FriendsOfFlarum upload, the intelligent file attachment extension

clarkwinkelmann

huuduy216 that error is thrown by nginx before Flarum even boots.

You might need to raise the request body limit or file upload limit in your nginx configuration.

huuduy216

clarkwinkelmann I tried raising the request body limit. However uploading anything that is more than 1mb still fail. Got a new error message though.

almalino

I tired the extension. At first it looked a bit complex to configure. But then I figured it out and it works great! What missing is Russian translation and some time it shows localization keys instead of translations when I save configuration. but that is a minor annoyance.

[deleted]

FriendsOfFlarum In case you want to allow all regular file types including video, music, compressed files and images, use this:

(video\/(3gpp|mp4|mpeg|quicktime|webm))|(audio\/(aiff|midi|mpeg|mp4))|(image\/(gif|jpeg|png))|(application

where to type this i am newbie

I am really sorry if it's a silly question.

[deleted]

and if Someone is able to show preview how it looks and how to upload file, it supports drag and drop or not, copy paste image and the last one If it is stable in latest beta. PLEASE reply!

almalino

[deleted] It is stable for my forum

[deleted]

almalino Sir can you please tell me If i am using ubuntu server then how can i set it up as i don't want imgur

clarkwinkelmann

The extension should work well on the latest Flarum beta 16. If you experience any issue, please share the error message and we'll investigate.

Unfortunately we don't have any demo forums to show the extension in action. I suggest you install Flarum locally (using XAMPP or similar) and install the extension there to try it out.

[deleted] as listed in the first post in this discussion the extension provides multiple drivers, including local file storage or Amazon S3. The extension has to be installed through Composer, like all other Flarum extensions.

[deleted]

clarkwinkelmann Sir i tested it out on my server but how can i store files in my server storage, I am unable to find any local option there I can only see imgur and amzn s3????

MohdKhan

by default, it's saved in your local storage...

to make Aws S3 work, more set-up required.

clarkwinkelmann

For each of the allowed MIME types, you specify which template and storage method to use. That's the first setting at the top of the page.

The sections for S3 and Imgur below are to specify the API credentials. The local adapter has no credentials to fill, so it's always available in the dropdown when configuring MIME types.

xrtze

Hey, i just accidentally discovered, that i can download uploaded files via direct url, although not being logged in. any idea whats wrong here? running on beta 16
serverside permissions of the assets on folder are set to: 775, the files folder 755, the dated-folder 755 and the file itself 644.

clarkwinkelmann

xrtze that sounds like the intended behavior.

The files stored under assets have no proxy of any kind. If you use the download template, that URL will be hidden and the proxy script will be used to control access. But if a user receives the full URL to the original file, nothing will prevent them from downloading it.

That URL will be exposed when using the preview template. Only the download template offers access control.

xrtze

okay got it, thank you. since in the installation, i'd like to stick to plain urls, how could i protect it easiest?

Edit: Okay I fiddled around a bit, but was unable to solve the problem.
I tried to use .htacess and check against the session cookie:

RewriteCond %{REQUEST_FILENAME} (.*)
RewriteCond %{HTTP_COOKIE} !flarum_session [NC]
RewriteRule ^assets/files/.* - [F,L]

Problem is, the session_cookie won't get deleted after logout. And someone could just insert the cookie manually without a valid value.
any hints on how to solve this?

luceos

The original intent was the allow fof/upload to store files under storage, however I never implemented it and the risk of people deleting storage, because by convention we store things in public/assets was quite a consideration.

You could use a CDN that offers hotlink protection or put cloudflare with hotlink protection in front of your website.

eddiewebb

AHHH recent change broke extensions.

When adding support for Media Manager a rather brute if/else statement was added hard-coding the 3 known tag types.

This has broken my gpx-plugin which adds its own tag.

FriendsOfFlarum/upload03bd491

export default function fileToBBcode(file) {
    switch (file.tag()) {
        // File
        case 'file':
            return `[upl-file uuid=${file.uuid()} size=${file.humanSize()}]${file.baseName()}[/upl-file]`;

        // Image template
        case 'image':
            return `[upl-image uuid=${file.uuid()} size=${file.humanSize()} url=${file.url()}]${file.baseName()}[/upl-image]`;

        // Image preview
        case 'image-preview':
            return `[upl-image-preview url=${file.url()}]`;

        // 'just-url' or unknown
        default:
            return file.url();
    }
}

Display of my tag still works if I manually craft the bbcode, but it no longer gets replaced in the editor automatically 🙁

eddiewebb

eddiewebb I could (and to try did) redefine my own File, but since the js was not exposed I can't even override, just replace, and that's not extinsbile.
eddiewebb/flarum-gpx-preview3/files

Anyway, even so it I was then able to get it replace my text, it doesn't call my registered template anymore. I swear that part was working on 16, but my changes arn't long term anyway so hoping there is a better way.

Ideally fof/uploads File uses Util::getAvailableTemplates()` and the templates expose bbcode as attribute,.

Would yall be open to that?

ctml

huuduy216

Can you check your flarum logs under storage/logs directory.

huuduy216

ctml root@vps:/var/www/talkie.vn/storage/logs# cat flarum-2021-04-27.log
[2021-04-27 18:48:16] flarum.ERROR: FoF\Upload\Exceptions\InvalidUploadException : Upload max filesize limit reached from php.ini. in /var/www/talkie.vn/vendor/f of/upload/src/Repositories/FileRepository.php:140
Stack trace:
#0 /var/www/talkie.vn/vendor/fof/upload/src/Repositories/FileRepository.php(112) : FoF\Upload\Repositories\FileRepository->handleUploadError()
#1 /var/www/talkie.vn/vendor/fof/upload/src/Commands/UploadHandler.php(91): FoF\ Upload\Repositories\FileRepository->moveUploadedFileToTemp()
#2 [internal function]: FoF\Upload\Commands\UploadHandler->FoF\Upload\Commands{ closure}()

I change the limit in /etc/php/7.4/cli/php.ini to 5M but still not working. Maybe I need to reload the settings somehow?

clarkwinkelmann

huuduy216 that's the php.ini for cli, which means command line.

There should be another php.ini file for apache or nginx.

huuduy216

clarkwinkelmann I changed /etc/php/7.4/fpm/php.ini and /etc/php/7.4/apache2/php.ini. Restart nginx, still no luck 🙁

« Previous Page Next Page »