NYCPHP Meetup

[Jayesh Sheth]

Hello all,

I would like to post some pictures (from the recent Mermaid Parade in 
Coney Island) to my website. I have considered using Gallery for its 
ease of use, but I have some reservations: I have noticed some automated 
bots scanning my sites in attempt to break into them using known 
exploits in commonly used pieces of open source software such as 
PHP-Nuke and Gallery.

Gallery recently had a large security hole patched (this hole enabled 
anyone to log in as an administrative user). Thus due to the widespread 
use of Gallery and the possibility that it has more undiscovered holes, 
I am wary of using it.

I am considering the following: Just writing a small script that will 
read a list of image files from a directory, and then give me the option 
to add captions to them. Once I have specified the captions and pressed 
the submit button, that list of files and captions will be entered into 
the (MySQL) database and exist as a new "album". The files themselves 
will be uploaded via FTP. This seems relatively easy to do. I should be 
able to do a prototype of it fairly quickly.

With a smaller amount of well-looked-over code (that does not include 
any  built-in uploading capability) it might be easier to avoid security 
problems.

But before I spend time creating this, I was wondering if there is a 
less well known and slimmer photo gallery application for the PHP / 
MySQL platform that anyone can recommend.

There is Coppermine ... but I am not sure how good that is.

If not, then I might just write the light gallery manager that I 
mentioned above. I wonder if what I write would be of use to others - 
since programs such as Gallery are very feature-rich; and the typical 
end-user would  much prefer using an insecure feature-rich application 
over a minimalistic secure script. But if there is a need for a secure, 
light alternative to Gallery, then I might release what I create as open 
source.

Best Regards,

- Jay Sheth