WordPress.org

Te Reo Māori

Get WordPress
WordPress.org

Plugin Directory

Frontend File Explorer

Frontend File Explorer

By Shafat Mahmud Khan
Download

Description

Frontend File Explorer is a modern, Windows Explorer–inspired file manager for WordPress. It gives you a clean admin interface to organize and share files plus a responsive frontend explorer powered by a simple shortcode.

Use it to create download areas for courses, client file portals, or resource libraries — without relying on heavy external file management tools.

The plugin provides a seamless experience for both administrators and frontend users:

  • Explorer-style UI: Navigate with breadcrumbs, toolbar actions, pagination, and Material Icons.
  • Dedicated Directory: Files are stored in a secured wp-content/uploads/downloads directory.
  • Admin Management: Create folders, upload files, delete items, and download ZIPs directly from the admin dashboard.
  • Frontend Integration: Embed the explorer anywhere using the [frontend_file_explorer] shortcode.
  • AJAX-Powered: Fast, smooth navigation and pagination without page reloads.
  • Translation Ready: Fully localized with the frontend-file-explorer text domain.

How to use the Explorer:

  • Admin Interface:
    Navigate to File Upload in your WordPress admin sidebar. From this dedicated dashboard, administrators can create nested folders, upload bulk files (featuring multi-select and drag-and-drop), import existing Media Library assets, delete items, and download entire directories as ZIP archives.

  • Frontend Shortcode:
    Embed the user-facing explorer interface on any Page, Post, or Custom Post Type using the following shortcode setup:

    [frontend_file_explorer]

    (Renders the explorer starting at the root storage directory)

    Advanced Shortcode Usage:
    You can explicitly define the starting folder path relative to the root uploads/downloads directory by using the folder attribute:

    [frontend_file_explorer folder="/course-materials"]
[frontend_file_explorer folder="/clients/acme-corp"]
    • Frontend Capabilities: Visitors browsing the frontend can view contents, click files to download them, and copy direct sharing links.
    • Security: Destructive or mutating actions (like file upload, folder creation, or deletion) remain strictly hidden and blocked from public visitors. They are only accessible to logged-in users who possess the WordPress upload_files capability.

Who is this plugin for?

  • Course creators who need a simple, branded downloads area.
  • Agencies and freelancers who share files with clients.
  • Site owners who want a lightweight, Explorer-like file manager in WordPress.

Screenshots

  • Admin file explorer with folders, uploads, and toolbar actions (backend).
  • Frontend file explorer embedded via shortcode (frontend view).

Installation

Installation from within WordPress

  1. Visit Plugins > Add New.
  2. Search for Frontend File Explorer.
  3. Install and activate the Frontend File Explorer plugin.
  4. On activation, the plugin will create wp-content/uploads/downloads.

Manual installation

  1. Upload the plugin folder to the /wp-content/plugins/ directory.
  2. Visit Plugins.
  3. Activate the Frontend File Explorer plugin.

FAQ

Can I point the explorer to a different base folder?

Yes. You can override the constants in a custom mu-plugin before File Explorer loads, or use filters/hooks (e.g. on wp_loaded) to adjust the base path/URL. This is an advanced customization and should be done carefully.

Does the plugin work in multisite?

Yes. Each site manages its own uploads/downloads directory. You can network-activate the plugin for consistency across sites.

Are file types restricted?

By default, allowed file types are defined via options during activation. You can adjust the allowed extensions by updating the plugin options (e.g., file_explorer_allowed_file_types).

How do I translate the UI?

The plugin is fully localization-ready and uses the frontend-file-explorer text domain. You can use tools like Loco Translate or Poedit to create translations and drop .mo files in the languages/ directory.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Frontend File Explorer” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Frontend File Explorer” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.0.5

  • Security: Added comprehensive array structure validation for $_FILES superglobal before accessing elements.
  • Security: Moved is_uploaded_file() validation to immediately after accessing tmp_name for improved security.
  • Security: Removed PHPCS ignore comment and implemented proper sanitization for file upload handling.
  • Standards: Replaced $_REQUEST with $_POST for AJAX POST requests per WordPress coding standards.
  • Standards: Replaced PHP basename() with WordPress wp_basename() for i18n compatibility with multibyte characters.

1.0.4

  • Security: Sanitized and validated all $_FILES upload fields individually (name, type, tmp_name, error, size).
  • Security: Added is_uploaded_file() guard against path injection on file uploads.
  • Standards: Fixed unordered placeholders in translatable strings per WordPress i18n guidelines.

1.0.3

  • Security: Fixed unauthenticated file downloads, arbitrary PHP uploads, XSS via eval(), and server path disclosure.
  • Standards: Migrated all filesystem operations to WP_Filesystem API, bundled Material Icons locally, added proper nonce verification and capability checks to all AJAX endpoints.
  • Standards: Renamed classes to use WordPress underscore convention (Frontend_File_Explorer, Frontend_File_Explorer_Ajax).
  • Standards: Removed discouraged load_plugin_textdomain() call, added proper prefixing to all handles and identifiers.

1.0.2

  • Fix: Resolved a critical bug causing the frontend explorer to execute filesystem deletion logic instead of listing directory contents.
  • Fix: Repaired the “Download as ZIP” mechanism to eliminate ERR_INVALID_RESPONSE failures by safely building ZipArchive temp files and explicitly managing PHP output buffers and Safari download headers.
  • Feature: Fully integrated the missing backend endpoints required for the UI, enabling seamless frontend and backend folder creation, file uploads, and Media Library imports.
  • Security & Standards: Swept codebase for strict WordPress PHPCS warnings. Corrected all variable unslashing, resolved missing nonce verification checks, migrated deprecated filesystem functions to WP_Filesystem, and reinforced esc_html__ translation domain strings and translators comments.

1.0.1

  • Rename plugin to “Frontend File Explorer”
  • Align text domain and translation loading with slug frontend-file-explorer
  • Improve README and readme.txt descriptions and screenshots

Meta

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Support

Got something to say? Need help?

View support forum

Donate

Would you like to support the advancement of this plugin?

Donate to this plugin