FriendsOfFlarum upload, the intelligent file attachment extension

wolfshards

Okay it seem to work but there still a way to invert by blacklist instead of whitelist? Whitelist is enabled by default.

jedafe

This extension is crucial to the success of every Flarum installation. However, I would like to suggest an improvement. I think you should consider adding search functionality to the composer's Media Manager (See the below screenshot for example.). Presently, it's hard to locate an existing image, especially if we want to embed it in another post. Also, the media manager presently shows a limited number of images. The search functionality will help locate the hidden images too. Thanks for the consideration.

jedafe

jedafe No comments nor additional discussion based on what I suggested here. Does it mean no one sees it as a necessity or am I the only one that recognizes its’ importance 🤔?

rhaghani

FriendsOfFlarum hi my friend ..Where do I need to enter mimetype code?

GreXXL

rhaghani you can configure this in your admin dashboard when selecting the extension. You will find all options regarding this extension there.

masihdindar

This extension is nice, But can you add an option to upload files to external FTP server?
Next problem is i just configured extension but it just upload images, i can't upload any other formats. What is the solution?

GreXXL

masihdindar This extension is nice, But can you add an option to upload files to external FTP server?

That's currently no possible, but you can use aws to upload files externally.

masihdindar Next problem is i just configured extension but it just upload images, i can't upload any other formats. What is the solution?

This is depended on your configuration. You can influence what can be uploaded when setting up the mimetype configuration. See the initial post for examples.

rhaghani

i can not upload pdf file via fof upload extension also i add mime code ..but it doesn't work

luceos

Please share the mine configuration.

linc

Are the fof_upload_files.post_id and fof_upload_files.discussion_id fields used? I'm doing some test uploads and they appear to be null always. I don't see them being referenced in the code, either.

clarkwinkelmann

linc they are unused in the current version. But there's an open PR that intends to change that FriendsOfFlarum/upload319

luceos

clarkwinkelmann Yeah we should probably merge and tag that 🙈

luceos

jedafe yeah makes sense to have that feature. But it also means someone needs to build it and currently I cannot commit to that; I expect other people to be busy with their own priorities as well. Sorry to disappoint. You're free to contribute the change or commission it.

willc

Hi there, I didn't see this has been brought up after a quick search so I'd ask here whether there is any protective measures/settings for uploaded files.

The thing is that my Flarum has been disabled for guests but I can still access uploaded files once I have the URLs (w/o Login), although I have set permissions for FoF Upload as below

Download files ---- Members
View User Uploads ---- Members

Also it would be nice to have some re-directive URLs for uploaded files like
https://myflarum.com/****/some-random-string
but it actually redirects to https://myflarum.com/assets/files/2022-08-09/real-filename

Thanks.

clarkwinkelmann

willc that's the intended behavior for protected uploads.

You need to use the download template to protect the real URL of the file. The special URL in the download template will check permission before redirecting to the real file URL.

The other templates use the real URL to the file so cannot be protected.

willc

clarkwinkelmann Thanks Clark. I Got it.

willc

Is it possible to configure the storage location of the uploaded files outside of flarum_root/public? e.g. under flarum_root/storage

CyberGene

Maybe I should create this as a separate proposal (and I may have already proposed it in another form) but I think the following functionality would be great:

Complete admin/moderator audit log for every upload. I imagine this as a separate webpage visible to admins/mods where you see a list of every upload that has been made with information about the user who uploaded it, MIME type, a thumbnail for images, size, a link to the raw file, optionally a list of posts where this file has been used.

I'm always being afraid of the following scenario: someone registers on my forum, he doesn't post anything but just starts uploading nasty pictures, then deletes the media entities on his profile and just uses the raw URL-s to pass to other people. Basically he uses my forum for storing illegal pictures and files. I can even be prosecuted for this. And furthermore, there's no easy way to track who did it. This is so dangerous, I've considered uninstalling FoF Upload altogether, at the price of causing discomfort to my regular users. Call me a control freak but I have constant bad thoughts when I think how easy it is for someone to exploit the functionality and to get me into serious troubles, including legal ones... And how easy it is for him to cover up with a complete inability for me to track down who did it 😢

luceos

CyberGene 1.3.0 will fix this, I just haven't found the time to do a proper release for it.

1.3.0 maps uploads to posts again and allows removal of lingering images, from any storage.

See: https://discuss.flarum.org/d/4154-friendsofflarum-upload-the-intelligent-file-attachment-extension/1952

You tested this right? Doesn't this new feature suffice?

« Previous Page Next Page »