Uploaded images which are not cropped should be deleted

Bug #598990 reported by François Marier on 2010-06-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Libravatar (obsolete)
Fix Released
High
François Marier

Bug Description

If someone uploads an image (with Javascript turned on) and then closes the tab instead of clicking the "crop" button, the image is never cropped/resized but it stays on disk and can be assigned to an email address.

I'm not sure what the ideal solution is here, but the original image should not be usable within the system until it is resized/cropped. If it's not modified within a reasonable length of time, it should be deleted.

Or perhaps (if it's possible) it should not be written to disk in its original form and should only hit the disk once it's fully cropped & resized.

François Marier (fmarier) wrote :

Here's my idea for a simple solution:

1- uploaded images end up in /uploaded/ but don't make it to the database at all
2- the image hash is passed to the cropping page
3- the cropping page reads from /uploaded/ and writes to /ready/
4- the cropping page then deletes the image from /uploaded/
5- the cropped photo gets an entry in the DB pointing to /ready/<hash>.jpg
6- the "assign_photo" controller only looks for images that are in /ready/

Then we also have a cronjob that periodically deletes all files in /uploaded/ that are older than 1 hour ago.

That way, the only place that raw user data gets displayed is on the crop page.

François Marier (fmarier) wrote :

The full solution using Gearman is still not done, but now images are renamed after they are cropped/resized and only these ones can be associated to an email address.

This was causing errors with overzealous caching proxies that ignore caching headers.

Changed in libravatar:
assignee: nobody → François Marier (fmarier)
importance: Undecided → High
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Related blueprints