Sorry I misunderstood and posted this in the wrong place. Thank you.
Pages 1
You are not logged in. Please login or register.
Juicebox Support Forum → Posts by bjbarouch
Pages 1
Sorry I misunderstood and posted this in the wrong place. Thank you.
I agree that weak passwords are very likely for family photo galleries -- even for me as a security-minded person. But, it is not much more work to generate and then store a secure hash than a plain text password, and even though rainbow tables will conquer weak passwords, if any of your customers care to use good passwords, they can have high confidence in the security of their perhaps more sensitive images. A simple mistake (or malicious act) in server administration or a .htacess file can result in a php file being sent out as plain text instead of causing it to be processed by the php module on the web server. This is why it is better to use a secure digest or a file outside of docroot instead of plaintext embedded in a php file. Since your customers typically will not be able to utilize a file outside of docroot, the hash is the most secure option remaining.
I do not see it on the demos. I may have only seen it when on the phone, although I cannot recall for sure if that is the only place. However, note that even though it was most commonly or entirely on the phone, it's an iPhone X with the latest IOS, on a home wifi network that is showing no issues and routinely powers multiple netflix streams. You can see what you get when you try this small gallery: https://bjbarouch.com/photos/family/She … ley50.html
The main image should not be smashed up against the top of the browser window. It looks like perhaps the top of the image has been accidentlaly cut off. It looks visually crowded. Please add a
padding-top: 0.5rem
to give a tiny amount of breathing room up top.
I've been told this is already in the plan, but just in case, here a note on it.
While it is nice to allow for these to be different, the address set in config.xml should be the default for password requests unless the latter is explcitly given as well.
It is inconvenient to have the password stored in a separate file from the config file. I was told this was for security, but config.xml and jbcore/pswd.php are both accessible from the client side. To be secure, instead of storing passwords in plain text in any file, passwords should be passed through a secure digest such as SHA-2 and the result of that process stored. If this approach is taken, they can be in config.xml, because knowing these values does not inform anyone of the passwords themselves.
Sometimes, instead of getting a photo, I get the spinner. I figured that this would never happen because of pre-fetching and the fact that these are all low-res images. Also, at least half the time that I get a spinner, it takes "forever", but if I go back or ahead by one image and then back again, it's there instantly, so it doesn't always seem to know that it actually has the image. I have seen the analogous thing happen in the thumbnails when on a iPhone X. In all of these cases, I have been in an environment with excelent network connectivity and modern equipment on the client side.
In the best of both worlds, one could allow for direct links to individual images, but also have the url in the location bar remain the beginning of the slideshow instead of the current image, in case that is bookmarked partway through a gallery. The direct link to image feature could pop up a tiny window with the link to the image ready to be copied or put into a bookmark without being a #image reference in the location bar.
It would be good to be able to put titles and captions under the main image but as wide as the row of thumbnails instead of being contrained by the image's width. Currently you can only do one (Below Image) or the other (BOTTOM).
Might help a user decide if they want to click on that image.
It would be great to incorporate an open source library so users can edit IPTC info directly from within Juicebox instead of having to use an external tool such as exiftool or photoshop and reload image files afterward.
Pages 1
Juicebox Support Forum → Posts by bjbarouch
Powered by PunBB, supported by Informer Technologies, Inc.