Photo Album qa

Posted on 2006-05-20
Last Modified: 2008-03-06
Hi all ,
I am beta testing a new application I have been working on , it is a flash photogallery with a php admin where you can upload photos and videos .
I am looking for bugs , comments , suggestions etc . (at this point especialy bugs)
This is where you can test it -
Points will be devided between 5 selected galleries (that tryed all the features photos , videos and customise options)
Question by:nysurf1
    LVL 8

    Accepted Solution

    Wow, thats pretty slick!

    I had an issue with the Flash loader.  The first time I click on it, it comes into focus.  I have to click it a 2nd time to get the browse window up.  I'm not sure there is anything you can do about this, of if anyone else even has the same problem.  Perhaps you can use java to bring it into focus onload so that the first click will activate it.

    Also I noticed your host allows directory browsing within each gallery.  While I cannot enumerate a list of galleries, if I know the name of the gallery I can see all of the pictures in it.  This seems to bypass the gallery password =)
    LVL 29

    Assisted Solution

    Just looked at the terms and conditions. (different type of debugging!)

    Paragraph 9 needs probably some reconsideration.
    - It makes things clear that submitter is the single responsible for intellectual property rights, wether (s)he has them or not.
    - As expected, it gives My e-album the rights to display the material (otherwise of course there would be no web site!)... but it also gives lots more since you mention <<the right to reproduce, distribute, transmit, display>> which is, I think too wide. Your legal people might think about makinh clear what is the purpose of the rights (displaying) and what are the rights that are technically needed (reproduce, distribute, transmit, store on files or databases, make backup copies) to meet the purpose, and saying that you have all the rights to do these functions, as long as they are done to meet the purpose. Restriction of granting right to 3rd parties is already included, so nothing special needs to be said about 3rd parties that help to reproduce, distribute, transmit, store on files or databases, make backup copies.
    LVL 4

    Author Comment

    very good points and im ready to close this question , just one question to bota-x , how do i prevent the visitor to see the photos directory ?
    I tryed to change the file permissions but im not sure what permissions should i have there (in this folder i am copying and deleting photos via the apache user).
    I guess one simple solution will be just to add an index page to every folder but it sounds very easy to break .
    Another option im thinking of is through the apache configuration rewrite mode .
    Which do you recommend (or maybe something else ...)
    LVL 29

    Expert Comment

    1 - You should certainly put an index.htm in each and every directory, which would redirect the curious to some other place. A simple file to do that would be
    <meta http-equiv="refresh" content="0; url=">
    <SCRIPT language="JavaScript">
    This solution is instantaneous, and no special tuning is needed
    2 - You may then work on some tuning, playing with access rights and/or mod_rewrite. Some trial and error and debugging "might" be needed.
    Along the rights you may consider:
    = allow access to these image files just from the server itself. This can be enforced just by access rights (ideally, like a chmod 400 allowing read access just to owner, and no access to group or other users- but depending on your web server setup, it might be necesssary to allow group access, ie like chmod 440) and/or by a mod-rewrite based on referrer
    = if your modules access to the files as files (with fully qualified directory path) and not as http hyperlinks, block access to the directory thru .htaccess, making forbidden any direct access to the directory thru a browser/ apache.
    LVL 8

    Expert Comment

    Yah, just create an index.html whenever your script creates a gallery.  It can be 0 length.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    This is a general how to create your own custom plugin system for your PHP application that you designed (or wish to extend a third party program to have plugin functionality that doesn't have it yet).  This is not how to make plugins for existing s…
    Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
    The viewer will learn how to count occurrences of each item in an array.
    The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now