Version: 1.00, by Scott MacVicar
Developer Last Online: Mar 2016
Version: 2.2.x
Rating:
Released: 01-20-2002
Last Update: Never
Installs: 12
Is in Beta Stage
No support by the author.
This is a hack which allows you to save the attachments as files and not within the database. The main problem with this was the fact that it posed certain security issues, these have been tackled by doing the following
Placing the folder below document root
Using random hashes to name the file
Changing the file extension to .file
Never divulging the path to the file
This is a beta hack, it has been tested on a development board. I have had insufficent time to fully complete the attachment importer, this removes the files from the database and creates them as physical files in the attachment folder. I will post this as soon as possible.
Looking forward to your feedback.
Scott
To install this hack upload this file to the admin directory and then view it in your browser.
All the changes that Jawelin suggested have been applied, thanks man
Show Your Support
This modification may not be copied, reproduced or published elsewhere without author's permission.
Originally posted by PPN both refrences in editpost.php require to have the function above it
[...]
I think i missed out some files now that i think about it. The moderate feature in the admin panel and the simply /moderator.php file as well as the /mod/moderate.php
I'll look into this now
Thanks. About moderate.php, I was just meaning that file was in the 'mod/' folder, not at the same level of others... And, as you specified the folder for functions.php, it should be cleaner the same notation to that file. Just typo, as said.... :kiss:
The other question ? Well, I hwr think it should be useful; as the "attachment as file" option is in settings and any time could be changed with a radio button, I absolutely think it should be a way (AdminCP menu) to move files out/in from/to DB...
Don't you agree ?
Thanks again.
P.S.: hope my question should be useful and not harmful... :supwink:
In admin/functions.php, function deletethread(, there is
PHP Code:
if ($attachmentids!="") {
$DB_site->query("DELETE FROM attachment WHERE attachmentid IN ($attachmentids"."0) AND NOT attachmentid IN ($omitattachmentids"."0)");
}
I think just before should be a removeattachment(); call even there, should not ?
Besides, I think there's a little bug in building filename:
in the same admin/functions.php, there's
which builds the hash appending '.file' extension.
Just later the same hash is INSERTed INTO db.
But all the times the same hash is red in other files, it's again appended another '.file' string.
This way I definetively think a file named 'hash.file.file' should be searched, when the file in dir is 'hash.file'...
PPN how hard would a hack be which saved attachments into a remote database, specified in the attachment.php or a seperate config file? At the moment I am paying a lot of my main mySQL database which is quite powerfull. However I am filling it with attachments quickly and I have some cheaper, slower mySQL space which I would like to use for attachments. This could then get to be many GB's instead of having to not use them at all.
Any help appreciated, I would even have a go at it myself!
Jawelin: I have to work out a simple way to do that as its a list of attachment id's, i'm sure i'd have to explode the variable and then do a foreach loop. Will look into this in a bit and then i'll look into the mistake with the hash
Martz, this would double your bandwidth usage though, from mysql database to server with forums, then from forums to user. So if they download a 5mb file then its really 10 on your bandwidth.
Why not simply make the attachments as files or are you short on space?
Well, im short on disk space as well since I'm on a shared server. 200mb disk space and 300mb mySQL space. Like I said, I'm at about 220mb now, and I've disabled attachments. The remote mySQL space is pretty much unlimited as it will be hosted by orange.net.
I dunno what to do, and I can't move everything to the orange.net mySQL server
They provide gaming services for UT, like UT servers and some web bits and pieces. They have an IRC server (ripper.unreal.orange.net) linked to a small network of ours.
The mySQL space is arranged, however I need to be able to hack it to work.
I said I would modify the attachment to advertise the site http://unreal.orange.net for each attached file after "Nickname has attached this file" in posts.
Details »»
About Developer
Visit Web Site
Is in Beta Stage 
01-27-2002, 08:26 AM
