Standardized image source?

Is there a way to standardize the image source? It is quite unfavorable to use relative paths and once query strings. I need relative paths by all, not query string.

index
<img src="/cache/myalbum/mysubalbum/PICT0001_200_thumb.jpg"

album
<img src="/zp-core/i.php?a=myalbum/mysubalbum&i=PICT0001.JPG&s=200&cw=0&ch=0&q=75&t=1&wmk=%21&check=d0c7449ccd9fcf980facfd44fef0b301a9f66cf6"

subalbum
<img src="/cache/myalbum/mysubalbum/PICT0001_200_thumb.jpg"

image
<img src="/zp-core/i.php?a=myalbum/mysubalbum&i=PICT0001.JPG.JPG&s=600&cw=0&ch=0&q=75&wmk=%21&check=e316c81a3d2b2d736069bbc889111a4310a10ebe"

fullimage
<img src="/albums/myalbum/mysubalbum/PICT0001.JPG

«1

Comments

  • wibbi Member

    Pah! Is it really like that? Relative paths to images that are already in the cache. Query strings for images that are not yet in the cache? Extremely unfavorable! A problem! I absolutely need all images already in the "cache". (I think that's not good with on the fly and the cache anyway).

    Why I need it because I work with hard links. That's going to be a problem anyway.

  • acrylian Administrator, Developer

    Yes, it is like that and we lenghtly discussed the "on the fly" cache version creation already. That query string appears only once until that cached version is created.

  • wibbi Member

    OK. Not good. How can I cache all images?

  • wibbi Member
    edited March 2018

    No no no. Not a good idea.

    In my gallery only the thumbnails in the album pages are released for search engines. All other images are indexed locked, even hotlinking locked. For this I use soft links for the image source of the thumbnails in the album pages (thumbs->cache), and (str_replace ("/cache/", "/thumbs/", ...)). /cache is locked. /thumbs is free. The next problem with this is that there is no function getAlbumThumbImage() and getImageThumb(), only printAlbumThumbImage() and printImageThumb(). So I have to make a core hack first (swap echo for return), and then adjust the code in the theme. Very inconvenient.
    And the problem with the image source path with query string destroying this all.

    I have only found the Python third party scripts for pre-chaching and i will not use it. Python scripts are not a solution.

    Big problem.

  • vincent3569 Member, Translator
    edited March 2018

    Why I need it because I work with hard links. That's going to be a problem anyway.

    can you explain where do you use hard link ?
    note there is a zenphoto internal behavior that generates a cache size "on the fly" on hard link of a "no yet" cached picture.
    for example, if you use <img src="/cache/myalbum/mysubalbum/PICT0001_200_thumb.jpg"> somewhere in your site, zenphoto looks your the relevant cached picture. if not exists, zenphoto generates it.
    of course, you have to know the internal structure of these links if you want to use them directly.

    OK. Not good. How can I cache all images?

    you can use the plugin cacheManager, album per album, or for your whole gallery.

  • wibbi Member
    edited March 2018

    Wohooo! That's a huge security hole! Anyone can create an infinite number of files on my server if he changes the variables in the query strings. Anyone can flood my server with image cache files!
    I have tested it.
    damned! I had so much hope in Zenphoto. Now everyone is gone.

  • acrylian Administrator, Developer
    edited March 2018

    There is a flood protection built in actually, there is an option for image processor security (Options > Security), and you can additionally obscure cache filenames (for the created ones though).

    Even we didn't ever have any problem with someone flooding the site

  • vincent3569 Member, Translator

    malte surely would give you more technical advices about that

  • wibbi Member

    What the hell? Who programmed the plugin cacheManager? I have ~ 15000 photos and these all are loaded on the plugin page. 15000 images in one HTML page. -> extremely overloaded browser. I'm really not happy.

    The Plugin cacheManager don't work.

    Refreshing cache for Gallery
    
        Apply 40_cw40_ch40_thumb
        Apply 80_cw80_ch80_thumb
        Apply 200_thumb
        Apply 600
    
    5 cache sizes to apply.

    There are 4, not 5.

    Finished processing 14087 images (70435 cache sizes requested).

    It's a lie.

    $ find /albums -type f | wc -l
    14088

    14088 x 5 = 70435

    $ find /cache -type f | wc -l
    4988
  • wibbi Member
    edited March 2018

    I can create many many images on all Zenphoto installations, there have the "on the fly" image source paths.

    Example with a image source from a thumbnail.

    /zp-core/i.php?a=myalbum&i=PICT0001.JPG&s=200&cw=0&ch=0&q=75&t=1&wmk=%21&check=a0c7449ecd9fcf980facfd44fef0b301a9f66cf6
    /cache/myalbum/PICT0001_200_thumb.JPG
    200px × 150px
    5,27 KB (5.397 Byte)

    /zp-core/i.php?a=myalbum&i=PICT0001.JPG&s=1000&cw=800&ch=800&q=75&t=1&wmk=%21&check=a0c7449ecd9fcf980facfd44fef0b301a9f66cf6
    /cache/myalbum/PICT0001_600_cw800_ch800_thumb.JPG
    800px × 600px
    29,14 KB (29.837 Byte)

    /zp-core/i.php?a=myalbum&i=PICT0001.JPG&s=800&cw=500&ch=500&q=75&t=1&wmk=%21&check=a0c7449ecd9fcf980facfd44fef0b301a9f66cf6
    /cache/myalbum/PICT0001_600_cw500_ch500_thumb.JPG
    500px × 500px
    19,68 KB (20.154 Byte)

    /zp-core/i.php?a=myalbum&i=PICT0001.JPG&s=400&cw=10&ch=300&q=75&t=1&wmk=%21&check=a0c7449ecd9fcf980facfd44fef0b301a9f66cf6
    /cache/myalbum/PICT0001_400_cw10_ch300_thumb.JPG
    10px × 300px
    1,19 KB (1.216 Byte)

    /zp-core/i.php?a=myalbum&i=PICT0001.JPG&s=400000000&cw=10000000&ch=3000000000&q=75&t=1&wmk=%21&check=e0c7449ccd9fcf980facfd44fef0b301a9f66cf8
    /cache/myalbum/PICT0001_600_cw10000000_ch3000000000_thumb.JPG

    ...
    endless...

  • wibbi Member

    By the way,
    the "q" in the query string don't work.
    q - JPEG quality (1-100): sets the quality of the resulting image.
    It always uses the quality set in the backend.

  • Why don't you try creating an image by forging the link above with different sizes and see how well it works for you. You really should not complain about a "problem" unless you have actually confirmed that there is one.

  • "What the hell? Who programmed the plugin cacheManager? I have ~ 15000 photos and these all are loaded on the plugin page. 15000 images in one HTML page. -> extremely overloaded browser. I'm really not happy."

    Well, then maybe you should do your caching by album. These are abilities you have, just do a little familiarization with the software and don't use the features that do not suit you.

  • vincent3569 Member, Translator

    hi stephen
    happy to read your contribution here.

    as an "old" user, I have to admit that I don't full understand some options.
    maybe an explanation for them may help, wibbi, me and other.

    Security>Obscure cache filenames
    Security>Image Processor security
    Images>Protect image cache
    Images>Secure image processor
    Images>Full image protection

  • wibbi Member

    Why don't you try creating an image by forging the link above with different sizes and see how well it works for you.

    I did it! you can create endless images on foreign servers if you have an image source path with querystring. If you study the Zenphoto source code, you can create a query string on any Zenphoto installation and create files on all Zenphoto installations. Sorry, this is a no go that anyone can create files on my server.

    Muahahaha. Plugin cacheManager -> author: Sbillard
    Hey, nobody is perfect! ^^

    then maybe you should do your caching by album.

    Yes, I would like that, but with Zenphoto. I have already made suggestions. It would be best if all thumbs and resizes were created directly when visiting the image edit page (list). I said it a few days ago that "on the fly" is a nice gimmick, but nothing more, and now it's a nasty gimmick.

    In addition, it would be better if the different image sizes were saved in different folders, without renaming.
    /albums
    /resize
    /thumbs
    /adminthumbs
    ...
    This is much better, because you can work much better with it, such as with soft links and htaccess and and and. Everything in a folder is always bad.

  • vincent3569 Member, Translator

    wibbi
    you come from another software and it may have a different philosophy about some stuffs.
    sometimes it takes a time to understand all the features of the new software and to work with.

    you come for asking explanations about how zenphoto works (and you have very specific questions).
    but the first thing is to stay correct on the forum and with the people who answer to you.
    thank you

  • vincent3569 Member, Translator
    edited March 2018

    to generate cached pictures for an album, go to admin>albums and for each album you have a "cache album images" link.
    it works the same as "cache manager" link, but only for the relevant album.

    and my personnal use of "cache manager" is to cache all pictures, cache size per cache size (and refresh my browser if needed), because I know and admit that zenphoto can't do "all in one".
    my site is closed when I do this kind of update.

  • wibbi Member

    Security>Obscure cache filenames

    "Cause the filename of cached items to be obscured. This makes it difficult for someone to "guess" the name in a URL."

    enabled
    Thumbnail
    /cache/myalbum/2b47c9c220bae19838440035e176c40a249d53dc.PICT0001_200_thumb.jpg
    it is a joke?

    Security>Image Processor security

    "Add a security parameter to image processor URIs to prevent denial of service attacks requesting arbitrary sized images."

    The problem is here not the "requesting", but the creating and saving.

    I do not recognize any effect by enable "Image Processor security". What exactly does this option do? I notice nothing.

    Images>Protect image cache

    "If checked all image URIs will link to the image processor and the image cache will be disabled to browsers via an .htaccess file. Images are still cached but the image processor is used to serve the image rather than allowing the browser to fetch the file."

    Another interesting gimmick, but just a gimmick. At least it works. Unfortunately it has a "warning". And image source paths with query string.

    Images>Secure image processor

    "When enabled, the image processor will check album access credentials."

    What? Is not that a standard? Every can see protected and not published albums and images?

    Images>Full image protection

    "Unprotected allows direct display of the image."

    That's my setting. Best.

    "Disable hotlinking"
    Don't work with the image source paths with query string and the image source path to the /cache folder. Also don't work.

  • wibbi Member

    go to admin>albums and for each album you have a "cache album images" link.

    OK. Thank you very much for this note. I accept that as a solution, for me. Even if that means more work for me and I must not forget it, especially if I move images. (I have the information that the images in the folder /cache are not moved.)

    Nevertheless, the problem remains that with the image source paths with query string any one can create zenphotos files on the server. That's a no go! And there are no arguments to justify that.

  • wibbi Member

    Please let me know at which code location the images source paths are generated with the query string. I want to disable this. If there is no image in the cache, then none should be displayed, or possibly a wildcard image.

  • acrylian Administrator, Developer
    edited March 2018

    Zenphoto can only protect where it is involved -> PHP pages. Direct file system access bypasses Zenphoto. You can do this via htaccess server side only. Note that not all server systems support htaccess like nginx and IIS which ZP generally also runs on although not tested.

    Zenphoto treats original and cached images differently. Why put images on the net if you don't want them to be indexed at all?

    If you don’t want to use the original images on your theme, modify your theme. Or even move the albums folder outside the webpath.

    You have been pointed to the rules of visibility and protection before.
    http://www.zenphoto.org/news/an-overview-of-zenphoto-users/
    Again direct file system access is something different.

    The "on the fly" creation is a feature we don't intend to change. You surely will find the image functions and already know about the image processor. We/I will review the "secure image processor" options as soon as I have time for this again.

    I again like to remind you to be a bit careful about your tone. If intended or just caused by writing I don't care.

  • wibbi Member
    edited March 2018

    If you do not like my tone, then complain to Google Translator.

    Why put images on the net if you do not want them to be indexed at all?

    You completely misunderstand that. First, it's my pictures and second, I decide. I decide that only the thumbs should be indexed. Most search engines stick to it. The disguising of paths and all the protecting and secure humbug, I think nothing of it. This is an endless struggle that I find meaningless.

    What do you currently want to write in the robots.txt, if only the thumbs are to be indexed? Well, bad luck, because it does not work! Either resize and thumbs, or none.

    I always use the original paths to the files. I do not have a problem with that. Every protecting and secure is just a hurdle for myself, not for image thieves and hackers and bots. But on the contrary. With pure paths I can fight bots better. Rather, the creation of files using query string is very questionable.

    I have already spent a lot of time in Zenphoto and I think slowly, it is lost time. I had experienced the same thing a few years ago with Joomgallery. It is a pity.

    It is a pity that you are so stubborn and will not meet me if I want to adapt Zenphoto for myself. And that again and again.

    I always get the impression that such CMSs are not made for the general public, but only for the programmers themselves. This is best seen when complicated things are installed that only they themselves find good. And no argument can dissuade them. They fight and protect it.

  • vincent3569 Member, Translator

    I partially agree to that.

    the software should be made to fulfill the needs of users and not just for the pleasure of their developers.
    and at the same time, the software is built over time: you can not always flip the table and there are historical stuffs that can not be changed easily.
    for example, i tried piwigo years ago.
    but I don't like their philisophy with a template framework and a lot of code to disable some unwanted behavior.
    I prefer zenphoto philosophy, where I can create only my needs.

    but nobody is perfect

  • vincent3569 Member, Translator

    after reflection, it is possible that cached image generation from a link may have disadvantages.
    to be honest, I remember that sbillard gave answers (at the time) to my needs for cached image generation for images inserted into my blog.

    I have a gallery for years and I never saw any trouble with that.

    I do not have sufficient technical skills to know how to modify this behavior (for example, a cached image is not generated by a hotlink if the cached image does not exist, or cached images can only generated by zenphoto itself, or something like that).
    but at some point, there must be a zenphoto module that generates these cached images (on the fly, or in a batch).

    and as often on free software, you can get involved to upgrade the software, discuss them with each others, and propose changes via pull request.

  • Let me put history in perspective. The original architect of zenphoto choose to make using the file system a prime architectural feature. You may disagree with that choice, that is your right. Personally, that is the reason I choose zenphoto in the first place.

    The key "feature" of this design is that you can use any tool you like to add images to your gallery and not be concerned about steps to make the image viewable to your public. The only alternative would be to have some intervention that "blesses" your newly uploaded images. Some software do this by insisting that uploading be done only by the program. Zenphoto deliberately chose not to follow that path.

    Another approach would be to ignore images until some process is run to "bless" them. Again, zenphoto choose not to take that path as it was considered both an added burden and a source of confusion. (Why is my image not showing? Oh, forgot to run the discovery process.) There is one way that you could mimic this process, though. You can set your options so that new images are unpublished. Then you could cache them and publish them at your discretion. This is not appealing to me, but if it fits your needs....

    Vincent is correct in his assertion that software should be designed for the user, not the developer. But he is also right that this is an open source project and anyone can make improvements to it if all agree with the implementation. What has not been said, and probably should be said, is that this software cost you nothing. This is because the developers volunteer their time at no compensation to build it. I have not direct knowledge, but I suspect the reason for Gallery's demise is that the developers got tired of bitching and moaning about the software not doing this or that and the complainers not being willing to make any effort to contribute to the cause.

    Anyway, the Gallery scripts still run and may do so for quite a while. Maybe no new features, but if it did what you want, why did you change?

  • acrylian Administrator, Developer

    @wibbi I am sorry if you misunderstood your tone and this is just a common general misunderstanding of written text. But to me it often sounds and sounded like you are new and complain about Zenphoto not being like the tool you used before or like you personally would like to have things. Sometimes without understanding why things are like they are with Zenphoto and that not everything can be changed just because of your personal requirement. You simply cannot expect that. As you said you decide what you use. But we also decide what we work on.

    the software should be made to fulfill the needs of users and not just for the pleasure of their developers.

    Generally true. As mentioned already this is not our main job but indeed primarily (lots of) unpaid spare time and we don't sell anything to you so there is no actual "entitlement" that we need to fullfill someone's specific needs. We also simply can't fullfill wishes just because - as it sounds to me - one new user thinks things should be different that worked for years and never caused trouble. Sounds a bit harsh maybe and we of course want users to use it. It's just part of the reality.

    That does never mean that things could not be improved or reconsidered. I don't think I am really stubborn or against changes per se actually but there is only so much time and anyone has just to accept that we might not agree to everything.

    For example the protection of the image generation by some internal measure is on my list. I think of an internal token set by option or code that is partly used and checked in the url via query. This would ensure only links generated by Zenphoto internal code would trigger image creation.

    One addition to:

    but I suspect the reason for Gallery's demise is that the developers got tired of bitching and moaning about the software not doing this or that and the complainers not being willing to make any effort to contribute to the cause.

    To my knowledge it was actually primarily lacking time because of the actual main job taking over. Lots of open source tools are started in times where time is plenty and then over they years are abandoned.

    Job and rather unpleasant private stuff have been the cause for some development delay in the last past three years as well (that "mysterious major release"). But be assured I have no plans to abandon Zenphoto.

  • wibbi Member
    edited March 2018

    Hey vincent3569, I also tested Piwigo, a few years ago, have invested a lot of time, and then it was all lost time. But I do not remember what was so terrible about it.

    One year before Gallery3 went into hibernation I switched from a pure HTML Gallery to Gallery3. I had tried some photo CMS and Gallery3 was the best because of its simple structure and many useful features. The message from the end of Gallery3 was a shock to me. I had invested a lot of time.

    Why do I want to leave Gallery3? Because I think about the future. Gallery3 has no support, except in a Yahoo group. Gallery3 / Menalto has no future. I am not so flexible and do not have so much time to switch to another CMS at any moment. I've been trying for a long time to test Zenphoto again and try to make some adjustments.

    The file structure is very good. Also the recognition of the files. But, I do not publish immediately at detection, because then still title and description is missing. At Menalto, the tree structure is even more consistent, with cleavage in resize and thumbs. That is very convenient. Always bad is a dump (and rename). Order must be.

    I still have a little problem. I first upload the photos to a editing folder. There I add title and description, maybe even sorting. Then I move the photos to their final place. It is not so good that in Zenpghoto the resize and thumbs are not moved.

    You misunderstand me. I do not want to complain. I program myself and make everything freely available. It is rarely thanked. Everyone wants to have everything for free. But I do it because I enjoy programming. My gallery is also freely accessible and many elaborate collected information is published in it. Partly very detailed descriptions with thousands of characters. I am a historian, by the way.

    You understand me wrong even with Zenphoto. I do not want you to change Zenphoto. I want to customize Zenphoto for me. I do not agree with everything in Zenphoto. But I do not have to take Zenphoto as it is, because I can adapt it to my needs. Core hacks is such a bad word. Better would be modding!

    It would be nice of you to get support by modding. You know your software best and know where what is. I do not like stiff software like a rock. But, if I do not like something, then I'll say it out! ;)

    My Idea: https://github.com/zenphoto/zenphoto/issues/1144

  • acrylian Administrator, Developer

    All right, so we sorted out the misunderstanding.

    "Modding" for personal requirements is what open source allows and that's fine that way. Still we don't need to agree to everything regarding your requirements or specific workflow (like your editing of title etc.). We will never satisfy everyone, that is an impossible task and otherwise we would wear ourselves down.

    I generally agree to your idea on the ticket but as mentioned it needs time and proper investigation.

  • vincent3569 Member, Translator
    edited March 2018

    wibbi
    some tips to improve (or not) your workflow

    • it is better (I think) to add relevant infos on pictures with a photo editor (like lightroom or other): you can add title, tags, gps data, location, copyright,...
      so you don't have to edit them in zenphoto and you don't have the risk of loose them because they are stored in your pictures

    • you can unpublish an album until you have done all the job you have to do (order of pictures, description of album,...)

    • you can have a folder tree for your physical albums (where your pictures are stored) and have a logical order that is different in zenphoto: you can arrange/order them whatever you want in album edit by drag and drop, and you don't need to physically move them (so your zenphoto informations and orders for albums and pictures are kept)
      that logical order doesn't change physical order (for albums tree and, as far I can see, for cache tree)
      example:
      you can have album structure per years and subalbums per events (2017/20170101_travel_to_scotland, 2017/20170106_wedding_of_mary, 2018/20180101_travel_to_japan, 2018/20180106_wedding_of_paul) and then you can reorder theses albums/subalbums as you want in a logical way in zenphoto album edit (why not whith this logical structure: travel/20170101_travel_to_scotland, travels/20180101_travel_to_japan, weddings/20170106_wedding_of_mary, weddings/20180106_wedding_of_paul)

  • wibbi Member

    Hey! All good! Thanks for answers! I'm realy happy on this moment! Wohooo!
    Look at my (modding) solution: https://github.com/zenphoto/zenphoto/issues/1144#issuecomment-372967813

    OK, i'ts only a modding solution, not a general solution. For a general solution, $ _GET can be replaced by a "normal" variable.
    On the moment untested for the backend. time ...

Sign In or Register to comment.