A number of posters on Donline have left comments requesting that the Flash File Uploader allow for users to specify a specific directory for the uploaded files. In the past, the uploader hardcoded the directory for uploads to be “/files”, with thumbnails automatically going into a newly-created child folder called “/.s/” (the auto-thumbnailing option was added in Version 2).
Some minor modifications to the Flash FLA, index.php and upload.php were made to enable users to specify their own directories for file uploads. Naturally, this opens up a security breach as wily coders can point to unspecified directories outside the current folder, if those directories are writeable. Hopefully, this won’t become an issue for you, but I’m requiring all users of the scripts to still read and accept my disclaimer before proceeding.