A humble PHP framework & CMS

Media Manager

Accessing the media manager requires either the "Content" or "Media" user roles. Content users have read-only access whereas Media users can add, remove or rename files and can set required access roles and encryption state for any file.


The folders in the media manager are for organization purposes only and do not effect the filepath or final URL of uploaded files. By default, Humblee creates two empty folders, "Images" and "Other Files" but you can add, rename or delete folders as you wish.

Optimizing Images (if enabled)

If the site's configuration includes an API Key for TinyPNG and the feature is enabled, the site will automatically use TinyPNG to compress uploaded images to their smallest files size with minimal loss of quality.

Even if enabled, this feature can be bypassed on a per-file bases at the time of upload by unchecking the "Optimize Images" checkbox.

Setting Roles

When viewing the details of a given file, you can set the required "Access Role" required to view or download that file. "Public Access" allows the file to be viewed by anyone with a link to the file. Any other role setting will require a user to be logged into the site with the appropriate authorization role in order to view or download the file.


For added security, files uploaded through the media manager can be encrypted "at rest." When viewing the details of a given file, simply check the "Encrypted" checkbox. Note that, by default, this checkbox only appears if the Access Role is set to a value other than "Public" or if the file has previously been encrypted.

The decryption process does add some overhead when retrieving files so it may not be appropriate to encrypt images that will be displayed on a page.

Note this feature only encrypts files on the sever. For full end-to-end encryption be sure to install an SSL certificate on your site so that files transferred between the server and the user's browser will be encrypted.

Iframe Mode

If the media manager is opened in an frame inside a modal dialog box (such as from the content editor page) then, when viewing a file's details a green "Select this File" button will appear to pass the selected file's information back to the form that triggered the dialog box.

Developers, to add this functionality to your custom forms, append the media manager url with ?iframe, ~/admin/media-manager?iframe. When the user clicks the "Select this File" button the media manager will trigger parent.handleMediaManagerSelect(fileData); and pass an object with information from the database for the given file to your form which should have a function with that name to process the data. The "fileData" object includes the following:

  • - the user generated name of the file, such as "my-image.jpg"
  • fileData.size - the file's size in Kb
  • fileData.type - the file type, such as "image/jpeg" or "application/pdf"
  • fileData.required_role - the role ID required by a user to view the file. "0" is public
  • fileData.encrypted - bool value if the file has been encrypted at rest. "0" is false, "1" is true.
  • fileData.url - The URL to the file
  • fileData.filepath - the filename as it is stored in the ~/storage folder

Note: The url value returned in the fileData object is different than the filepath value stored in the database which is the path to the image in the ~/storage folder. The ~/storage folder is not navigable from the web so the filepath value can not be used to link to the file. Media files are loaded through Core_Controller_Media which the init.php routes to when the URL starts with the alias directory ~/media/. The controller finds the file by its database ID number which should also be included in the URL. A property formatted URL is ~/media/123/my-image.jpg (where "123" is the database ID).

If you are generating a URL to a file with PHP you could do the following:

$file = ORM::for_table(_table_media)->find_one(123);
echo "~/media/" . $file->id ."/". $file->name;