Jump to content
Sign in to follow this  
www.mihalism.com

Script Rating

Recommended Posts

Well, I have a thing or two to say.First stop, if a file is public, you should not expose it's deletion URL, speaking of which, perhaps only the uploader himself (and the admin of course) should be able to delete images.I would like to have an optional field for email adress where all of those URLs for all images will be sent.This is all of course only for guest users. Registered ones should have this information in their control panel, when they log in (I haven't registered, so I can't say if you have that already) and deletion of images will be done from there ONLY.I haven't downloaded and tryed the script yet, but as it seems, there are a bunch of files on it. I would personally prefer if there's only one, with another GET variable to determine it's mode. For example multihoster.php?mode=viewer&file=blabla.pngOh, and... how are templates for the pages done? Is the result supposed to be embed in another page? Does the script call something else to generate a template for it after it returns a status? Or is the template hardcoded?

Share this post


Link to post
Share on other sites

One of the random image was pretty naked...

Share this post


Link to post
Share on other sites
One of the random image was pretty naked...
Hopefully admins can turn the random image feature on and off because of this type of uploaders.btw, I saw that (and another such) image too :) .

Share this post


Link to post
Share on other sites

Haha, that's funny. When I went there, there were no images uploaded. But hey, you give the public a place to upload whatever images they want, don't be surprised at what they choose..I didn't look at the script too much, but I noticed on the download page that you misspelled "guarantee", and you also have an image generation script creating the link for the email address. I was assuming that was to prevent spam bots from harvesting the address, but in that link you have the email address in plain text twice. So, you might want to rethink your approach there..

Share this post


Link to post
Share on other sites
Haha, that's funny. When I went there, there were no images uploaded. But hey, you give the public a place to upload whatever images they want, don't be surprised at what they choose..I didn't look at the script too much, but I noticed on the download page that you misspelled "guarantee", and you also have an image generation script creating the link for the email address. I was assuming that was to prevent spam bots from harvesting the address, but in that link you have the email address in plain text twice. So, you might want to rethink your approach there..
Ah, that is one of the most common mistakes in spambot protection...administrators don't think that the spambots read the URLs, but that they just look at the page as a user would. Not the best idea, and often, it overrides all of your spam protection. :)

Share this post


Link to post
Share on other sites

Is the solution to this to put an image with letters on it and ask the user to confirm it?

Share this post


Link to post
Share on other sites
First stop, if a file is public, you should not expose it's deletion URL, speaking of which, perhaps only the uploader himself (and the admin of course) should be able to delete images.I haven't downloaded and tryed the script yet, but as it seems, there are a bunch of files on it. I would personally prefer if there's only one, with another GET variable to determine it's mode. For example multihoster.php?mode=viewer&file=blabla.png
We will make it so delete URLs will only work for the IP address that uploaded it and and I think it would be a good idea to include it all in file like Invision Power Board 1.3 did.
One of the random image was pretty naked...
Sorry for that its a demo site and you never know what people will upload thats why the uploads are deleted everyday.
Hopefully admins can turn the random image feature on and off because of this type of uploaders.btw, I saw that (and another such) image too :) .
We will build it into the next version. Honestly I never thought of doing that.

Share this post


Link to post
Share on other sites
We will make it so delete URLs will only work for the IP address that uploaded it and and I think it would be a good idea to include it all in file like Invision Power Board 1.3 did.
IP addresses probably aren't the best way to go. With AOL for example, someone could upload one image, log off and back on, and have a different IP and not be able to delete their other images. Especially if someone wants to delete an image they uploaded several months ago, anyone using a dynamic IP would not be able to delete anything. Or if they upload their images on a public computer, anyone using that same computer could delete them, and the owner would have to go back and use that same computer if they wanted to delete them. You'll need to use user accounts. If you want a public image upload that doesn't require login, then anyone can delete anything. If you want to provide any sort of protection, then you have to use user accounts, there is no other way to ensure that the right people have access to delete the right images, other then giving everyone access to delete everything.

Share this post


Link to post
Share on other sites

For guest users you could make the image expire after a certain amount of time. What time exactly shold be adjustable by the site's admin. Default? Hm... two weeks maybe?

Share this post


Link to post
Share on other sites

Not bad, I have a job right now that is to fix an image gallery. Its a pain, I will tell you that much! Yours is looking pretty nice, I would think about using it but I like to make my own stuff. Plus I have some libraries in mind for an image gallery :). For the image listing you should probably have a thumbnail or something so that way it isnt all stretched, just make the x or y smaller. (you can use an image shrinking function through the width and height attributes, which you already do and use the getimagesize() function if you actually upload the files to your server, not if its in mysql)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...