🌍
English
This shows you the differences between two versions of the page.
user_documentation:multiple_site [2013/05/31 12:36] hoedlmoser [Activate Multiple Site] typo |
user_documentation:multiple_site [2013/05/31 18:07] (current) hoedlmoser added Synchronization for Multisites |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Multiple site (multisite) ====== | + | ====== Multiple Site (Multisite) ====== |
- | The Multiple site feature, [[http://www.piwigo.org/releases/2.2.0#multisite|introduced in Piwigo 2.2]], is the ability to have several galleries with a single Piwigo installed. This feature is used on [[http://piwigo.com|Piwigo.com]] where thousands of galleries run on one Piwigo installation. | + | The Multiple Site feature, [[http://www.piwigo.org/releases/2.2.0#multisite|introduced in Piwigo 2.2]], is the ability to have several galleries with a single Piwigo installed. This feature is used on [[http://piwigo.com|Piwigo.com]] where thousands of galleries run on one Piwigo installation. |
===== Databases ===== | ===== Databases ===== | ||
Line 23: | Line 23: | ||
ServerAlias gallery1.yourdomain.com | ServerAlias gallery1.yourdomain.com | ||
ServerAlias gallery2.yourdomain.com</code> | ServerAlias gallery2.yourdomain.com</code> | ||
+ | |||
===== Site Directories ===== | ===== Site Directories ===== | ||
Line 40: | Line 41: | ||
and so on for other sites. | and so on for other sites. | ||
+ | |||
===== Activate Multiple Site ===== | ===== Activate Multiple Site ===== | ||
Line 67: | Line 69: | ||
</code> | </code> | ||
- | The trick is to find how Piwigo can understand if it's currently running gallery1 or gallery2. In this example, we have used the $_SERVER['SCRIPT_NAME'] variable. You can also use an environment variable set by your webserver or the servers name in the $_SERVER['SERVER_NAME'] variable (if you search for a specific sub-domain). If no Alias or Server Name matches it will just use the default, root gallery. | + | The trick is to find how Piwigo can understand if it's currently running gallery1 or gallery2. In this example, we have used the $_SERVER['SCRIPT_NAME'] variable. You can also use an environment variable set by your webserver or the Servers Name in the $_SERVER['SERVER_NAME'] variable (if you search for a specific sub-domain). If no Alias or Server Name matches it will just use the default, root gallery. |
===== Installations ===== | ===== Installations ===== | ||
- | Now you have to go to each Piwigo gallery : http://yourdomain.com/gallery1 and http://yourdomain.com/gallery2 and follow the installation each time. | + | Now you have to go to each Piwigo gallery: http://yourdomain.com/gallery1 and http://yourdomain.com/gallery2 or http://gallery1.yourdomain.com/ and http://gallery2.yourdomain.com/ (if you match on Server Name) and follow the installation each time. Keep in mind that the default, root gallery should be available somewhere at http://yourdomain.com/piwigo or http://piwigo.yourdomain.com/. |
+ | |||
+ | ===== Physical Albums ===== | ||
+ | |||
+ | [[user_documentation:albums_management|Physical Albums]] (aka Synchronization) for Multisites are not yet (means version 2.5.1) supported out of the box. I mean all that stuff in the //galleries// directory. The main issue here is, that all sites of a Multisite installation are sharing this directory. An other issue is that with the current code directory traversals are possible to just import an others gallery. | ||
+ | |||
+ | Either you disable Synchronization with the following code snippet in your local/config/config.inc.php: | ||
+ | <code php>// disable the synchronization method for adding photos | ||
+ | $conf['enable_synchronization'] = false;</code> | ||
+ | |||
+ | Or you just hack the code as described in [[http://piwigo.org/forum/viewtopic.php?id=22173|[Forum, topic 22173] physical albums are not multisite save]]. | ||
+ | |||
+ | Let's some it up here. | ||
+ | |||
+ | ==== Pimp Synchronization for Multisites ==== | ||
+ | |||
+ | Due to the path for the //galleries// directory is nowhere configured as for upload_dir and data_location we need to put site_dir into the $conf variable. Just add the following to the ''if (isset($site_dir))'' statements from above. | ||
+ | |||
+ | <code php> $conf['site_dir'] = $site_dir;</code> | ||
+ | |||
+ | Also we need to adapt admin/site_manager.php to prefix the //galleries// directory with the site_dir at creation time. Already existing //galleries// directories will not be prefixed automatically, you have to change them on your own in the database in table piwigo_sites. | ||
+ | |||
+ | <code php>--- admin/site_manager.php 2013-01-01 13:35:02.000000000 +0100 | ||
+ | +++ admin/site_manager.php 2013-05-31 17:06:31.000000000 +0200 | ||
+ | @@ -53,8 +58,12 @@ | ||
+ | { | ||
+ | fatal_error('remote sites not supported'); | ||
+ | } | ||
+ | - $url = preg_replace('/[\/]*$/', '', $_POST['galleries_url']); | ||
+ | + $url = preg_replace(array('/\/+/', '/(\.+\/)|(^\/)|(\/$)/'), array('/', ''), $_POST['galleries_url']); | ||
+ | $url.= '/'; | ||
+ | + if (isset($conf['site_dir'])) | ||
+ | + { | ||
+ | + $url = $conf['site_dir'] . '/' . $url; | ||
+ | + } | ||
+ | if ( ! (strpos($url, '.') === 0 ) ) | ||
+ | { | ||
+ | $url = './' . $url;</code> | ||
+ | |||
+ | The added regex just removes | ||
+ | * multiple slashes | ||
+ | * first and last slash(es) | ||
+ | * any dot-slash, dot-dot-slahs, dot-dot-dot-slash, ... | ||
+ | so we hopefully avoid a [[wp>Directory_traversal_attack|directory traversal attack]]. | ||
+ |