reportabuse

[ghost]

So, I've set SMTP settings for gmail,

No errors at all, so I made a modification in Mailer.php
Adding error_log($th->getMessage()); after catch (Exception $th) { in sendMessage

"PHP message: SMTP Error: Could not authenticate" -> weird.
This issue is on my end, not the codes end but I want to point out:

This was all while reportabuse.php is showing Your report has been submitted successfully

So, log errors in some form + why not display if there was "an internal server error" that prevented the email from sending?

There's no errors if smtp is completely disabled either, so its something to think about

Apparently the issue I was having with authentication is due to this, switching to something like this worked just fine. Sorry for jumping

Also there was an issue I fixed here where the "Add Page"(manage pages) button was not functional due to there being no

element set(even though was set)
Why don't any default 'translations' exist for about/privacy/terms?

It would be kinda nice(but unnecessary ultimately) to be able to add 'allowed' file extensions beyond editing vendor/farisc0de/phpfileuploading/src/filter.json

• Why are file names hashed? E.g. 'mantle.html' to '5d339950900db9ceb5cc40ae367419b44575a084.html' , is this something that can be a setting? Where is the component that changes the name? I'd definitely enjoy to modify it myself for my own instance but I haven't found it,
  I know of the functionality inside /src/Upload.php but I haven't narrowed it down to find the exact piece yet

[farisc0de]

1. Glad that worked.
2. I'll look into the add page button issue
3. Yeah actually I was planning to do so to edit the filter from the dashboard
4. Yes, you can find this setting in actions/upload_file.php line 54 u can remove this $upload->hashName(); and it will save the file with the original name

[ghost]

Again, I'm a big fan so far of the project. I'm definitely gonna work on it for a little and try and get it to a point where I feel comfortable releasing it to my site, adding and changing stuff to my own liking.

Have you ran into any issues with having the original file names saved? Definitely a situation where you'd want to escape the name just for safety. Mainly I was wondering if you chose hashed file names for a compatibility/security reason or out of design choice.

Have you considered having a "instances" section in the readme.md , able to show public instances running this software? (If people make a pull request to have their website/instance added anyway) - just a quick thought/question , I've seen it done with LibreY and I liked the concept personally.

What's your preferred method of contact if you don't mind? I'd enjoy discussing certain ideas/questions as they come up in a non public space, if you're up for it. Twitter, Discord, Whatsapp?

[farisc0de]

For the hashing it is there to upload the same file more than once because I am generating a new file id for each upload.

I am might look for a better method to handle this.

For other contact channels u can try me on Discord fariscode.

[ghost]

For the hashing it is there to upload the same file more than once because I am generating a new file id for each upload.

I am might look for a better method to handle this.

That makes sense.

I'm thinking of having the file saved as a hashed version, but saving the filename in plaintext in the database to show / download as.

I also came up with this but it doesn't seem ideal for me, just functional

foreach ($_FILES['file'] as $key => $file) {
    if ($key === 'name' && !empty($file)) {
        $_FILES['file'][$key] = pathinfo($file, PATHINFO_FILENAME) . '_' . generateRandomString(6) . '.' . pathinfo($file, PATHINFO_EXTENSION);
    }
}

atm, I'm looking into just having hash_id as the file name on disk, as that would not have duplicate files (for the same user) to exist and allow file_name to be the actual file name without the issue you brought up