Post A Reply

English

Change Language

Post a reply

Write your message and submit

Name

E-mail

Message

[quote=rvelices][quote=rub]Ok, but original photos can be save on "remote site". IE, original photo can be save on a specific site with other url, cache will be on local.[/quote]
The problem is that piwigo needs access to the original photos in order to build resizes. This is going to be extremely slow.

[quote=rub]Original photos can be save on a local directory not accesible by public http?[/quote]
Yes: you need to protect your directory with a .htaccess, make sure you have enabled_high=false for everyone and make sure your original photos are larger than the biggest resize

[quote=rub]Trigger/event must be add in order to apply effect on picture.
For example, photos must be saved on a private directory and trigger add watermark on picture.[/quote]
No trigger because the php script from piwigo that generate the resizes does not connect to the database. But check my point h. above (sharpening, watermark, grayscale effects etc...)
Basically in the very first version there will be no such thing (it's the last point in the remaining to do list)[/quote]

Click in the dark area of the image to send your post.

Go back

Topic review (newest first)

flop25: 2012-04-05 18:19:09

rvelices wrote:
in file_path_for_type the only acceptable $type parameters should be 'original' and 'representative' (if the added element is not a picture)

file_path_for_type still use has_high
and get_high_path() (no use) get_high_url() (reference in triggers_list) get_high_location() (used in file_path_for_type and has reference in triggers_list) should be deleted no ?

plg: 2012-01-17 01:27:20

rvelices, I have added :

Code:

function delete_element_derivatives($ids)
{
  // todo
  if (!is_array($ids))
  {
    $ids = array($ids);
  }

  // for now I do a massive clear, to be removed once the function is
  // properly implemented
  clear_derivative_cache();
}

I let you improve this function :-)

plg: 2012-01-17 01:26:08

I've made the pwg.images.add mecanism compatible with multiple size. It's a bit tricky for pwg.images.checkFiles but it should be good enough for pLoader users.

plg: 2012-01-17 01:25:13

rvelices wrote:
in file_path_for_type the only acceptable $type parameters should be 'original' and 'representative' (if the added element is not a picture)

Actually, function file_path_for_type becomes obsolete with Piwigo 2.4. The only functions using it needs to be rewritten or removed (ws_images_resizewebsize and ws_images_resizethumbnail)

plg: 2012-01-16 14:21:53

Perfect. I'll do.

rvelices: 2012-01-16 14:18:02

plg wrote:
I'm implementing the "update file" algorithm and I'm searching the deleteDerivative function you had described me. I don't find it. Is it in the TODO list or did I miss it?

it's in the todolist you can put sth like
function delete_element_derivatives($infos)
{
// todo
}
in admin functions.inc.php and call it ...

plg: 2012-01-16 13:41:55

I'm implementing the "update file" algorithm and I'm searching the deleteDerivative function you had described me. I don't find it. Is it in the TODO list or did I miss it?

rvelices: 2012-01-13 09:03:43

plg wrote:
Done for upload form and pwg.images.addSimple. Still under review for pwg.images.add.

You can still cleanup in functions_upload
'tn_ext' => 'jpg',

if (isset($high_infos))
{
$insert['has_high'] = 'true';
$insert['high_filesize'] = $high_infos['filesize'];
$insert['high_width'] = $high_infos['width'];
$insert['high_height'] = $high_infos['height'];
}

in file_path_for_type the only acceptable $type parameters should be 'original' and 'representative' (if the added element is not a picture)

plg: 2012-01-12 22:56:15

rvelices wrote:
The remaining things to do (in order of importance from my point of view) are:
c. review upload (forms + ws)?

Done for upload form and pwg.images.addSimple. Still under review for pwg.images.add.

flop25: 2011-12-30 14:36:33

You have already thought about this, but I asked myself why we need to remove the Remote Sites : can you explain why we can't check if http://mysite/_data/mypicture-tn.jpeg exists and call the distant i.php?etc to generate it ? I'm sorry if it appears as a stupid question for you, I'm certainly missing something

flop25: 2011-12-29 14:05:20

rvelices wrote:
flop25 wrote:
@rvelices
I like your strap nodatabase, but can we imagin a configfile or another i.php, for allowing crypted request (crypted with the secret key...) ?
In order to do what ?

like Pierrick I was thinking of " the problem of the path pattern : if you know the path to the thumbnail, you can find the path to any other size.".
I also was thinking about adding other location of pictures, how to secure it (I was focusing of hiding the path, but adding an htaccess is much easier) : we could specify any path to i.php (ex public_html/blabla/mypic/ ) and generate the multisized pics in _data/i/blabla/mypic/

rvelices: 2011-12-29 12:08:47

plg wrote:
That doesn't sound enough for me if the visitor can still open _data/i/[path]-la.jpg : we also need .htacess into _data/i, don't you think?

My idea was not to protect _data/i - the webmaster could always allow only "small" resizes.
However this would work out of the box if you choose $conf['derivative_url_style']=2 (i.php) and if we finish the implementation i.php (look for // todo send pass-through )

plg wrote:
Have you already made some performance test on action.php used for all thumbnail/photo etc? (I haven't and I wonder if it needs a lot of CPU/memory on server side)

No tests done, but I would say - no CPU usage, rather heavy IO. Instead of apache using an optimized syscall for transferring data (checkout sendfile function), php reads the file and then outputs it (either quick if used as a php module or with extra IO as cgi/fcgi)

plg: 2011-12-29 11:55:08

rvelices wrote:
plg wrote:
What's your opinion about that? Do you think we can do something clean and more secure?
- implement two event handlers
get_element_url - will return action.php?part=e&id=1&view instead of get_root_url().row[path]

That doesn't sound enough for me if the visitor can still open _data/i/[path]-la.jpg : we also need .htacess into _data/i, don't you think?

Have you already made some performance test on action.php used for all thumbnail/photo etc? (I haven't and I wonder if it needs a lot of CPU/memory on server side)

rvelices: 2011-12-29 11:38:22

plg wrote:
What's your opinion about that? Do you think we can do something clean and more secure?

Not yet properly working with svn trunk but my target for securing originals will be a plugin that:
- adds .htacces in uploads/galleries deny from all
- implement two event handlers
get_element_url - will return action.php?part=e&id=1&view instead of get_root_url().row[path]
get_representative_url - will return action.php?part=r&id=1&view. instead of get_root_url().add_pwg_representative_inside(row[path])

plg: 2011-12-29 11:04:48

rvelices, Piwigo currently (version 2.3) has an option to remove access to HD (user by user), but this is just a "display option" to remove the link to the HD : the HD remains reachable if you know the path pattern to the HD.

With Piwigo 2.4, this option also needs to be redesigned because "HD" doesn't mean the same. I think that a "maximum visible size" would be better but we keep the problem of the path pattern : if you know the path to the thumbnail, you can find the path to any other size.

What's your opinion about that? Do you think we can do something clean and more secure?

Piwigo.org

Announcement

Topic review (newest first)

rvelices wrote:

Code:

rvelices wrote:

plg wrote:

plg wrote:

rvelices wrote:

rvelices wrote:

flop25 wrote:

plg wrote:

plg wrote:

rvelices wrote:

plg wrote:

plg wrote:

Board footer