tags:

views:

118

answers:

2
+1  Q: 

How would I implement an upload by email service for my photo sharing website?

I have a photo sharing website in development and want to be able to allow users to add photos and video by email attachment. I have email addresses for the site (hosted with goDaddy). I also have a LAMP CentOS application server running on Amazon Web Services EC2 that processes files uploaded via my web-based uploads page, so would like to use the same PHP scripts to process files sent as email attachments. My first questions are -

1) To get the attachments to my application server would I use PHP's IMAP/POP functions to get the emails from goDaddy? Periodically check for new emails?

2) Is it as easy as setting up a catch-all email address and giving users a unique email to send photos to (eg. [email protected] and give each user [email protected]) Then look for emails with the .photos bit and use the username bit to determine who uploaded the photos...?

What other steps would I need to implement? Any other advice about how best to achieve this is welcome

A: 

Why not just have one email address, eg. [email protected], and then look at the sender address to determine which user the photo belongs to?

klausbyskov  2009-12-11 11:35:32
Good question ... I am looking at what Flickr do, they provide a unique email address for each user and I suspect there are security reasons for this, also the user may not be uploading from the same email address that we have on record, however we do require a unique email address for each username so your suggestion would work from a practical point of view - thanks
undefined  2009-12-11 11:39:48
I can easily spoof an email from address
David Kemp  2009-12-11 11:41:41
@David Kemp and so can most users in here, but I don't see why it's relevant. @undefined could easily make users approve the photos sent in by email before making them visible on his site. I mean what are the odds that someone knows that I have an account with his site and would use this knowledge to send loads of images from my (spoofed) address? And what would the damage be?
klausbyskov  2009-12-11 11:56:34
What would be the odds? If it's a photo sharing site then it's probably really obvious when an user uses the site and it's not that difficult to find out his email address.
Tomas Markauskas  2009-12-11 12:07:46
@Tomas, that is correct, but please read the entire sentence.
klausbyskov  2009-12-11 12:34:30
This is not good if the user wants to publish those pictures automatically like flickr does. I wouldn't want random pictures to appear in my photostream.
Tomas Markauskas  2009-12-11 13:31:49
+1  A: 

You could forward those emails to your EC2 instance and pass them to a shell script. I remember doing this with a line in my .forward file like this:

|/path/to/my/script

The script would get the email via STDIN. That way you won't need to check your inbox periodically as emails would get delivered instantly.

To identify users I would suggest having unique secret email addresses for each user, as it's really easy to spoof the sender address. You could setup a catchall address (e.g. *@post.example.org) so you don't need to configure each address separately.

Tomas Markauskas  2009-12-11 12:00:43
thanks, I'm not familiar with .forward files, is this something that I could use with an email provider like goDaddy?
undefined  2009-12-11 12:28:01
I think you guys are complete forgetting usability. How would a person, like my mom for instance, ever use that "secret" email address to send photos to the site? Oh, you just go to hotmail and change your sender address... uhm no... but then just open outlook and create a new account, and remember to always send from that account when you upload photos. I think not.
klausbyskov  2009-12-11 12:37:47
The secret email is not the sender email, but the recipient one. You could use any of your accounts but just need to use a special recipient address that only you know, so no one could abuse it. Just add the address to your contacts and you're ready to go. No configurations or anything...
Tomas Markauskas  2009-12-11 13:38:14

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases