Added a shared resumable upload session service in
[ResumableUploadService.php](/Users/tyemeclifford/Documents/GH/CloudflareR2-Manager/src/Service/ResumableUploadService.php).
Wired dashboard JSON upload endpoints in
[AppController.php](/Users/tyemeclifford/Documents/GH/CloudflareR2-Manager/src/Controller/AppController.php).
Reworked the upload UI/JS to chunk files directly from the browser to
presigned R2 multipart URLs in
[app.js](/Users/tyemeclifford/Documents/GH/CloudflareR2-Manager/public/assets/app.js).
Added the dedicated iPhone/Safari side uploader at
[side-upload.php](/Users/tyemeclifford/Documents/GH/CloudflareR2-Manager/public/side-upload.php),
with its own password and fixed destination prefix via script constants,
.env, or side-upload.json.
Added
[side-upload.example.json](/Users/tyemeclifford/Documents/GH/CloudflareR2-Manager/side-upload.example.json),
ignored the real side-upload.json, and documented setup/CORS in
[README.md](/Users/tyemeclifford/Documents/GH/CloudflareR2-Manager/README.md).
R2 S3 Signature V4 client in
[src/R2/R2Client.php](/Users/tyemeclifford/Documents/GH/CloudflareR2-Manager/src/R2/R2Client.php)
SQLite mirror, usage ledger, settings, local tags, permission labels,
and signed URL history under
[src/Repository](/Users/tyemeclifford/Documents/GH/CloudflareR2-Manager/src/Repository)
Simple password auth and CSRF protection
Uploads, folders, sync, copy/move/delete, downloads, presigned URLs,
CORS JSON management, and usage/billing-style summaries
Setup docs in
[README.md](/Users/tyemeclifford/Documents/GH/CloudflareR2-Manager/README.md)
and config template in
[.env.example](/Users/tyemeclifford/Documents/GH/CloudflareR2-Manager/.env.example)
Important R2 caveat: Cloudflare’s current R2 S3 compatibility docs say
ACLs and object-tagging APIs are not implemented, so the app stores tags
and permission labels locally in SQLite while keeping file bytes on R2.
I used Cloudflare’s official docs for S3 compatibility, presigned URLs,
and CORS.