nano-pro

Oliver/nano-pro

Fork 0

Commit graph

Author	SHA1	Message	Date
DJP	dacc351113	Remove cron requirement - add automatic cleanup on launch Changes: 1. AUTOMATIC IMAGE CLEANUP (No Cron Needed) - Cleanup runs automatically when app launches - Triggers randomly ~10% of sessions to avoid performance hit - Finds and deletes images older than 24 hours - Logs cleanup activity to error_log - Replaces need for cron job 2. RELAXED .htaccess SECURITY - Was: Deny all access (too strict) - Now: Allow image files (.jpg, .png, .webp, .gif) - Still blocks: Directory listing, .meta files - Images can be accessed if needed - Maintains security without breaking functionality 3. DOCUMENTATION UPDATES - Removed cron setup from INSTALL.md - Added "Automatic Image Cleanup" section - Updated Quick Start (removed cron step) - Simplified deployment process Benefits: ✅ No cron configuration needed ✅ Works perfectly on shared hosting / MAMP ✅ Automatic maintenance without admin intervention ✅ Performance impact minimal (10% probability) ✅ Images still expire after 24 hours ✅ Cleanup happens organically as users use the app Technical Details: - autoCleanupExpiredImages() method added to SessionManager - Calls cleanupExpiredImages() silently on init - rand(1, 10) === 1 gives ~10% trigger rate - Failures logged but don't break app Perfect for deployment without shell access! 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>	2025-12-16 10:23:43 -05:00
DJP	7d1cd03a32	Add multi-user support with 24-hour image expiration Implemented complete session management system for multiple users: New Features: - Isolated user sessions with unique session IDs - File-based image storage (not in PHP session) - Automatic 24-hour image expiration - Session directories: uploads/sessions/{session_id}/ - Images stored with metadata (creation time, expiry, MIME type) New Files: - session_manager.php - Complete session management class - cleanup.php - Cron script to delete expired images - uploads/.htaccess - Security: prevent direct file access Updated Files: - api.php - Uses SessionManager for file-based storage - index.php - Loads images from disk via SessionManager - .gitignore - Exclude user uploads from repository Usage: - Each user gets isolated session automatically - Images auto-delete after 24 hours - Run cleanup.php via cron: `0 * * * * php cleanup.php` Security: - Session IDs regenerated on first access - Upload directory protected by .htaccess - User images isolated by session 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>	2025-12-16 08:56:26 -05:00

Author

SHA1

Message

Date

DJP

dacc351113

Remove cron requirement - add automatic cleanup on launch

Changes:

1. AUTOMATIC IMAGE CLEANUP (No Cron Needed)
   - Cleanup runs automatically when app launches
   - Triggers randomly ~10% of sessions to avoid performance hit
   - Finds and deletes images older than 24 hours
   - Logs cleanup activity to error_log
   - Replaces need for cron job

2. RELAXED .htaccess SECURITY
   - Was: Deny all access (too strict)
   - Now: Allow image files (.jpg, .png, .webp, .gif)
   - Still blocks: Directory listing, .meta files
   - Images can be accessed if needed
   - Maintains security without breaking functionality

3. DOCUMENTATION UPDATES
   - Removed cron setup from INSTALL.md
   - Added "Automatic Image Cleanup" section
   - Updated Quick Start (removed cron step)
   - Simplified deployment process

Benefits:
✅ No cron configuration needed
✅ Works perfectly on shared hosting / MAMP
✅ Automatic maintenance without admin intervention
✅ Performance impact minimal (10% probability)
✅ Images still expire after 24 hours
✅ Cleanup happens organically as users use the app

Technical Details:
- autoCleanupExpiredImages() method added to SessionManager
- Calls cleanupExpiredImages() silently on init
- rand(1, 10) === 1 gives ~10% trigger rate
- Failures logged but don't break app

Perfect for deployment without shell access!

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>

2025-12-16 10:23:43 -05:00

DJP

7d1cd03a32

Add multi-user support with 24-hour image expiration

Implemented complete session management system for multiple users:

**New Features:**
- Isolated user sessions with unique session IDs
- File-based image storage (not in PHP session)
- Automatic 24-hour image expiration
- Session directories: uploads/sessions/{session_id}/
- Images stored with metadata (creation time, expiry, MIME type)

**New Files:**
- session_manager.php - Complete session management class
- cleanup.php - Cron script to delete expired images
- uploads/.htaccess - Security: prevent direct file access

**Updated Files:**
- api.php - Uses SessionManager for file-based storage
- index.php - Loads images from disk via SessionManager
- .gitignore - Exclude user uploads from repository

**Usage:**
- Each user gets isolated session automatically
- Images auto-delete after 24 hours
- Run cleanup.php via cron: `0 * * * * php cleanup.php`

**Security:**
- Session IDs regenerated on first access
- Upload directory protected by .htaccess
- User images isolated by session

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>

2025-12-16 08:56:26 -05:00

2 commits