file type and size validation
- Image Processing – Automatic image resizing, cropping, and quality optimization
- Thumbnail Generation – Customizable thumbnail previews
- Security Features – Nonce verification and user permission checks
- Action Hooks – WordPress hooks for customization and integration
- Translation Ready – Full internationalization support
- Performance Optimized – Assets loaded only when needed
Shortcode Usage
Insert the dropzone anywhere in your posts, pages, or templates with the shortcode:
[wp-dropzone]
Or in PHP templates:
<?php echo do_shortcode( '[wp-dropzone]' ); ?>
Shortcode Attributes
The following attributes can be used with the [wp-dropzone] shortcode:
-
id– Unique identifier for the dropzone instance (Default: Auto-generated)
Example:[wp-dropzone id="myUploader"] -
title– Title displayed above the dropzone (Default: Empty)
Example:[wp-dropzone title="Drop Files Here"] -
desc– Description text for the dropzone (Default: Empty)
Example:[wp-dropzone desc="Upload your files here"] -
accepted-files– Allowed file types (Default: All files)
Example:[wp-dropzone accepted-files="image/*"] -
max-files– Maximum number of files (Default: Unlimited)
Example:[wp-dropzone max-files="3"] -
auto-process– Auto-upload files when dropped (Default: true)
Example:[wp-dropzone auto-process="false"] -
clickable– Make dropzone clickable (Default: true)
Example:[wp-dropzone clickable="false"] -
remove-links– Show remove file buttons (Default: false)
Example:[wp-dropzone remove-links="true"] -
upload-button-text– Text for manual upload button (Default: “Upload Files”)
Example:[wp-dropzone upload-button-text="Upload Selected Files"] -
resize-width– Resize images to specified width (Default: Original)
Example:[wp-dropzone resize-width="800"] -
resize-height– Resize images to specified height (Default: Original)
Example:[wp-dropzone resize-height="600"] -
resize-quality– Image quality (0.1-1.0) (Default: 0.8)
Example:[wp-dropzone resize-quality="0.9"] -
resize-method– Resize method: contain/crop (Default: contain)
Example:[wp-dropzone resize-method="crop"] -
thumbnail-width– Thumbnail width in pixels (Default: 120)
Example:[wp-dropzone thumbnail-width="150"] -
thumbnail-height– Thumbnail height in pixels (Default: 120)
Example:[wp-dropzone thumbnail-height="150"] -
thumbnail-method– Thumbnail method: contain/crop (Default: crop)
Example:[wp-dropzone thumbnail-method="contain"]
Styling Options
The following styling attributes can be used to customize the dropzone appearance:
-
border-width– Border width
Example:[wp-dropzone border-width="3px"] -
border-style– Border style (solid, dashed, etc.)
Example:[wp-dropzone border-style="dashed"] -
border-color– Border color (hex code)
Example:[wp-dropzone border-color="#007cba"] -
background– Background color (hex code)
Example:[wp-dropzone background="#f0f0f1"] -
margin-bottom– Bottom margin
Example:[wp-dropzone margin-bottom="20px"]
Advanced Features
Action Hooks
The plugin provides several action hooks for customization:
// Before file upload
do_action( 'wp_dropzone_before_upload_file', $file );
// After file upload
do_action( 'wp_dropzone_after_upload_file', $file );
// After media library insertion
do_action( 'wp_dropzone_after_insert_attachment', $attachment_id );
JavaScript Integration
Access dropzone instance and events:
// Get dropzone instance
var dropzone = Dropzone.forElement("#wp-dz-yourID");
// Add event listeners
dropzone.on("success", function(file, response) {
console.log("File uploaded:", response);
});
Examples
Basic Image Upload
[wp-dropzone accepted-files="image/*" max-files="5" title="Upload Images"]
Document Upload with Restrictions
[wp-dropzone accepted-files=".pdf,.doc,.docx" title="Upload Documents" desc="PDF, DOC, DOCX files only"]
Styled Upload Area
[wp-dropzone title="Drop Files Here" desc="Drag and drop files or click to browse" border-style="dashed" border-color="#007cba" background="#f8f9fa"]
Manual Upload Button
[wp-dropzone auto-process="false" upload-button-text="Upload Selected Files" title="Select Files"]
インストール
- Upload the
wp-dropzonefolder to your/wp-content/plugins/directory - Activate the plugin through the ‘Plugins’ menu in WordPress
- Use the
[wp-dropzone]shortcode in your posts, pages, or templates
Requirements
- WordPress 6.0 or higher
- PHP 7.0 or higher
- Modern web browser with JavaScript enabled
FAQ
-
Do I need to be logged in to upload files?
-
Yes, only logged-in users can upload files for security reasons. Guest users will see a login prompt when they try to upload files.
-
What file types are supported?
-
All file types are supported by default. You can restrict file types using the
accepted-filesattribute. For example:accepted-files="image/*"for images only, oraccepted-files=".pdf,.doc,.docx"for specific document types. -
Can I customize the appearance and styling?
-
Yes, you can customize the dropzone appearance using shortcode attributes like
border-color,background,border-style, etc. For advanced styling, you can add custom CSS targeting the.wp-dropzoneclass. -
Can I resize images automatically?
-
Yes, use the
resize-width,resize-height,resize-quality, andresize-methodattributes to automatically resize uploaded images. This helps optimize storage and loading times. -
How do I show thumbnails for uploaded files?
-
Thumbnails are generated automatically for images. You can customize thumbnail size using
thumbnail-width,thumbnail-height, andthumbnail-methodattributes. -
Can I integrate with custom forms?
-
Yes, you can use the
dom-idattribute to copy uploaded file URLs to form fields. The plugin will automatically populate hidden input fields with the uploaded file URLs. -
How do I handle multiple files?
-
Use the
max-filesattribute to limit the number of files. For example:max-files="5"allows up to 5 files. Users can upload multiple files at once by dragging multiple files or using Ctrl/Cmd+click. -
Can I disable automatic upload?
-
Yes, set
auto-process="false"to require users to click an upload button. Customize the button text withupload-button-textattribute. -
How do I handle upload errors?
-
The plugin provides user-friendly error messages for common issues like file size limits, unsupported file types, and upload failures. Check browser console for detailed error information.
-
Can I use this in Gutenberg blocks or page builders?
-
Yes, you can use the shortcode in any WordPress editor that supports shortcodes, including Gutenberg blocks, Elementor, Beaver Builder, and other page builders.
-
Is there a way to track uploads or integrate with other plugins?
-
Yes, the plugin provides action hooks like
wp_dropzone_after_upload_fileandwp_dropzone_after_insert_attachmentthat you can use to integrate with other plugins or add custom functionality. -
What happens to uploaded files?
-
Files are uploaded directly to the WordPress media library and become available in your Media section. They maintain their original filenames and are organized by upload date.
-
Can I restrict uploads to specific user roles?
-
Currently, any logged-in user can upload files. For role-based restrictions, you can use the plugin’s action hooks to add custom permission checks in your theme or custom plugin.
-
Does the plugin work with multisite installations?
-
Yes, the plugin works with WordPress multisite installations. Each site will have its own media library and upload settings.
-
How do I troubleshoot upload issues?
-
Check your server’s PHP upload limits (upload_max_filesize, post_max_size), ensure JavaScript is enabled, verify file permissions on wp-content/uploads directory, and check browser console for JavaScript errors.
評価
貢献者と開発者
変更履歴
1.1.1
- SECURITY FIX – Fixed authenticated arbitrary file upload vulnerability (CVE-2025-12775)
- Added: Capability check requiring
upload_filespermission for all file uploads - Added: File type validation before writing chunks to disk
- Added: Dangerous file extension blacklist to prevent execution of malicious files
- Added: Temporary file cleanup on success and error
- Improved: Chunked upload security by using system temp directory instead of uploads directory
- Improved: File validation now occurs before any disk writes
- Improved: Error handling in JavaScript to correctly display WordPress
wp_send_json_errorresponses in Dropzone UI - Improved: PHP backend now sends proper HTTP error status codes (400, 403) for upload failures
- Improved: Dropzone area is now disabled for users without upload permissions
1.1.0
- Added: FSE theme support
- Added: Improved error handling and user feedback
- Added: Enhanced security with nonce verification
- Added: Translation support and POT file
- Improved: Code structure and documentation
- Improved: Performance optimizations
- Updated: WordPress compatibility to 6.8
- Fixed: Minor bugs and typos
1.0.7
- Added: Action hooks for before/after upload events
1.0.6
- Security Fix: Removed guest upload feature
- Updated: Dropzone library to latest version
- Warning: Plugin reactivation required after upgrade
1.0.5
- Added: WordPress 4.9.x compatibility
- Improved: Code structure and organization
1.0.4
- Improved: Overall code structure
1.0.3
- Added: Thumbnail resize functionality
1.0.2
- Added: Custom ID support
- Added: Native Dropzone events support
- Improved: Asset loading and performance
1.0.1
- Added: Image resize and crop options
- Added: Image quality control
1.0.0
- Initial release with basic functionality