ByteHoard

Should a user be able to copy and move a folder if perms are set as Viewable ?, really ? Not in my opinion and for whom who agree with me I post a quick solution.

There is no any code change this time, its all in database, so login to your mysql or whatever you use and run two sql commands.

First command removes  “moving action” for the folder

delete from bh2_modulesaccesslevel where module = ‘movefolder’ and accesslevel = 1;

Second command removes “copying action” for the folder

delete from bh2_modulesaccesslevel where module = ‘copyfolder’ and accesslevel =1;

Cheers

Please do not apply bh21z.patch.2 patch. A files are not down-loadable in IE then. Its a bug in bytehoard to calculate size of the files using the same function filesize(), this func cannot calculate size of the folder. I have changed to run du unix command to get this working, but doesn’t work in lovely IE.

Apply this patch if you need to download entire folders and ONLY folders.
Sorry for inconvenience.

I have released two patches for 2.1 Zeta version. Some of the most known issues has been fixed, such us

• downloading the files via browser and email
• dropZone
• deleting folders / moving to trash
• adding users (groups related)
• Quota for folders
• groups/sharing
• calculation folders size (2nd patch only)
• …

Little issues not listed, next time I will be better with documentation, maybe some changelog ?!

Second patch “bh21z.patch.2″ for linux users only (OSX may work too, however not tested, see the source before use).

Please apply all patches in correct order. Downloads available here

Best

Problem:  A user with View privileges to a File/Folder can move said File/Folder thus causing a non-read action known as a delete to the file.

Explanation: The Move command was created by duplicating the copy command and making the needed changes.  Unfortunately 2 lines too many where re-used, specifically in the database install scripts.

Fix:  Delete the privledge entry from the database using the following SQL queries (Works on MySQL)

DELETE FROM `bh2_modulesaccesslevel` WHERE CONVERT(`bh2_modulesaccesslevel`.`module` USING utf8) = ‘movefolder’ AND CONVERT(`bh2_modulesaccesslevel`.`accesslevel` USING utf8) = ‘1′ AND CONVERT(`bh2_modulesaccesslevel`.`status` USING utf8) = ‘1′ LIMIT 1;

AND

DELETE FROM `bh2_modulesaccesslevel` WHERE CONVERT(`bh2_modulesaccesslevel`.`module` USING utf8) = ‘move’ AND CONVERT(`bh2_modulesaccesslevel`.`accesslevel` USING utf8) = ‘1′ AND CONVERT(`bh2_modulesaccesslevel`.`status` USING utf8) = ‘1′ LIMIT 1;

Or in simpler SQL command…

DELETE FROM `bh2_modulesaccesslevel` WHERE `bh2_modulesaccesslevel`.`module` = ‘movefolder’ AND `bh2_modulesaccesslevel`.`accesslevel` = ‘1′ AND `bh2_modulesaccesslevel`.`status` = ‘1′;

and

DELETE FROM `bh2_modulesaccesslevel` WHERE `bh2_modulesaccesslevel`.`module` = ‘move’ AND `bh2_modulesaccesslevel`.`accesslevel` = ‘1′ AND `bh2_modulesaccesslevel`.`status` = ‘1′;

Out Come:  Future software releases – Release B and above will have this issue resolved.  ETA August 25, 2009 (with additional improvements).

Apology:  We sincerely apologize for any inconvenience which this bug may affect you with.

Gratitude: We thank you for your patrionage.

*Warning – This is a living Document.  Be sure to check back for new information.*

1. Basic Security – Encryption.  Be sure to enable SSL (Secured Socket Layers) in order to encrypt data transfers.

So it appears the folder I fixed didn’t make it into the release building folder…

So..  I’ve installed it into my test server and everything seemed to be reacting about right, so please try a new version.

Thanks for your patience.

-Mike

Files are available.

http://sourceforge.net/projects/bytehoard/files/

Hi Everybody, Before I hacked and slashed the web site I mentioned a pseudo summer of code. Well, that was this last week, and I’m pretty happy with the development.  I wont’ say a million lines where coded, but I added a feature that I was seeking, a few minor features and corrections, and I got a huge lesson on the code behind ByteHoard.

New Features for 2.1 – Zeta

1. FolderDZ – Akin to FileLink, this creates an drop zone link to allow a short term upload zone for a contact to leave files.  This will allow users to both send and receive files.
2. Admin page reminder to remove Install folder – Does not inhibit, just to be annoying.
3. Added File and Folder Move command.
4. File link code generator – optimized.
5. German Language file added – thanks to Manuel Sommerhalder (Good for 2.1 Epsilon, hopefully Manuel will help us out again with the new updates)

There are database changes to the Zeta version.  Please read the README, and follow the update script’s instructions.  Please, Please, PLEASE backup your stuff before upgrading.

Planned Updates:

1. Face Lift – I see alot of potentials to improve on the UI.  I don’t promis a full web 2.0 app, but I plan to clean up and streamline the UI.
2. New Uploader front end – I was first planning to switch to SWFUpload, however it’s still bound by the limitations of PHP upload limits.  So I’ve found a few java applets which rip apart the file into chunks and PHP accepts them as smaller files and reassembles them.  If you know of a good GPL or equally licensed app please let me know.
3. Code optimizations – I’ve noticed a few bits that need to be re-written.  Some functions take up PHP time when SQL could handle them directly.   Some functions have routines which provide no benifit, so it’ll be an old fashon car wash and clean off some dirty code.
4. Documentation – I love the phrase “Code is self-documenting”, however I have to also state reading English is far less complicated than code…  So I vow that the next version will have developer friendly documentation.
5. Friendlier Authentication Modules – I’d feel more comfortable saying we where LDAP compliant by having an admin screen to setup LDAP with test functions and all.  Asking admins to read the files and insert rows into the DB is a bit hard for the poor overwhelmed admin.
6. Friendlier permissions – The software has the ability to enable/disable modules, add and remove permissions, however many of these functions require hacking a database.  So to improve developer/admin relationships we’ll add in some modules to control these privileges.
7. Integration with ClaimAV – Many hosting servers already have it with their email systems, we should be tapping into the same system just as we do with ImageMagic.

Software updates will be delivered when they’re ready.  We’re not here to please the stock holders, we’re here to write good software.  According to my schedule, I’m aiming for late August.

Please send me feed back.  I want to know what my clientel is doing with ByteHoard, how they’ve implemented it, or their mods.  What do people want to see?

The code is ready, install script updated.  I need to step back from the functions, clear my head of the routines and then do one last review of the changes before I publish them.  The new version of ByteHoard Should be available by Tuesday (Maybe Wednesday if you’re on the other side of the globe).

Thanks,

You’re development team.

-Mike – mike@mikeylikes.it

Welcome to ByteHoard.Org, Home to the ByteHoard project.

Please see the links on the right for downloads.

Documentation coming soon.

Please visit our bulletin board @ http://bytehoard.org/bbpress/

I apologize for the restarting of the bulletin board.  It appears the previous bulletin board system could not handle the stress of a public web site.  I’d rather be making code than patching someone else’s, so I’ve switched to an all WordPress site.  Wordpress is not a perfect beast, but it works out of the box, and updates with ease, something us web developers should always strive for.

Any how.  Welcome to the hoard; hopefully I’ll have something new for ya all this week.

-Mike