I would like to create a image uploading service (yes, i am aware of imageshack, photobucket, flickr...etc) :)
I have seen only imageshack show the directory names ("img294", "1646") of where the image is located, in the same way - i would like to do this.
http://img294.imageshack.us/img294/1646/**jquerykd5**.jpg
1) Are there any security issues I should be aware if i take this implementation?
2) How do these sites come up with short unique identifiers ("kd5")?
Thanks all for any advice and help.
Well for starters, unless you would like the directory to be public, put dummy index.html files in there or just restrict access to public users for those directories.
As for the unique identifiers there are many ways of going about this... some of my favourite chunks of information to use:
UNIX time (if running a unix based server)
chunks of the md5 of the file
pseudo random numbers
piece of the original filename
With these and many other pieces of information at your fingertips it should be easy to prevent duplicate image names conflicting on your server as well, you can gather as many as you like and concatenate them into a string for the filename. The md5 can be placed in a database as well to aid in a method of duplicate image detection, which could save you disk space as well.
I can promise you they all use URL rewriting. This will help with security issues, too.
Related
When looking at the "Storage" directory of Spotify's cache I realized there are a lot of subdirectories, named with 2-digit hexadecimal names. Each of them contains one or more weirdly named files.
I've come across similar directory structures created by other programs in the past, and I have always wondered what the reason for such a naming/storing scheme is.
So why would you do such a thing? What benefits does this concept hold?
I hope you are still interested in the answer.
Usually you cache things like images or content. Say we cache an image from a different url to our server for performance/stability reasons. How do you name that image? You could name it like the URL, but you cannot include slashes or other special characters in the name and the length has a limit too.
Therefore you compute a so called hash of that URL and use it as the file name. Hashes are usually no hexadecimal, so no illegal characters and their length is always the same. If you now need the image from the URL you compute its hash and check if you find it in the cache.
The reason you dont store all cached files in one directory is for size-limitations. You usually group the cached files in subdirectories based on their first characters. See this answer: softwareengineering.stackexchange.com/a/301401.
For example let's say we want to cache https://example.com/favicon.ico. The MD5-Hash of that URL is f54403d0da4a57aa79bdf459897f08bd. You have now three different options:
If the cache is expected to remain small store it like /cache/f54403d0da4a57aa79bdf459897f08bd.ico (You usually want to preserve file-extensions for a number of reasons).
Four medium caches you could do /cache/f/f54403d0da4a57aa79bdf459897f08bd.ico or remove duplicate information by trimming the first character, as it already exists in the directory name like /cache/f/54403d0da4a57aa79bdf459897f08bd.ico
For very large caches you can subdivide even more like /cache/f/5/4403d0da4a57aa79bdf459897f08bd.ico`
These are just a few examples but the basic principle keeps the same.
I'm working on an image uploader and if a user uploads a image I want to change the image name to something unique.
Imgur also does this for example "11Z6nlI.jpg"
So how can I generate a unique combination? I was thinking of using a timestamp since but that will also causes problems when more users upload at the same second.
I hope you guys can help me, I'm working in PHP
Although sometimes clunky, GUIDs are a good way to generate unique strings. See here for a way to generate GUIDs within PHP.
I’m new to EE and trying to learn the basics. Some questions about the File Manager:
I upload a photo and put “cat, kitten” in the description. When I do a search for “kitten”, it finds the photo. But when I do a search for “cat”, I get nothing. Any ideas what’s going on?
The file metadata are: file title, file name, description, credit, and location. What if I wanted to add custom fields? How do I do that?
In the template files, how do I access a particular manipulation (I call this “rendition”) of an image? Say I define a rendition “thumbnail” to be 100x100. How do I access that particular rendition in a template?
Is there a way to randomize the file names of the files being uploaded?
After uploading an image and testing it against PageSpeed, it turns out that the image can still be optimized via losslessly compressing it. How can this problem be addressed?
Ah, the file manager. Not EE's brightest spot.
It would not surprise me if the search in the File Manager was not
very robust. I'd try more variations to narrow it down (what kind of
characters affect the results - commas, dashes, spaces, etc ... do
partial terms match?)
You cannot currently add custom metadata to files in the file manager.
Use this syntax: {field_name:rendition}, e.g.,
{my_image:thumbnail} (docs).
Nope.
EE just uses the GD library available in your PHP install to resize
images. If you want the highest possible optimization, you'll have
to do your image manipulations yourself.
Given your queries, I would suggest you have a look at Assets by Pixel and Tonic. It offers a far superior file management experience on most of these fronts.
Users will be able to upload images and the name will be changed so it doesn't have the same name as another file. Using a simple convention like calling them 1.jpg, 2.jpg, 3.jpg and so on will mean other users can simple type in 4.jpg and see someone else's image.
Is there a way or a convention for naming images different while still ensuring guessing an image name is hard?
You could just write a PHP script to generate some pseudo random image name each time, like 21412adfs.jpg.
Better yet, take the name of the file being uploaded, and append a 6 digit random number to it or something, say, 19353--toy--car.png, you could even replace the 6 digit number with a number representing the date of the image uploaded.
Naming conventions can be in any form you want really, whatever works best for your setup and archive purposes. Including the date in the image name can be good, as you could easily sort images into different upload folders depending on their dates, etc.
Your best bet is to use a hashing function to generate a random string that you can use. For example in PHP you could use the following.
$filename = md5('SOME RANDOM STRING'.rand(0,200000).time());
MD5 can sometimes generate the same random string which would cause a filename collision, but the likelyhood of this happening is quite small, and if so ... all you have to do is to run the name generation again - a collision twice in a row is extremely unlikely.
Make sure you change 'SOME RANDOM STRING' to something that only you know and use on your site. It's what's known as a "site salt", it means that outsiders will have a much harder job guessing the names of your generated filenames, because they wont be able to predict and reverse engineer everything that you've put in to the mix to generate it.
Hope that helps?
I am designing a website which will involve too many photos.
There are two modules Restaurants and Dishes. which is the best way to create the directory strcuture ?
images/Restaurants/ID
images/Dishes/ID
am using the following to create the filename
function imgName($imgExtension)
{
return time() . substr(md5(microtime()), 0, 12) . ".".$imgExtension;
}
ii want two different sized thumbnails. which is the best way to name the thumbnails ?
since the db will hold only the main pictures filename with extension.
I wouldn't worry too much about the directory structure, what you have seems good, even better might be to use S3 buckets.
As for the filename part, I've found the simplest way is to prepend thumb_ to the thumb filename. So: somefilename.jpg -> thumb_somefilename.jpg
This way you can store somefilename.jpg in the database and simply add the extra part to the front when you want the thumb.
Is there any reason for randomising the filenames like this? It's my personal opinion that you shouldn't be giving them random names in the first place, they should relate to what's actually in the picture - simply because it's nicer for users and it's more meaningful to search engines.
In a perfect world you'd have a logical structure like
/images/dishes/moules-de-mariniere.jpg
where the dish / restaurant name is a unique slug. That's pretty much impossible to implement in the real world, though, so
/images/dishes/id/moules-de-mariniere.jpg
is a fair compromise to avoid collisions.
Thumbs I generally put under their own thumbs/ directory so I can use the same filenames in all locations (laziness more than anything):
/images/dishes/id/thumbs/moules-de-mariniere.jpg
but thenduks' prepending suggestion works too, it's really just personal preference.