AutoIndex PHP Script, by Justin Hagstrom

Change Log


(+) Added feature
(!) Security bug fixed
(-) Bug fixed
(*) Improved/changed feature
( ) Non-code change


Version 1.4.3 (2004-Apr-10)
(+) Added an option to ban IP addresses or hostnames
(-) Files that take longer than 30 seconds to download now work with $force_download on
(*) $dont_log_these_ips can also contain hostnames
(*) Uploads are logged if the logging system is on
( ) Added another icon set (MacOS X style)
( ) Added Turkish translation

Version 1.4.2 (2004-Mar-26)
(+) Added an image thumbnailing feature (requires GDlib 2.0.1 or higher)
(-) Hostnames are correctly resolved for logging (broken since 1.4.0)
( ) Added another icon set (KDE style)
( ) Added Latvian translation

Version 1.4.1 (2004-Mar-24)
(-) Script works when posix_getpwuid() is disabled on UNIX-like systems
(+) Folders can be created recursively
(*) The header and footer (if specified) are added to all pages displayed

Version 1.4.0 (2004-Mar-12)
(+) The script is configured through the web browser, rather than by directly editing the php file
(+) Added a filetype column, and made it optional to show each column
(+) Added some basic compatibility for PHP 4.0.x (now works with all versions of PHP4 and PHP5)
(-) The directory list is not regenerated when a file is downloaded
( ) Renamed "AutoIndex.php" to "index.php"
( ) Forums moved to

Version 1.3.8 (2004-Feb-22)
(-) Fixed the blank page problem that happened with certain php configurations

Version 1.3.7 (2004-Feb-06)
(+) Added an editor for the links file
(-) Works with zlib.output_compression turned on
(*) Links are included in searches (as files)
(*) Improved searching interface
( ) Added Czech translation

Version 1.3.6 (2004-Jan-17)
(+) Admins can rename files using the script
(*) You have to confirm any file/folder deletes
(*) You can set the display name for links
(*) Improved the get_filesize function
( ) Added Icelandic and Japanese translations

Version 1.3.5 (2004-Jan-12)
(-) Uploading works with absolute paths
(-) Stylesheet doesn't interfere with other tables
(*) Got rid of the $show_dot_files feature, since you can just add '.*' to $hidden_files
( ) Added another set of icons (WinXP style)
( ) Added Malay and Korean translations

Version 1.3.4 (2004-Jan-02)
(+) Added an option to only allow logged in users to view/download files
(+) Added a feature to only show certain files
(+) Added an option to allow the md5sum of a file to be calculated and shown
(-) Fixed problems when quotes are in strings
(-) Fixed URL encoding on IIS servers
(-) Fixed a bug with the upload feature (it still only works with relative paths, though)
(*) Usernames are treated as case-insensitive
( ) "userlist.txt" has been renamed to ".htpasswd.autoindex" to increase security
( ) Added Catalan and Thai translations
(*) Many small code changes

Version 1.3.3 (2003-Dec-24)
(*) Completely rewrote the format for log files
NOTE: you will have to start with an empty file for your log when you upgrade - you can't carry over your old log
(*) Rewrote the log viewer (in the admin section)
(*) Added a list to lookup the hostname country codes
(*) When descriptions are edited, the current description is shown in the textbox
( ) Added Romanian and Hungarian translations

Version 1.3.2 (2003-Dec-19)
(-) Fixed some small problems with the force download feature
(-) Only the filename (not the full path) is included for hidden file
(*) Searches no longer need wildcards ("simple search" by default)
(*) Improved the anti-leech feature
( ) Added Finnish translation
(*) Many small changes, improvements, and bug fixes

Version 1.3.1 (2003-Dec-15)
(-) Fixed a problem with logins on some servers
(-) Headers/footers are only included if they exist
(*) The downloads column has a total at the bottom
( ) Added Lithuanian translation

Version 1.3.0 (2003-Dec-14)
(+) Each file/folder is in its own row in the table (instead of just separating them with linebreaks)
(+) Files can have custom descriptions (you can edit them in the admin section)
(+) Links to files on other websites can be listed
(+) Admins are able to copy files from other servers (similar to "wget")
(*) The number of file downloads has its own column
(*) Many small changes and improvements

Version 1.2.6 (2003-Dec-07)
(+) Added an option to identify new files and folders
(-) Fixed a bug with deleting files
(*) Cleaned up the $force_download code
(*) All HTML output is XHTML compliant
(*) The header is displayed before the table is started
(*) Searches are saved after a search, as are all other selections
(*) Updated the stylesheet

Version 1.2.5 (2003-Nov-28)
(+) Lists can be sorted by Date and Filesize
(+) Admins can delete files and create/delete folders (NOTE: delete doesn't work properly until 1.2.6)
(+) Added a log viewer in the admin section
(-) The last remaining admin now cannot be deleted
(*) Added an option to let the user view the script in any language
(*) Added an option to use simple searches (no wildcards needed and not case sensitive)
(-) Some small bug fixes

Version 1.2.4 (2003-Nov-16)
(+) Added an option to keep track of the number of times a file has been downloaded
(!) [XSS vulnerability] A parameter could contain HTML code (present in 1.1.0 through 1.2.3)
(-) Files in $hidden_files now cannot be uploaded
(*) Lists are sorted by "natural sort"
( ) Added Brazilian Portuguese and Swedish translations
( ) Forums moved to

Version 1.2.3 (2003-Nov-13)
(-) Fixed a bug when there are files/folders that PHP does not have permission to read
(-) All special characters are escaped for the regular expression matching
(*) IP addresses to not log can include wildcards (*, +, ?)
(*) When adding a new user, the username must follow a regular expression
(*) Added a few more extensions to give icons to

Version 1.2.2 (2003-Oct-23)
(*) More than one folder can be expanded at once
(*) Icons are shown for expanded folders
(*) PHP Sessions are used to store certain variables
(*) Each language has its own file
( ) Added Dutch, Polish, and Russian translations

Version 1.2.1 (2003-Oct-17)
(-) Fixed bugs when using $index
(-) Setting $show_dot_files to 0 works correctly
(*) Improved file uploading (added an option to allow files to be overwritten)
( ) Added Bulgarian and Norwegian translations

Version 1.2.0 (2003-Oct-11)
(+) Added the ability to upload files
(+) User accounts and Login support added
(+) Wildcard matching: hidden files and searches can include wildcards (*, +, ?)
(*) Removed a few "useless" features
(-) A few small bug fixes

Version 1.1.6 (2003-Oct-07)
(*) Made a separate file for localizations
(-) Fixed a small bug in the HTML, effecting tables (present in 1.0.7 through 1.1.5)
(-) URLs are URLEncoded
( ) Added German, French, Danish, and Chinese translations

Version 1.1.5 (2003-Sep-13)
(+) Added localization support (so far: English, Italian, and Spanish)
(-) Fixed a bug with downloading files from search results (present in 1.1.0 through 1.1.4)

Version 1.1.4 (2003-Aug-12)
(+) Added an option to show files/folders that start with a period
(+) Added an option to not allow subdirectory access
(-) A few small bug fixes

Version 1.1.3 (2003-Jun-22)
(!) Fixed a bug with viewing files/folders above the root folder on Windows servers (present in 1.1.0 through 1.1.2)

Version 1.1.2 (2003-Jun-13)
(*) Improved the anti-leech feature: it now also uses cookies (NOTE: this doesn't work properly until 1.1.4)

Version 1.1.1 (2003-Jun-02)
(-) Fixed a bug when downloading files with $force_download turned on
(+) Added a bandwidth limit feature
( ) Project is now hosted at

Version 1.1.0 (2003-May-17)
(*) Fixed up code, so now error displaying doesn't need to be turned off
(*) ".." is recognized in pathnames (NOTE: this creates a security bug on Windows servers. Fixed in 1.1.3)
(*) Improved error checking (NOTE: this creates a small security bug. Fixed in 1.2.4)
(*) Got rid of the old stylesheet

Version 1.0.9 (2003-Mar-11)
(-) Fixed bug which occurred when there was an apostrophe in the file/folder name
(-) File/folder names in Win32 are treated as case insensitive
(*) Added more searching features

Version 1.0.8 (2003-Mar-04)
(-) Fixed a bug with file naming when $force_download is on

Version 1.0.7 (2003-Feb-23)
(-) Fixed a bug in the html: a table was not closed (NOTE: this actually creates a small bug present until 1.1.6)
(*) The filename of the script is specified in the link

Version 1.0.6 (2003-Feb-19)
(-) Fixed a bug with file downloads if using an absolute path

Version 1.0.5 (2003-Feb-14)
(+) Added more options with headers/footers

Version 1.0.4 (2003-Feb-12)
(!) Hidden files/folders cannot be viewed even if their name is specified in the URL
(*) Added a few more icons for file extensions

Version 1.0.3 (2003-Feb-08)
(-) If $show_extension is 0, extensions are no longer included in the search
(-) Spaces in URLs are encoded to %20 (NOTE: the rest of the URL encoding bugs are fixed in 1.1.6 and 1.3.4)
(*) Improved the error checking and error messages
(*) Fixed up some of the HTML tables

Version 1.0.2 (2003-Jan-31)
(*) Server OS is automatically determined; you don't need to specify it

Version 1.0.1 (2003-Jan-30)
(+) Added an option to not log access from certain IPs
(*) Searches are logged
(*) Added more icons for file extensions

Version 1.0.0 (2003-Jan-29)
( ) First non-beta quality release

Beta Versions (2002-Dec-??)
( ) Although they were labeled "Version 3.x" they are beta versions