This project is not covered by Drupal’s security advisory policy.
This module integrates the open source applet Postlet into a multiple image upload page (which is linked to from the node/add/image page). This enables images to be "drag 'n' dropped" into Drupal.
The module requires the Image module to be installed.
The module is easy to install, and requires no user configuration.
Users of version 1 of this module may be disappointed in the changes that have been made, especially the removal of the bulk editing tool. This was a deliberate step to make the module as simple as possible, I'll be releasing a bulk editing tool for images (and any other node type) soon.
For more information about the Postlet applet, please visit the Postlet Sourceforge page. Bugs regarding the modules functionality should be posted to the Drupal site, whilst bugs regarding Postlet's functionality should be posted to the Postlet forums.
Contrary to what is stated in the recent security advisory, there is no need to disable this module, unless of course you consider the following to be an issue:
- Install imagex, image modules
- Install http://drupal.org/project/content_access module
- Create a user called "auth" that has no special roles
- Grant "auth" the ability to create images
- Go to admin/content/node-type/image/access and set "Enable per content node access control settings"
- Log in as auth and upload some photos
- Log in as an admin and visit the "access" tab on the recently upload images from "auth" user - should be /node/1/access if this is a fresh site
- Take away both of the checkboxes under "View any content" and "View own content" and Submit the permissions
- As the "auth" user visit node/1 - you should get an access denied
- As the "auth" user upload a new photo
- When the photo finishes uploading you see the thumbnails of the images that you have uploaded in the past hour, including the one that you should not have access to
If you're still concerned, please download the CVS version of the module, and install that.
- Maintenance status: Minimally maintained
- Development status: No further development
- Reported installs: 24 sites currently report using this module. View usage statistics.
- Downloads: 6,314
- Last modified: November 27, 2014
- This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.