Watermarking, Classes, Thumbnailing, Security.. oh my! :)

[Wes1890]

Im working on a big project, my biggest php project yet. And im doing alot of things ive not done before (image functions, videos, template system.. etc).. so of course i have some Qs.. and this place has helped my before so i came back

 

1. Watermarking.

- a) I can watermark an image. But Im wanting to resize and watermark an entire directory. So when images are uploaded, they go to the "pics" directory, then, they are resized and watermarked. So if i directly access any picture in the "pics" directory (if someone hotlinks), I want it to be watermarked.

 

- b) Is it possible to watermark videos with php? lol If not, whats should i use? Should i make

 

2. Classes

- a) Ive read MANY MANY MANY tutorials and articles on classes. I know how to use them. But i cant find any reason to do so! Please teach me what i can use them for. Show me examples with mysql database stuff, and forum related things so it's more familiar with me

 

3. Thumbnailing

- a) Is it possible to thumbnail a random section of a video with php?

- b) How would i thumbnail an image and have it link to the original size? (watermarking both)

 

4. Security

- a) How do i test my site for holes? Manually? Is there a program i can run to check for commor errors? (like SQL injections and stuff like that

 

 

Ill have more Qs later...

[xylex]

1. Watermarking.

Depending on what your application does, server load, and many other variables, either resize and add the watermark when the file is uploaded prior to saving it in the upload directory in the web root, or save it outside of the web root, and add an image retrieval function/class to display the images.

 

For video manipulation, try FFMPEG.

 

2. Classes

Classes and OOP typically make code maintainablity, team development, and reusabilty much easier than procedural coding.  Yes, you can build any project without using classes and have it function the same way as if you had used classes, and depending on the project and what you're familiar with, do it much faster without classes.  However, as you need to add functionality or have other developers working on the script, it is a lot easier to keep track of what's going on if things are divided up into objects. 

 

3. Thumbnailing

FFMPEG again

 

4. Security

This is another aspect where classes and OOP comes into play.  If you make a data sanitization class, you only have one place to look at for common security holes as far as SQL injections or XSS comes into play.  There are a few programs and services that will check for these issues, but if all of your data is being cleaned by a single class, this wouldn't be too much of a concern.  The much larger potential security issues with an app like you described are going to be in your file upload and handling, and there isn't really any automated tests to do that.  A good article about some common issues are at http://www.scanit.be/uploads/php-file-upload.pdf.

 

Good luck with it, and remember when you're architecting larger projects like this, designing the code to be easy to update and modify is just as important getting it to work.

[Wes1890]

1. Watermarking.

Depending on what your application does, server load, and many other variables, either resize and add the watermark when the file is uploaded prior to saving it in the upload directory in the web root, or save it outside of the web root, and add an image retrieval function/class to display the images.

 

For video manipulation, try FFMPEG.

 

Ive talked my server into installing ffmpeg.. im trying to figure out how to use it now.. know of any tuts? And can i watermark videos with ffmpeg also?

 

2. Classes

Classes and OOP typically make code maintainablity, team development, and reusabilty much easier than procedural coding.  Yes, you can build any project without using classes and have it function the same way as if you had used classes, and depending on the project and what you're familiar with, do it much faster without classes.  However, as you need to add functionality or have other developers working on the script, it is a lot easier to keep track of what's going on if things are divided up into objects.

 

Its just hard for me to find a tutorial that uses real examples.. most tutorials use the "foo bar" method of examples, and that doesnt help me..

Could someone explain to me how i could make a class:

1. gather and "cleanup" (striptags etc) post_vars

2. redefine them as locar vars

3. add posted info into db

just an example of course.. or would you even use a class for this? (because this is a repeating process for me)

 

 

4. Security

This is another aspect where classes and OOP comes into play.  If you make a data sanitization class, you only have one place to look at for common security holes as far as SQL injections or XSS comes into play.  There are a few programs and services that will check for these issues, but if all of your data is being cleaned by a single class, this wouldn't be too much of a concern.  The much larger potential security issues with an app like you described are going to be in your file upload and handling, and there isn't really any automated tests to do that.  A good article about some common issues are at http://www.scanit.be/uploads/php-file-upload.pdf.

 

Good luck with it, and remember when you're architecting larger projects like this, designing the code to be easy to update and modify is just as important getting it to work.

 

I must learn classes! lol