PolyCMS Media Library Guide
Overview
The PolyCMS Media Library provides centralized image and file management for all CMS content. All uploads are stored in uploads/polycms/, keeping CMS media completely separate from your Perfex CRM files.
Upload Methods
Drag-and-Drop Upload
Drag files directly onto the Media Library window to upload. Multiple files can be uploaded simultaneously.
Browse Upload
Click the Upload button to open a standard file picker dialog. Select one or multiple files for upload.
In-Editor Upload
When editing a post or page, insert images directly from the TinyMCE editor. The Media Library modal opens inline, allowing you to select existing media or upload new files.
Directory Structure
PolyCMS organizes uploads using an automated Year/Month/Day directory structure:
uploads/polycms/
├── 2026/
│ ├── 05/
│ │ ├── 15/
│ │ │ ├── hero-banner.jpg
│ │ │ └── hero-banner-thumb.jpg
│ │ └── 16/
│ └── 06/
This structure prevents filename conflicts and keeps directories manageable even with thousands of files.
View Modes
Toggle between two display modes:
| Mode | Description |
|---|---|
| Grid View | Thumbnail grid for visual browsing |
| List View | Detailed table with filename, size, dimensions, upload date |
Media Features
- Directory Tree Browser — Navigate the folder structure using the sidebar tree.
- File Type Filtering — Filter by Images, Documents, or All Files.
- Lightbox Preview — Click any image to view full-size preview without leaving the library.
- Image Thumbnails — Auto-generated thumbnails for all uploaded images.
- File Details — View filename, dimensions, file size, upload date, and URL for each file.
3-Layer Upload Security
PolyCMS implements robust server-side security for all file uploads:
- File Extension Validation — Only whitelisted extensions are accepted (jpg, png, gif, webp, svg, pdf, etc.). Executable files (.php, .exe, .sh) are blocked.
- MIME-Type Verification — The actual file content is inspected to verify it matches the declared extension, preventing renamed malicious files.
- Content Scanning — Uploaded files are scanned for embedded PHP code, script tags, and other potentially dangerous content to prevent Remote Code Execution (RCE).
Safe Deletion
When deleting a media file, PolyCMS checks if the file is currently referenced by any post or page content. If the file is in use, you receive a warning before deletion to prevent broken images on your frontend.
Storage Path
All CMS media is stored under:
{perfex_crm_root}/uploads/polycms/
This dedicated directory ensures CMS uploads never interfere with Perfex CRM client files, proposals, or other module uploads.
Related Documentation
- Managing Posts — Insert media into post content.
- Managing Pages — Add images to static pages.
- Building a Custom Theme — Access media in theme templates.