• Extensions

  • FriendsOfFlarum upload, the intelligent file attachment extension

luceos make it working atleast for now.
I'm currently using BackBlaze B2 for Uploading Files.

    Got this error when trying to upload an image using Imgur, pretty sure I set the allowed size to be bigger than this image (other are fine). Even so, shouldn't I get an appropriate message about file size being too large? Or maybe this is related to the dimensions?

    Uncaught (in promise) 
{…}
​
alert: Object { type: "error", content: (1) […], controls: false }
​
options: Object { method: "POST", url: "https://talkie.vn/api/fof/upload", background: true, … }
​
response: null
​
responseText: "<html>\r\n<head><title>413 Request Entity Too Large</title></head>\r\n<body>\r\n<center><h1>413 Request Entity Too Large</h1></center>\r\n<hr><center>nginx/1.18.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n"
​
status: 413
​
xhr: XMLHttpRequest { readyState: 4, timeout: 0, withCredentials: false, … }
​
<prototype>: Object { … }

      I tired the extension. At first it looked a bit complex to configure. But then I figured it out and it works great! What missing is Russian translation and some time it shows localization keys instead of translations when I save configuration. but that is a minor annoyance.

      • [deleted]

      • Post #1497

      FriendsOfFlarum In case you want to allow all regular file types including video, music, compressed files and images, use this:

      (video\/(3gpp|mp4|mpeg|quicktime|webm))|(audio\/(aiff|midi|mpeg|mp4))|(image\/(gif|jpeg|png))|(application

      where to type this i am newbie

      I am really sorry if it's a silly question.

        • [deleted]

        • Post #1498
        • Edited

        and if Someone is able to show preview how it looks and how to upload file, it supports drag and drop or not, copy paste image and the last one If it is stable in latest beta. PLEASE reply!

          • [deleted]

          • Post #1500

          almalino Sir can you please tell me If i am using ubuntu server then how can i set it up as i don't want imgur

              The extension should work well on the latest Flarum beta 16. If you experience any issue, please share the error message and we'll investigate.

              Unfortunately we don't have any demo forums to show the extension in action. I suggest you install Flarum locally (using XAMPP or similar) and install the extension there to try it out.

              [deleted] as listed in the first post in this discussion the extension provides multiple drivers, including local file storage or Amazon S3. The extension has to be installed through Composer, like all other Flarum extensions.

                  • [deleted]

                  • Post #1502
                  • Edited

                  clarkwinkelmann Sir i tested it out on my server but how can i store files in my server storage, I am unable to find any local option there I can only see imgur and amzn s3????

                    by default, it's saved in your local storage...

                    to make Aws S3 work, more set-up required.

                    For each of the allowed MIME types, you specify which template and storage method to use. That's the first setting at the top of the page.

                    The sections for S3 and Imgur below are to specify the API credentials. The local adapter has no credentials to fill, so it's always available in the dropdown when configuring MIME types.

                    Hey, i just accidentally discovered, that i can download uploaded files via direct url, although not being logged in. any idea whats wrong here? running on beta 16
                    serverside permissions of the assets on folder are set to: 775, the files folder 755, the dated-folder 755 and the file itself 644.

                      xrtze that sounds like the intended behavior.

                      The files stored under assets have no proxy of any kind. If you use the download template, that URL will be hidden and the proxy script will be used to control access. But if a user receives the full URL to the original file, nothing will prevent them from downloading it.

                      That URL will be exposed when using the preview template. Only the download template offers access control.

                        okay got it, thank you. since in the installation, i'd like to stick to plain urls, how could i protect it easiest?

                        Edit: Okay I fiddled around a bit, but was unable to solve the problem.
                        I tried to use .htacess and check against the session cookie:

                        RewriteCond %{REQUEST_FILENAME} (.*)
RewriteCond %{HTTP_COOKIE} !flarum_session [NC]
RewriteRule ^assets/files/.* - [F,L]

                        Problem is, the session_cookie won't get deleted after logout. And someone could just insert the cookie manually without a valid value.
                        any hints on how to solve this?

                        The original intent was the allow fof/upload to store files under storage, however I never implemented it and the risk of people deleting storage, because by convention we store things in public/assets was quite a consideration.

                        You could use a CDN that offers hotlink protection or put cloudflare with hotlink protection in front of your website.

                        4 days later

                        AHHH recent change broke extensions.

                        When adding support for Media Manager a rather brute if/else statement was added hard-coding the 3 known tag types.

                        This has broken my gpx-plugin which adds its own tag.

                        FriendsOfFlarum/upload03bd491

                        export default function fileToBBcode(file) {
    switch (file.tag()) {
        // File
        case 'file':
            return `[upl-file uuid=${file.uuid()} size=${file.humanSize()}]${file.baseName()}[/upl-file]`;

        // Image template
        case 'image':
            return `[upl-image uuid=${file.uuid()} size=${file.humanSize()} url=${file.url()}]${file.baseName()}[/upl-image]`;

        // Image preview
        case 'image-preview':
            return `[upl-image-preview url=${file.url()}]`;

        // 'just-url' or unknown
        default:
            return file.url();
    }
}

                        Display of my tag still works if I manually craft the bbcode, but it no longer gets replaced in the editor automatically 🙁

                          eddiewebb I could (and to try did) redefine my own File, but since the js was not exposed I can't even override, just replace, and that's not extinsbile.
                          eddiewebb/flarum-gpx-preview3/files

                          Anyway, even so it I was then able to get it replace my text, it doesn't call my registered template anymore. I swear that part was working on 16, but my changes arn't long term anyway so hoping there is a better way.

                          Ideally fof/uploads File uses Util::getAvailableTemplates()` and the templates expose bbcode as attribute,.

                          Would yall be open to that?

                            8 days later

                            clarkwinkelmann I tried raising the request body limit. However uploading anything that is more than 1mb still fail. Got a new error message though.

                            • ctml replied to this.