[Catalyst] [ANNOUNCE] Meios Photo Gallery App

Tue Dec 13 16:00:50 CET 2005

Jürgen Peters wrote:
> very nice, i may use this as a starting point. wanted to do some serious app
> with catalyst for a long time and your's seemes to be easy to understand,
> since well structured. but i have one concern...
> 
> in lib/Meios/Catalyst/Controller/Administration.pm the begin sub does:
> 
>  sub begin : Private {
>      my ($self, $c) = @_;
>  
>      if ($c->req->path !~ /administration\/login/i) {
>          if (!$c->user) {
>              $c->res->redirect('/');
>          };
>      };
>  };
> 
> now, if i'm not mistaken, $c->req->path gives back everything behind the base
> url. so wouldn't it be possible to call
> http://host/Administration/Gallery/delete/1/administration/login which would
> execute the delete action since administration/login would be seen by catalyst
> as some values, but the begin sub would think it's a login?

Probably, although deletes are alway on POST, but that wouldn't stop
someone who really wanted to.

I'm not sure there's a good way to do it, other than move /login outside
of /administration/.

-=Chris

> 
> ---
> Jürgen Peters
> 
> On Mon, 12 Dec 2005 21:13:24 -0500, Christopher H. Laco wrote
>> After some lengthy tinker sessions, I'm happy to announce the existance
>> of Meios. Meios is a small Catalyst based photo gallery application
>> geared towards allowing a user create and upload photos in galleries.
>>
>> WHAT YOU WILL NEED:
>>
>>   - Catalyst 5.61ish (at least 5.5+)
>>   - DBIx::Class
>>   - DBI and DBD::SQLite
>>   - Image::Thumbnail
>>   - Image::Size
>>   - Image::EXIF
>>   - GD or Image::Magick
>>   - Path::Class
>>   - YAML
>>   - C::P::FormValidator
>>   - C::P::FillInForm
>>   - C::P::Authentication
>>   - C::P::Authentication::Store::Minimal
>>   - C::P::Authentication::Credential::Password
>>   - C::P::Authorization::Roles
>>   - C::P::Session
>>   - C::P::Session::State::Cookie
>>   - C::P::Session::Store::File
>>
>> GETTING STARTED:
>>
>> First, checkout the source:
>> svn co http://handelframework.com/svn/CPAN/Meios-Catalyst/trunk/ ./Meios
>>
>> Edit Config.yml and change this line to GD or Image::Magick 
>> depending on what you have installed:
>>
>>   imager: Image::Magick
>>
>> then simply run the built-in server:
>> cd ./Meios && script/*server.pl
>>
>> then go to http://localhost:3000/
>>
>> That's it!
>>
>> Most of the configuration is stored in Config.yml in the source
>> directory along with sqlite database.
>>
>> Buyer beware. Meios is still very your. THere's almost no docs and test
>> yet. I'm working on that. :-)
>>
>> There are a couple of screenshots in http://handelframework.com/downloads/
>>
>> -=Chris
> 
> 
> _______________________________________________
> Catalyst mailing list
> Catalyst at lists.rawmode.org
> http://lists.rawmode.org/mailman/listinfo/catalyst
> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.rawmode.org/pipermail/catalyst/attachments/20051213/1e08dc2c/smime.bin