Re: [Owncloud] New application FaceFinder

Sat, 16 Mar 2013 15:36:41 -0700 

On 03/16/2013 10:34 PM, aaron.messner wrote:


Hello


I work on the Project FaceFinder an application for Owncloud

The goal of thisa application is to help the user to manage the images.

To do this the application has various functions.

It supports the extraction of Exif data like camera type and focal length.

It is also able to extract tags and you can tag the images.


There is also the possibility to search for the images and to check 
the equality of all images .



The project is in a early state. I would be interested in your opinion.



This is the git Repository if you are interested


<https://github.com/noldmess/facefinder.git>


thanks for helping me to make my application better



_______________________________________________
Owncloud mailing list
Owncloud@kde.org
https://mail.kde.org/mailman/listinfo/owncloud

Hi, i looked into the code a bit, and just some stuff that i found ;) so 
just some constructive feedback (i know the code is in an early stage). 
I'm writing the apps development docs, so just some code feedback from me ;)


* You are missing CSRF checks in the ajax/ folder files
* Theres also an XSS vulnerability in templates/search.php

* by using json_encode directly your code is vulnerable to sniffing in 
IE, please use the built in OCP\JSON::success() or the JSONResponse 
class from the appframework app.



Please see 
http://doc.owncloud.org/server/master/developer_manual/app/general/security.html



Also i dont know what the module loader is, but you might also want to 
check the built in classloader: 
http://doc.owncloud.org/server/master/developer_manual/app/app/classloader. 
<http://doc.owncloud.org/server/master/developer_manual/app/app/classloader.html>


Some coding tipps:

* If you name a class manager it probably has to many responsibilities. 
Check SOLID: http://en.wikipedia.org/wiki/SOLID_(object-oriented_design) 
<http://en.wikipedia.org/wiki/SOLID_%28object-oriented_design%29>
* Singleton is a bad pattern because its essentially a global. See 
http://www.youtube.com/watch?v=-FRm3VPhseI



Its cool that you use tests (cheers!) but you might want to reduce the 
pain and lines of code dramatically by using dependency injection ( 
http://doc.owncloud.org/server/master/developer_manual/app/general/dependencyinjection.html) 
(a hint: my appframework app helps you out with that one ;D read the docs)

_______________________________________________
Owncloud mailing list
Owncloud@kde.org
https://mail.kde.org/mailman/listinfo/owncloud






















					Reply via email to