All Projects

ID Task Type Category Summary Status Last Edited
 438 Bug ReportUser Interface Blank pages in UI. Closed2010-10-11 Task Description

When accessing a password protected folder, a page
with the following URL comes up:

http://<site>/po/login.php?reason=protected

When I enter the correct password, I'm taken to this:

http://<site>/po/login.php

which is a blank page!

A similar thing happens when accepting a client.

You'd think other people would see this and report
it. Local installation problem?

 437 Bug ReportUser Interface Resource password input control not behave like a passw ...Closed2010-08-12 Task Description

When accessing a protected folder, the user is prompted with a password input which shows the input (does not cover it with black dots). Moreover, auto-completion is not disabled on this input field. When the user goes back to that screen, he can type the first character of the password and a completion comes up.

 436 Bug ReportBackend / Core Permission model not working for me. Closed2010-10-11 Task Description

Maybe I am doing something wrong.

In addition to "admin", I have two users in my system, call them Bob and Alice.

Bob has registered Alice as his client.

Likewise, Alice has registered Bob as her client.

Both Alice and Bob have folders which are marked Protected, and in which all images are likewise marked Protected.

Yet, Alice and Bob cannot see each other's pictures and folders at all. Each can only search for his own pictures and folders.

Correctly, an anonymous guest cannot see anything.

Correctly, if either Alice or Bob switch a picture to Public, then everyone can see it, including the anonymous guest.

Correctly, the administrator account sees everything.

Just this Protected access is not doing what I think it should.

 435 Bug ReportBackend / Core Security problem: world readable files in /tmp (and may ...Closed2010-08-12 Task Description

I've noticed that in various situations, Photo Organizer creates files in /tmp.
These have loose permissions due to an inadequate umask.

What's the point of Alice making her pictures private, so that Bob can't
see them, if Bob has a shell account on the box and can see Alice's
data as it passes through /tmp?

My /var/lib/photoorganizer-data directory behaves the same way.
Everything under that is rwxr-xr-x or rwxr--r--.

The data is correctly owned by the apache user account (www-data
in my installation) but files should should be rw-------,
and directories and rwx------.

Is this something that can be done globally with PHP or some Apache2
umask setting?

 434 Feature RequestBackend / Core Alternative authentication desired. Closed2010-10-11 Task Description

It would be good to be able to disable the e-mail registration mechanism and use some other means of authentication. For instance, Linux passwords!

I don't want strange people going into my server, registering accounts and uploading pictures. Moreover, I don't want authorized users to have to go through a registration dance to obtain yet another password. This is one of the things many people hate about websites!!! Everyone and his dog wants you to register a user name and password, then validate it through e-mail (and this is one of the bad qualities of the online photo management companies we can avoid by running it ourelves).

I would like to be able to create an account for someone at the OS level, and then have that user name and password simply work in every application.

Showing tasks 1 - 5 of 5 Page 1 of 1

Available keyboard shortcuts

Tasklist

Task Details

Task Editing