Viewing 15 posts - 1 through 15 (of 15 total)
  • Author
    Posts
  • ogosensedan Friend
    #131292

    Hello Everyone,

    I don’t want to ask for support, but want to point out a potential problem with your component.

    Namely, I used JA Submit on one test site of mine and found it out – when user uploads a photo, component doesn’t check if the photo is there or not. It merely writes the image down, overwriting the old one. This change get’s shown in all the content items that used the old image, which is quite a problem.

    Therefore I edited your component a bit, making it to set filename to be unique by using date and time ( dayMonthYear-hourMinuteSecond ) plus adding a random number to that, just to be sure :).

    I guess this could be solved in a more elegant manner, but I wanted to make it work.

    That’s all.

    Best,
    Dan

    John Wesley Brett Moderator
    #262035

    Hmmm….

    I’m trying to understand…and perhaps I am missing something?

    But It would seem to me that your method of time stamping would cause a second image to be uploaded instead of replacing actually replacing the image as it would appear the user would be trying to do if he was uploading an image with the same file name (which would be necessary for an overwrite).

    ogosensedan Friend
    #262041

    Oh, I guess I explained things in a wrong way.

    The overwriting part is a BAD thing. Here’s the example:

    I have user Jim come to my site, posting about his cat. He posts the image cat.jpg with a big nice black cat. And that’s fine.

    However, since my site is about cats, there comes user Bob also posting about cats, but is bragging around about his cat’s mice-catching skills.
    Unfortunately, he also has an image called cat.jpg representing a small Persian female cat.

    Now both users have their articles, which is fine, but there is only one image – small Persian female cat.

    This is the problem I came to, and I went around it by auto-renaming the images during upload process. A better version would do that ONLY if there’s already an image with the same name, but I didn’t have much time to do so, and I was only playing around.

    Best,
    Dan

    John Wesley Brett Moderator
    #262058

    Ah! I thought I was missing something.

    Understand the issue now. And agree that’s a little wierd. Looks to me like it would have been simple enough to have coded it so postings and attachments would be proprietary to the users accounts. Then if their “Fluffy” was overwritten they could blame no one but themselves.

    Would love to see what you done! Nice catch…and nice chatting with you.

    John.

    ogosensedan Friend
    #262059

    No problem

    I’m kinda busy right now, but tonight I’ll post the modifications I did.

    Best,
    Dan

    ogosensedan Friend
    #262091

    Hello,
    I’m back home, and here’s what I’ve done to make it work a little better.

    All the changes are in the file ja_submit.php (components/com_ja_submit/ja_submit.php)

    1. in function submit_save_form() I moved the lines
    [PHP] $Nameimage1 = $_FILES[‘image1’][‘name’];
    $Nameimage2 = $_FILES[‘image2’][‘name’];
    [/PHP]
    before the call of the function image_upload()
    (originally it’s called in line 73: [PHP]if (!image_upload()){[/PHP])

    Also, after moving those two lines, I added the following:
    [PHP]if($Nameimage1 != “”) {
    $tmpName1 = $Nameimage1;
    $Nameimage1 = (date(“dmy-Gis”) . rand()) . $tmpName1;
    }
    if($Nameimage2 != “”) {
    $tmpName2 = $Nameimage2;
    $Nameimage2 = (date(“dmy-Gis”) . rand()) . $tmpName2;
    }[/PHP]
    Then I also changed function image_uploaded() to accept two parameters – image names.
    resulting part of code was: – I’m pasting the function submit_save_form() from the beginning to the part where everything else is same:

    [PHP]function submit_save_form() {
    global $database, $mainframe, $my,
    $mosConfig_live_site, $mosConfig_absolute_path,$Itemid,
    $H_notify_email, $H_catid, $H_sectionid,$mosConfig_mailfrom,$mosConfig_sitename;
    require ($mosConfig_absolute_path.’/administrator/components/com_ja_submit/settings.php’);

    # security image by http://www.waltercedric.com
    if ($H_securityimage) {
    $checkSecurity = true;
    $security_refid = mosGetParam( $_POST, ‘security_refid’, ” );
    $security_try = mosGetParam( $_POST, ‘security_try’, ” );
    include ($mosConfig_absolute_path.’/administrator/components/com_securityimages/server.php’);
    $checkSecurity &= checkSecurityImage($security_refid, $security_try);

    if (!$checkSecurity) {
    mosRedirect( “index.php?option=com_ja_submit”,_H_SI_REFUSE );
    }
    }
    # security image by http://www.waltercedric.com

    //start uploading introtext image and maintext image
    //$allow_extendsions=array(‘jpg’,’gif’,’png’);
    // DAN::: (***) area START — this is the lines that i took from place marked with (***)
    $Nameimage1 = $_FILES[‘image1’][‘name’];
    $Nameimage2 = $_FILES[‘image2’][‘name’];
    // DAN::: adding this in order to prevent images from being rewritten by another user
    if($Nameimage1 != “”) {
    $tmpName1 = $Nameimage1;
    $Nameimage1 = (date(“dmy-Gis”) . rand()) . $tmpName1;
    }
    if($Nameimage2 != “”) {
    $tmpName2 = $Nameimage2;
    $Nameimage2 = (date(“dmy-Gis”) . rand()) . $tmpName2;
    }
    // DAN::: (***) area END
    if (!image_upload($Nameimage1, $Nameimage2)){
    mosRedirect( “index.php?option=com_ja_submit”,_H_UNABLE_IMAGE );
    }

    //finish uploading images, start uploading content to the database

    $nullDate = $database->getNullDate();
    $row = new mosContent( $database );
    if ( !$row->bind( $_POST ) ) {
    echo “<script> alert(‘”.$row->getError().”‘); window.history.go(-1); </script>n”;
    exit();
    }
    $query=”SELECT section
    FROM #__categories
    WHERE id=”.$row->catid;
    $database->setQuery($query);
    $row->sectionid=$database->loadResult();
    #build sql string
    //introtext image

    // DAN::: this is the place where (***) was

    if ($_POST[‘caption1’] != ”) {
    $row->images=”users/”.$Nameimage1.”|right||1|”.$_POST[‘caption1’].”|bottom||”;
    } else
    {
    $row->images=”users/”.$Nameimage1.”|right||1||”;
    }[/PHP]

    2. Now just to do some changes in the function image_upload
    – now it accepts parameters – two new names for the files (if they exist)
    [PHP]function image_upload($imgName1, $imgName2){ // DAN::: Added $imgName1, $imgName2
    [/PHP]

    At line 324 if condition:
    [PHP] if (isset($smheight) && isset($smwidth)) {
    makeimage($image1Temp,$Nameimage1,”,$uploadphotodir,$smwidth,$smheight);
    //echo “…Resized Image $Nameimage1 created<br />”;
    }[/PHP]
    replaced with:
    [PHP] if (isset($smheight) && isset($smwidth)) { makeimage($image1Temp,$imgName1,”,$uploadphotodir,$smwidth,$smheight);
    //echo “…Resized Image $Nameimage1 created<br />”;
    }[/PHP]
    Same goes for line 373 if condition:
    [PHP] if (isset($smheight) && isset($smwidth)) {
    makeimage($image2Temp,$Nameimage2,”,$uploadphotodir,$smwidth,$smheight);
    //echo “…Resized Image $Nameimage2 created<br>”;
    }[/PHP]
    replaced with
    [PHP]if (isset($smheight) && isset($smwidth)) {
    makeimage($image2Temp,$imgName2,”,$uploadphotodir,$smwidth,$smheight);
    //echo “…Resized Image $Nameimage2 created<br>”;
    }[/PHP]

    Once again, there is a php function that checks if file exists, but I was too lazy to put that. This does the good job anyway. I leave it to the component creators to modify if in a more elegant way.

    Best,
    Dan

    John Wesley Brett Moderator
    #263798

    Dude…YOU Rock! Very, VERY nice work!
    😎

    Would have said so earlier…but VACATION Called!

    Have a GREAT week.
    John.

    mj1256 Friend
    #263820

    Nice job, I hope JA uses this in the next version

    ogosensedan Friend
    #264278

    Thx guys

    As I said, it should first do a file check to see if there actually is a need for file renaming, but that’s not a big thing.

    Best,
    Dan

    bennynoor Friend
    #283474

    Wow, thank you very much for this modification. Its cool!

    Ben

    mihirc Friend
    #283489

    Hello,

    Nice work. Hopes JA makes the necessary changes in the next version.

    Regards,
    Mihir C.

    ogosensedan Friend
    #283971

    Hello 🙂

    Thx for your reply.

    I just intalled the new version of the JA_SUBMIT.

    For some reason, JA team didn’t change the way images are uploaded. Well, they DID change it, but the overwrite problem still exists :confused:

    I just spent quite some time searching for the way to overcome the changes. Of course, those things written before don’t work any more.

    I have to say that i like the old version better 🙂

    Best,
    Dan

    mj1256 Friend
    #283975

    what new version, the one in the repository is march of 08

    if there is a newer version, where do i find it?

    ogosensedan Friend
    #284057

    Hello,

    The version I installed is: 2.2.2

    And the version I created a “fix” last time was 2.1

    This version, 2.2.2 was found on the JA site… I could look for it, but that’s probably the one you have.

    Just wanted to make a note since my patch didn’t work for this one, and it really dissapointed me when i realized it’s because the version i used it on was actually newer (!!!).

    Best,
    Dan

    neechyh Friend
    #290029

    I tried to install JA Submit on my 1.5 site, but it says that it’s for an older version.
    Please advise.

    <em>@mj1256 96784 wrote:</em><blockquote>what new version, the one in the repository is march of 08

    if there is a newer version, where do i find it?</blockquote>

Viewing 15 posts - 1 through 15 (of 15 total)

This topic contains 15 replies, has 6 voices, and was last updated by  neechyh 15 years, 9 months ago.

We moved to new unified forum. Please post all new support queries in our New Forum