This project is not covered by Drupal’s security advisory policy.

This module integrates the open source applet Postlet into a multiple image upload page (which is linked to from the node/add/image page). This enables images to be "drag 'n' dropped" into Drupal.

The module requires the Image module to be installed.

The module is easy to install, and requires no user configuration.

Users of version 1 of this module may be disappointed in the changes that have been made, especially the removal of the bulk editing tool. This was a deliberate step to make the module as simple as possible, I'll be releasing a bulk editing tool for images (and any other node type) soon.

For more information about the Postlet applet, please visit the Postlet Sourceforge page. Bugs regarding the modules functionality should be posted to the Drupal site, whilst bugs regarding Postlet's functionality should be posted to the Postlet forums.

Development of this module was carried out by Simon Rycroft and funded in part by the EDIT project

Contrary to what is stated in the recent security advisory, there is no need to disable this module, unless of course you consider the following to be an issue:

  1. Install imagex, image modules
  2. Install module
  3. Create a user called "auth" that has no special roles
  4. Grant "auth" the ability to create images
  5. Go to admin/content/node-type/image/access and set "Enable per content node access control settings"
  6. Log in as auth and upload some photos
  7. Log in as an admin and visit the "access" tab on the recently upload images from "auth" user - should be /node/1/access if this is a fresh site
  8. Take away both of the checkboxes under "View any content" and "View own content" and Submit the permissions
  9. As the "auth" user visit node/1 - you should get an access denied
  10. As the "auth" user upload a new photo
  11. When the photo finishes uploading you see the thumbnails of the images that you have uploaded in the past hour, including the one that you should not have access to

If you're still concerned, please download the CVS version of the module, and install that.

Project information

  • caution Minimally maintained
    Maintainers monitor issues, but fast responses are not guaranteed.
  • caution No further development
    No longer developed by its maintainers.
  • chart icon16 sites report using this module
  • shield alertThis project is not covered by the security advisory policy.
    Use at your own risk! It may have publicly disclosed vulnerabilities.