Uploaded images which are not cropped should be deleted
Bug #598990 reported by
François Marier
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Libravatar (obsolete) |
Fix Released
|
High
|
François Marier |
Bug Description
If someone uploads an image (with Javascript turned on) and then closes the tab instead of clicking the "crop" button, the image is never cropped/resized but it stays on disk and can be assigned to an email address.
I'm not sure what the ideal solution is here, but the original image should not be usable within the system until it is resized/cropped. If it's not modified within a reasonable length of time, it should be deleted.
Or perhaps (if it's possible) it should not be written to disk in its original form and should only hit the disk once it's fully cropped & resized.
To post a comment you must log in.
Here's my idea for a simple solution:
1- uploaded images end up in /uploaded/ but don't make it to the database at all
2- the image hash is passed to the cropping page
3- the cropping page reads from /uploaded/ and writes to /ready/
4- the cropping page then deletes the image from /uploaded/
5- the cropped photo gets an entry in the DB pointing to /ready/<hash>.jpg
6- the "assign_photo" controller only looks for images that are in /ready/
Then we also have a cronjob that periodically deletes all files in /uploaded/ that are older than 1 hour ago.
That way, the only place that raw user data gets displayed is on the crop page.