Avatar upload options

waccoe.com · February 2, 2017

I noticed 4.1.18 update now only allows members permissions upload an avatar or not

Previously we had this configured so users could set an avatar only by URL....to prevent them uploading images to our server.

Now they can't set an avatar at all since the feature was changed, if a user wants to set avatar via URL, a staff member with the correct permissions has to do it manually on their profile!

This is a step back!

Ideally we would like to have 3 options

Avatar set via upload and URL
Avatar set via URL only
Avatar set disabled

Is there any chance this could be looked at please?

Thanks.

Simon Woods · February 2, 2017

Wow, really? I thought I had misread the release notes but this is actually the way it works now? You are forced to block uploads altogether if you don't want people to use only the upload method?

For my site I need to go by upload only but now I'm especially doubtful that this will be possible. Either way this is not good.

Rhett · February 2, 2017

uploading via url and upload from the pc are pretty much the same thing, it will either upload the image directly from the url provided or it will upload it from selecting the file on the local pc, both store the image locally though.

Can you clarify? Maybe there was some confusion on how this works? and you thought it was only linking to the url prior? (if so it was actually importing it locally)

waccoe.com · February 2, 2017

5 minutes ago, Rhett said:

uploading via url and upload from the pc are pretty much the same thing, it will either upload the image directly from the url provided or it will upload it from selecting the file on the local pc, both store the image locally though.

Can you clarify? Maybe there was some confusion on how this works? and you thought it was only linking to the url prior? (if so it was actually importing it locally)

So "Upload Photo" and "Import From URL" pretty much do the same thing? Think that's what's confusing me. I thought "Import From URL" was different.

Rhett · February 2, 2017

Yes, both are uploading the photo locally on your site, one is pulling it from a url, one is pulling it from your pc.

waccoe.com · February 2, 2017

1 minute ago, Rhett said:

Yes, both are uploading the photo locally on your site, one is pulling it from a url, one is pulling it from your pc.

Where are these stored please ? Are they automatically deleted when the avatar is changed / removed ?

Rhett · February 2, 2017

Just now, MattLx said:

Where are these stored please ? Are they automatically deleted when the avatar is changed / removed ?

/uploads/profile

and yes

waccoe.com · February 2, 2017

5 minutes ago, Rhett said:

/uploads/profile

and yes

Brilliant, cheers.

Simon Woods · February 2, 2017

The confusion I have -- mostly because I haven't updated yet -- is whether I can remove the option for people to upload from URL. I want the only options to be No Photo or Upload Photo.

opentype · February 2, 2017

5 minutes ago, Simon Woods said:

The confusion I have -- mostly because I haven't updated yet -- is whether I can remove the option for people to upload from URL. I want the only options to be No Photo or Upload Photo.

What’s the logic/requirement behind that? As Rhett already said: the results will be the same anyway. If you wouldn’t allow me to input an URL as upload source, I would just drag that same image onto my desktop and upload it from there. Same result. So why force me to take that extra step?

Rhett · February 2, 2017

9 minutes ago, Simon Woods said:

The confusion I have -- mostly because I haven't updated yet -- is whether I can remove the option for people to upload from URL. I want the only options to be No Photo or Upload Photo.

yes you can

1 minute ago, opentype said:

What’s the logic/requirement behind that? As Rhett already said: the results will be the same anyway. If you wouldn’t allow me to input an URL as upload source, I would just drag that same image onto my desktop and upload it from there. Same result. So why force me to take that extra step?

The concern for some was people using the upload from url to capture the servers location, this option to disable the remote url option was added to address this concern.

Netherlord · February 2, 2017

34 minutes ago, opentype said:

What’s the logic/requirement behind that? As Rhett already said: the results will be the same anyway. If you wouldn’t allow me to input an URL as upload source, I would just drag that same image onto my desktop and upload it from there. Same result. So why force me to take that extra step?

Could it be a security thing. I remember someone saying a server ip could be gained from url import.

Simon Woods · February 3, 2017

7 hours ago, opentype said:

What’s the logic/requirement behind that? As Rhett already said: the results will be the same anyway. If you wouldn’t allow me to input an URL as upload source, I would just drag that same image onto my desktop and upload it from there. Same result. So why force me to take that extra step?

It's a check against inappropriate use of other people's work. It isn't the only thing we do, nor is it necessarily an especially strong tool against this problem but at the very least we can block the laziest users who do this and make the others take an extra step as a chance to reconsider potential inappropriate use.

Invision Community 4: SEO, prepare for v5 and dormant account notifications

Invision Community 5: Beta testing and latest updates

Invision Community 4: A more professional report center

Invision Community 5: A video walkthrough creating a custom theme and homepage

Avatar upload options

Recommended Posts

waccoe.com

Simon Woods

Rhett

waccoe.com

Rhett

waccoe.com

Rhett

waccoe.com

Simon Woods

opentype

Rhett

Netherlord

Simon Woods

Archived

Recently Browsing 0 members

More