Problems, need help? Have a tip or advice? Post it here.
6 posts Page 1 of 1
I'm using securefile to upload user images to a gallery. Any image uploaded requires approval by someone with the relevant status, and will be deleted if not approved. It's important that rejected images are not stored.

Working on this on localhost at this stage, I've noticed that if I upload an image (using the front-end form) and then delete it (using the admin panel - front-end code to delete the entry if the checker rejects it is yet to come), the image remains in couch/uploads/attachments.

I've also noticed that if an error arises during the upload (this is related to the form I referred to in viewtopic.php?f=4&t=13159), the image still arrives in the attachments folder - and at that stage there is no entry in the admin panel for it. When the error is corrected and the form resubmitted, a second copy appears.

Is this expected behaviour?

My concerns are
  • that there will be inappropriate images stored on the server (even if very hard/impossible to get to from outside)
  • that we'll end up with multiple copies of many files, and a lot of wasted space on the server
  • as far as I can see, there's no way to know which of the actual files form part of a record, or are approved, so a manual deletion task isn't going to help
I'll leave the behavioral part of image uploading in Couch to @KK, very likely this had been already answered.

My take on a workaround -- save them in a textarea (base64), use some js plugin. Once the image is approved, keep it. ;) Probably this even bypasses a SecureFile type completely, just plain 'image'-type editable is enough (in cases users do not need to delete their uploads via frontend). Btw, I do not have a sample implementation code -- only hope my suggestion opens up some thought space.

My Documentation, Addons, Functions.
Join COUCH:TALK telegram channel

Every file uploaded via securefile it is given a status of 'orphan' by Couch.
It is only when everything goes well that this status is removed and the file become accessible from the admin-panel.

For all other eventualities (including those you mentioned), the 'orhpan' status persists.
At periodic intervals, Couch goes about finding and deleting all such orphaned files.

So, yes, it is expected behaviour - the uploaded files that have not been accepted by the system will remain on the hard-disk for some time but will, eventually, be deleted automatically.

Hope this allays your concerns.
Thanks, as always, @KK - yes, that's very helpful.

Can you give any indication of what triggers the 'from time to time' cleanup? Presumably it's not simply time-based, as Couch doesn't set up cron jobs!
You may find it in couch/addons/data-bound-form/securefile.php (Line 301 as of current version) -
Code: Select all
// take the opportunity to remove orphan files older than 6 hours
$threshold = time() - (6 * 60 * 60);
$rs = $DB->select( K_TBL_ATTACHMENTS, array('*'), "file_time<'" . $threshold . "' AND is_orphan='1'" );
// delete physical file
@unlink( $dest_folder . $rec['file_disk_name'] . '.' . $rec['file_extension'] );

Hope this helps.
Thanks, @KK - it certainly does!
6 posts Page 1 of 1