Announcement

#1 2016-01-14 19:52:05

plg
Piwigo Team
Nantes, France, Europe
2002-04-05
13782

Piwigo 2.8.0RC1

Hi Piwigo users,

The wait is over. Piwigo 2.8 is now coming! After our move to Github, things are now more stable and last month was much more active on coding! To make Piwigo 2.8 come quicker, we have decided to skip the beta versions and directly start with release candidates (RC stands for Release Candidate). This version 2.8.0RC1 is for test only, so don't install it on your live website.

1) Changes

Here is the list of changes compared to Piwigo 2.7. First the changes for users:

* [Bugtracker] ticket 2955
* [Bugtracker] ticket 3209
* [Bugtracker] ticket 3185
* [Github] Piwigo issue #398 [user manager] update table when user updated
* [Github] Piwigo issue #397 [user manager] edit user in a popin
* [Github] Piwigo issue #392 keys for automatic authentication
* [Github] Piwigo issue #385 compatibility with PHP 7
* [Github] Piwigo issue #379 Multiple formats (only for sync, not yet for API/web upload)
* [Github] Piwigo issue #361 [Watermark] Y repeat
* [Github] Piwigo issue #357 make orphan photos more obvious
* [Github] Piwigo issue #346 [upload form] configure chunk size (big chunk = much faster with light speed connections)
* [Github] Piwigo issue #293 [image processing] ability for plugins to process any file type on upload
* [Github] Piwigo issue #259 [notification] album notification, select users in addition to groups

... and then changes for developers:

* [Bugtracker] ticket 3229
* [Bugtracker] ticket 3226
* [Bugtracker] ticket 3225

Full list available partly on our legacy bugtracker and the other part on Github

2) Screenshots

http://piwigo.org/screenshots/piwigo-2.8-upload-progress-favicon.png

During web upload, the favicon gets animated and shows you the current state. This way you can browse the web on another tab and see how your upload is going on!


http://piwigo.org/screenshots/piwigo-2.8-orphan-photos.png

When you delete an album, some photos may become orphan. Piwigo 2.8 will make them obvious and let you deal easily with them.



http://piwigo.org/screenshots/piwigo-2.8-watermark-yrepeat.jpg

It is now possible to repeat the watermark on several lines. It's the "Y repeat" setting.



http://piwigo.org/screenshots/piwigo-2.8-multiple-format.png

Piwigo 2.8 supports multiple formats. It means you can provide several versions of the very same photo. For now, this feature is only available on synchronization. We will make web upload compatible for Piwigo 2.9.



http://piwigo.org/screenshots/piwigo-2.8-edit-user-popin.png

User details are no longer opening inside the users list, you get a simple form, focused on a single user.



http://piwigo.org/screenshots/piwigo-2.8-album-notify-users.png

When notifying an album by email, Piwigo 2.8 gives you the power to select users, not only groups.


3) Start to beta test

Download Piwigo 2.8.0RC1

If you can't install it but want to test it, just ask and we will happily provide a testing installation.

Please, open a new topic in the beta testing forum for each problem you may encounter.

Happy 2.8 beta testing!

Offline

#2 2016-01-14 23:38:41

jcz
Guest

Re: Piwigo 2.8.0RC1

Fine to read about new version. Thanks for it!

#3 2016-01-20 10:26:21

sobrus
Guest

Re: Piwigo 2.8.0RC1

Does it support PHP 7.0 or newer?

#4 2016-01-20 10:48:17

plg
Piwigo Team
Nantes, France, Europe
2002-04-05
13782

Re: Piwigo 2.8.0RC1

Hi sobrus,

sobrus wrote:

Does it support PHP 7.0 or newer?

yes :-)

plg wrote:

* [Github] Piwigo issue #385 compatibility with PHP 7

But first testers have reported a bug with sessions [Forum, topic 26239] 2.8.0RC1 can't login

Offline

#5 2016-01-23 00:23:10

mmoy
Member
France
2014-08-18
85

Re: Piwigo 2.8.0RC1

The new notification mechanism (with auth key in the URL) is really cool.

I think it lacks a few explanation, though. From what I read in the code, the auth key is valid only 3 days, configurable with $conf['auth_key_duration'].

There could be a mention of it like "the notification email contains a link that will auto-login the user, valid for 3 days" in the page admin.php?page=album-XXX-notification so that the owner of the gallery understands better what's going on (and can answer questions from visitors like "it worked yesterday, but today it doesn't" more easily).

Offline

#6 2016-01-25 09:30:45

plg
Piwigo Team
Nantes, France, Europe
2002-04-05
13782

Re: Piwigo 2.8.0RC1

mmoy wrote:

The new notification mechanism (with auth key in the URL) is really cool.

I can't agree more. Very cool, especially because it is fully automatic.

mmoy wrote:

I think it lacks a few explanation, though. From what I read in the code, the auth key is valid only 3 days, configurable with $conf['auth_key_duration'].

Right, you understand correctly the code ;-)

mmoy wrote:

There could be a mention of it like "the notification email contains a link that will auto-login the user, valid for 3 days" in the page admin.php?page=album-XXX-notification so that the owner of the gallery understands better what's going on (and can answer questions from visitors like "it worked yesterday, but today it doesn't" more easily).

Good idea. I will implement it.

Offline

#7 2016-01-25 09:50:23

mmoy
Member
France
2014-08-18
85

Re: Piwigo 2.8.0RC1

plg wrote:

mmoy wrote:

There could be a mention of it like "the notification email contains a link that will auto-login the user, valid for 3 days" in the page admin.php?page=album-XXX-notification so that the owner of the gallery understands better what's going on (and can answer questions from visitors like "it worked yesterday, but today it doesn't" more easily).

Good idea. I will implement it.

Ideally, there would also be an easy way to configure this from the web interface. In my case, an auth token without expiry would actually be better than this 3-days.

I'd also appreciate having a link that I could cut-and-paste in an email I would send by myself. That would have the at least the following advantages:

* Emails I send manually are less likely to be considered as spam (currently all mails sent by piwigo.com are considered as spam by gmail it seems, which makes the feature unusable in practice).

* I could send the same link to multiple persons (sometimes I have a piwigo user who actually correspond to a group of physical persons).

* I could send the link as part of another message (e.g. replying to someone and add the link as part of the conversation).

Nothing that should block 2.8 release, just throwing out ideas.

Offline

#8 2016-01-25 09:53:59

plg
Piwigo Team
Nantes, France, Europe
2002-04-05
13782

Re: Piwigo 2.8.0RC1

Good suggestions, but let's keep them for Piwigo 2.9 ;-) (we still have some things to work for l2.8 and I would like it to be releases quickly).

An auth key with no expiration sound quite poor in term of security.

Offline

#9 2016-01-25 10:05:32

mmoy
Member
France
2014-08-18
85

Re: Piwigo 2.8.0RC1

plg wrote:

An auth key with no expiration sound quite poor in term of security.

Not much worse than "BTW, shall I remind you that your password is XXX" that I'm currently using most of the time. Yes, I know, there's a password recovery mechanism, but my visitors usually don't use it, they just keep the password I've set for them and ask me "can you tell me what my password is?" if they forgot their password.

I don't have any real secret within my pictures. I just don't want some of them to be easily indexed by search engine and publicly available. But the content of my gallery is less secret than the content of emails I send to my visitors.

Offline

#10 2016-01-25 12:01:22

flop25
Piwigo Team
2006-07-06
7037

Re: Piwigo 2.8.0RC1

Usually other websites with autologin links and no expiration date (or a very long one), are asking again for the password when accessing critical part like the profile page, list of contacts, CTA buttons... or pages which were not in the scope of the emails like an other album or profile...


To get a better help : Politeness like Hello-A link-Your past actions precisely described
Check my extensions : more than 30 available
who I am and what I do : http://fr.gravatar.com/flop25
My gallery : an illustration of how to integrate Piwigo in your website

Offline

#11 2016-01-25 16:51:01

deheme
Member
France
2014-12-12
104

Re: Piwigo 2.8.0RC1

Hello,

If I may add my 2cts?
The plugin User Collections although limited to collections ;) features already the framework for private keyed links (but not thru autologin). It features adaptable validity and even passwords if needed, link encrypting is automatic and can be customised, sent by mail or copied even deleted.
The only missing (may be not possible) is to adapt it to albums and set of picts because picture selection is a bit complicated  in the current plugin.

DéHème
http://piwigo.us/beta/deheme/index.php? … 6a75f6beb1

Last edited by deheme (2016-01-25 16:55:02)

Offline

#12 2016-02-12 21:18:21

polymot1
Guest

Re: Piwigo 2.8.0RC1

Autologin also poses security risk, as in when a user forwards this autologin email (link) to other users.

Could you set an autologin expiry once a user logs in from the emailed link?
Also, could you make the 'change password' lost passwords icon a little more obvious.  It is a bit obscure on the login page an so user often ignore it and email me directly to reset password.

Board footer

Powered by FluxBB

github twitter newsletter Donate Piwigo.org © 2002-2024 · Contact