Image deletion

[luceos]

There are a few cases we need to take care of image deletion;

• Discussion or post creation was cancelled even though we've uploaded the file.
• Delete images once the post they contain is deleted (including when the whole discussion was deleted). This only happens on hard deletion (delete forever in Flarum terminology).
• Delete images that have been removed from the filesystem. We might need to replace these with an obvious text or a "404" image.

[BartVB]

In a system that we've built/are building we save all uploaded images which are also viewable in an image gallery by the user. Optionally the user can move images to public gallery folders which can be accessed from their user profile.

If an image is used in a user profile or post this is recorded in the database. This makes it easy for users to clean up orphaned images and you can properly deal with deleted images in topics.

[Hari-Bonda]

+1 ❤ Imgur image Deletion https://api.imgur.com/endpoints/image/#image-delete

[therealmaxmoon]

This issue is open for 7 years and there is still no possibility to delete uploaded data?

I find it fatal, that users can upload stuff and then hide it with the trash icon (why is that even a thing?). It can be even hidden from the admin, because admins do not see hidden media in the user profile, even if they have the permission (View user uploads).

Imagine someone uploads pedophile material on your server, hides it, shares the links to other pedophiles and no admin/mod will ever notice it.

Is there currently a way to completely delete a file in an emergency right now? For example, if an admin sees illegal material and MUST delete it instantly.

[clarkwinkelmann]

Part of this has been implemented through the mapping+cleanup process.

See https://github.com/FriendsOfFlarum/upload#mapfilescommand to implement.

If there's any infringing material, use the post edit feature to remove the image/file from the post, then the command will automatically delete the file. Same if a file is never successfully posted, it will end up deleted.

If you are worried about users using Flarum as a CDN until the cleanup process runs, you can also configure your webserver in a way where hotlinking is prevented. This way it will be very unpractical for anyone to use your forum as a file hosting service.

[luceos]

The feature request has been completed in the latest release (as Clark points out). Closing.

@therealmaxmoon if you need a new feature, eg remove files on this post, without deleting the post (as Clark mentions), then do create a new feature request as a new issue.

[therealmaxmoon]

Part of this has been implemented through the mapping+cleanup process.

I had some issues to execute those commands, but I've created a new issue for this.

you can also configure your webserver in a way where hotlinking is prevented.

hmmm... I thought hotlink prevention is activated as a default or what exactly does this option do if it's not activated?:

But after embedding pictures on another website from my forum the images showed up and hotlinking was possible.

After a while I figured out I have to add the hotlink prevention before including the .nginx.conf, which was provided by flarum.

I added search engines to the white list, but still don't know if it's a good or bad idea?

server {
	location ~* \.(?:jp?g|gif|png|webp)$ {
		valid_referers none blocked ~.google. ~.bing. ~.yahoo. ~.duckduckgo. ~.ecosia. ~.qwant. ~.startpage. ~.metager. utopify.org *.utopify.org;
	    	if ($invalid_referer) {
			return   403;
		}
	}
	include /var/www/flarum/.nginx.conf;
        [...]

[Digital-XxX]

I can't delete the photos I uploaded on the Shared uploads on my flarum forum. Every time I try deleting it, I get an error saying "Could not delete file"

Help please. Also when I try deleting it using the Imgur API using my client-ID, I get a 403 Error, says Unauthorized.