Comments on: Moving Things Forward

by: Chris Bunting

Fri, 08 Jul 2005 01:15:49 +0000

Sorry, my last remark is a little confusing (right before “great work”). I meant to applaud (and agree with) the redesign of the structure in /images/ instead of sound like I was suggesting you do that. I think I need some rest, I’ve been doing nothing but fiddling with Plogger for the last 3 days!

by: Chris Bunting

Fri, 08 Jul 2005 01:12:08 +0000

Sorry, I didn't check for the newest Plogger post to add my recent comment. It's a long one, but I wanted to provide some feedback from someone that's very interested in the development of this software. Regarding this particular post, I think I'm in agreement with Jorg's post above. As a gallery grows in size, it'd be nice to have that structure retained in /uploads/ so that pictures can easily be added. Another issue along the lines of a large gallery is having all of the uploaded pictures stored in the /images/ folder. I think it'd be beneficial (for usability and administration) to also create a folder structure in /images/ for organizing the pictures. Great work!

by: Mike

Sat, 11 Jun 2005 04:54:17 +0000

The only restriction that is placed upon Plogger with PHP safe mode is a simple permissions check.

Plogger uses several file-system manipulation functions: rmdir(), mkdir(), rename(), and unlink(). From the manual, PHP safe mode

Checks whether the files or directories you are about to operate on have the same UID (owner) as the script that is being executed.

Since all the scripts are setup during installation to have the same UID as the folders that Plogger manipulates, these functions should still be allowed to execute.

by: Øivind

Sat, 11 Jun 2005 04:26:32 +0000

Will you still be able to do this with safe_mode on though?

by: Mike

Sat, 04 Jun 2005 19:31:41 +0000

Jorg — you’re right, this would probably be the safest solution. I’m going to ruminate on this for a little longer and see if I can come up with anything better :)

by: Jorg Rødsjø

Sat, 04 Jun 2005 12:14:23 +0000

I see your problem choosing. I agree that giving direct access to the /images/ folder leaves you with a number of problems, and would probably be a bitch to implement safely — and who knows if and when it would ever be finished:-?

My first thought was that you could choose the /upload/ strategy, but when importing, you leave the folders in the /upload/ directory behind as an empty shell. (Possibly adding a prefix COL/GAL to the folder names?) That way users will be able to see their own gallery/collection-structure when uploading but not be able to mess up the file-structure. If the user changes something in the /uploads/ directory manually or just adds a new folder, all that happes is that new collections or galleries are made at the next import. If the user uploads images into a folder which allready exists (i.e a gallery with that name exists) then the images are just added to that gallery.

How does that sound?