So I did as suggested here.
But I'm still seeing some pretty slow responses when getting URLs for files stored in containers on cloudfiles.
The application I'm building has a portion where users can comment. Each user has a profile image which shows up next to their comment. The basic structure of the code is as follows:
1) Authenticate cloudfiles api
2) Open connection
3) Retrieve main users profile image
4) Retrieve all comments from database
4.1) Loop through users comments
4.2) Get container and file name from DB
4.3) Retrieve image from CloudFiles
5) Close connection
I have SNET as true and I am on a Rackspace server but, it seems to crawl in comparison to when I stored them directly on the server. Also the reason I am not storing the public url in the database is due to the user being able to change their image and me wanting to store past images, therefore not overwriting the past image. I could store each past image's url as well as the new images and probably will do that but, wanted to see how fast I could get it prior to doing that.
The reason I am hesitant to go straight to storing each images public url is because on another portion of the site I am going to use Temp URLs for some secure files and am trying to see if I can fix the performance in general.
Any suggestions are appreciated!
Thanks
Related
I have to build an application where users can download videos from a site but cannot share them. My first solution is to save these files in a hidden location on the users computer since one of the requirements is that the user should be able to watch the downloaded videos offline.
Please how do I go about saving a file in a location the user cannot see using php.
Thanks.
One solution is to generate token for each request for a video. That token would have its lifetime. Php script should be serving the content instead of giving direct access to resource to user. The script should check if the token is still active before serving the content.
It is up to you how to pass the token. The simplest way is to make it contained in uri.
No matter where you put your videos in your directory structure, you always send the data as a partial request. Once data is acquired by the user, it could be saved an reproduced.
There are techniques, however, to protect your video from direct download through curl, wget or other ways of download. And this is using a secure token and an expiration, passed as parameters. This way your video download window will be limited and generating the token manually would be pretty hard.
Chidiebere Onwunyirigbo, its a Great Question. One solution for your requirement is Steganography. It is the process of concealing your data (videos) behind other files (multimedia files like image, audio, video), in your case preferable would be Image Steganography. It is quite a old technology but new to many, you can get several ready tools/code for it on the internet which you can customize as per your need. From your side you have to provide the file that is already embedded inside the image for download. Only the tool coded for retrieval and rendering the hidden video can render your video. So, for this part all the users of your site have to first download this desktop application from your site for viewing the video. This will keep your videos safe on the users computer offline, because every user who takes the video will require the reverse steganography tool to be downloaded from your site. You can even embed secret info like users IP inside the Stego image along with the video and for each tool download, associate user computer's IP with the tool. If IP embedded inside Stego image matches with that of tool only then you allow to play else redirect application to get it registered. But the limitation would be that, the users will have to download your application and will be able to view videos only on your desktop application which will render the Steganographed video.
You cannot hide information on the user computer. Even if your process are running on a windows comp as SYSTEM user, a power user can take ownership of the files.
The only solution you have, are developing or using a known DRM system, for allowing only playing the video on a determined computer or another specifications (for example, if the program have the authentication token of some user).
At any case, you need to do two things for this:
- You need a custom application to play the video, if you want to check DRM.
- You need to recode / modify something on the video before download, for adding on them a code for allow only play on the destination computer or data used for authenticating DRM.
I have some Users in my API Service Authenticating with OAuth, via a Web Client (website).
When the User requests their private profile images.. how should these be served up? I see a few options few drawbacks and unsure what's the best decision going forward.
1) host the images with a hashed name... eg (~/public/folder/309dsfas928f39rjkfe93.jpg)
Pro
- Simple, keeps all assets centralized to the Apigility based server.
Con
- nothing preventing something from finding an image .. no of assuring access control once a URL is found.
2) pass back the img data in a JSON request
Pro
- You're assured that the person receiving an image has permission.. every time the image is accessed
Con
- now images need to be stored (temporarily?) on the WebClient's server..
- images traveling in JSON seems wrong to me
Are there datastreaming options instead? Thank you
Nice question!
Right now I have a solution where I pass the image in a base64 encoded sting in the json response. This works nicely and on the client side you can quickly paste the string in the src tag of the html image. So when it comes to workflow it is very smooth.
But I guess others might have something to say about this solution :P
I'm fairly new with CakePHP and images so bear with me. You can assume I'm using the latest version.
I'm trying to build an Android application which can display images retrieved from the server.
Suppose I have an image in the assets folder called football.jpg. How would I store this in the database and then how would I output this to the Android application? Do I send only the link or do I send the whole image over? If it is just the link, does this mean I would have to reconnect to the server with the link and then get the image? Sorry if this doesn't make sense. Still trying to get my head around it.
Just a word of caution, it's probably better to store the file on the server's file system and store the path to the file in the database. The reason behind this is that BLOBs are stored in a different area on the file system to all your other typical data and in terms of retrieval, its not a great deal faster.
Here's a link to what I mean: Store pictures as files or in the database for a web app?
With regards to returning it to your Android app, you can send files in the response object (http://book.cakephp.org/2.0/en/controllers/request-response.html#cake-response-file):
public function sendFile($id) {
$file = $this->Attachment->getFile($id);
$this->response->file($file['path']);
//Return reponse object to prevent controller from trying to render a view
return $this->response;
}
This should give you finer control over what files are returned to your client.
I want to let the users upload their facebook/twitter profile picture as an avatar. I insert a record with their token/secret in the DB. I've made a script that gets the user's id and displays the profile image using readfile() but I want to cache this image for 30 minutes. Is this possible with codeigniter?
Although not codeigniter specific.. On a site I created - when the user logs in with facebook, we download the file using something similar to file_get_contents.. we then store our local reference to it along with a MD5 of the image data.. This allows us to easily check whether we need to update our local store when the profile is next requested (this does require the server to re-download from facebook)
In other instances, we store the file size that facebook reports, so that we can do a HTTP HEAD request to check easily if its changed (I realise size doesn't have a direct relationship to the image changing.. however 99.9% of the time its a good indication.
I'm building a MYSQL database driven website on a AWS EC2 instance. Users can submit their data and we will automatically create a web page for them. The webpage will display their submitted data including a photo. Upon original submission of the user's data, we store the photo in S3 using AWSSDKforPHP. When their information is approved by an administrator a webpage is created via a php script.
I've tried the method of generating a signed url. This however requires a expiration time. Is there a way around this? It also includes your access and secret key in the request. Not sure if that is the most secure way to do things. I'd like the method to be as secure as possible so I don't want to make the bucket public. Unless there is a way to make the stored images available only for viewing.
What's the best method to use in a situation like this? Thanks for your help!!
Basically URLs to amazon S3 buckets are s3.amazonaws/bucket_name/key_name all you need to do is make sure the content on those buckets is publicly available and that mime type for those keys is indeed image (image/jpeg or image/png)
I used this web tool to manage my site. I opend my bucket just to its ip and now i can control the restriction from the tool, for the basic viewer I gave read access only