As anyone with a website knows... bandwidth is money and graphics on your server is both time (draw time) and money.

As with a lot of forum owners I was hit with a lot of people uploading images to my server and then direct linking from another board OR some user from another site likes an icon, smilie or avatar on my site and uses it as an http: from some other forum that doesnt allow uploads.

Basically... major bandwidth issue

One thing I was thinking about was the possibility that

1. The admin could turn off uploads selectively
2. The admin could set uploads for member groups

The admin would have the choice to disable uploads of one kind or another (say no pictures but allow avatars) and then the other would be for example that simply registered users cannot upload at all... only members in a particular group (in my case, paid members), so I could say the "p-net member" group is allowed to upload and the "Registered User" group cannot.

This turns uploading and having a custom avatar or having your photo on the site into a bonus item.

Hi Mark,

Another great suggestion. I'll certainly look into this possible and i can quite understand your concerns. I'll look at this for a future release and have published your comments as a reminder. I've also added this to my tasklist

I'll certainly keep you posted however again with the release of 3.1 due in a few days i doubt something like this will be ready for then. Maybe 3.2 or 3.3

Explore our products...
http://demos.instantasp.co.uk/

My feature requests are not meant to push you into an all night code fest for 3.1, there seems to be enough in 3.1 to make my users VERY happy and I want to lay hands on it right away so I can roll it to my users hopefully as soon as Monday.

Im just going to let loose with feature ideas and you can pick and choose what and when you do things.

Like I said in the other topic, I may just start being a mod monster for you.

Hi Mark,

I quite understand - thats no problem - i just like to please and i'd like to make IF.NET as good as possible.

I've spotted a few issues which i must address today but will be reviewing your comments and suggestions tonight hopefully

Your suggestions are saved within the forums which i use when working on updates for ideas and suggestions - I'm sure you will see something soon,

Explore our products...
http://demos.instantasp.co.uk/

I have thought of a neat way to deal with this problem

The forum administrator sets a maximum width and height (32 x 32 seems reasonable) for uploaded images. If a user uploads an image which is larger than this limit, the accepting server component scales it down to the maximum allowed and saves the file as either a JPG or a GIF depending on which format produces the smallest file. With .NET this is all very easy to do  since you can encode a bitmap object into two memory streams, once using the Jpeg encoder and again using the Gif encoder. Then choose to persist the smallest of the two streams to a file. This ensures that the files are not too big and don't consume too much disk space on the server.

Then to top it all off, don't publish a direct URL link such as <IMG src="/instantforum34/attachments/00000010-0000-0010-8000-00AA006D2EA4.bmp"> to the picture file on those pages where it should be displayed.

Instead, link to an ASPX file with an ID number parameter like <IMG src="getavatar.aspx?123456"> (which removes the problem of long GUID-like file name URLs streaming across the web).  This ASPX file then only needs to look at the requestor's REFERER header and if it is not the same domain as the one which is hosting the ASPX file, then it replies with the usual red "X" picture instead of the real avatar.  This then ensures that there are no bandwidth theft from other sites.

Now do I get a Noddy badge, or what?

Wow - Thanks for your input Fred. The forums currently offers some of your suggestions in terms of image resizing and limiting the size of images but as you quite rightly point out the images are served directly at the moment. I can certainly reuse this existing code to speed up this idea. Moving the images to a file for serving makes sense to restrict who can view the image.

This would be very simple todo and the attachments feature currently works like this. Thanks for your comments Fred - they are greatly appreciated. This will be reviewed for inclusion within a release soon

Have a great weekend Fred - oh send my your mailing address for the Noddy Badge

Explore our products...
http://demos.instantasp.co.uk/

Ryan,

Thanks -- as a new user of your InstantForum component, it did strike me as odd that the current version 3.4 already implemented some of my brilliant ideas. Oh, maybe since this thread was started last year you have brought out a newer version which addressed the bandwidth issue. My ideas are always too late! Never quite manage to patent anything...yet.

Regards,
Fred

Hi Fred,

No worries your comments and suggestions always appreciated and encouraged. Your idea regarding images being served from a ASPX in order to control the domain is excellent and i'll be looking into this the moment i get a couple of minutes

Please do keep any suggestions coming. They are very welcome

If you have any questions or problems Fred please don't hesitate to contact me

Explore our products...
http://demos.instantasp.co.uk/

My experience with protecting images aginst bandwidth thefts is the following:

No all browsers report the REFERER, so looking at it with checking the domain might exclude a lot of the honost visitors!

Since we needed the same level of protection, we took the folowing approach:

If REFERER is empty or if REFERER is in the right domain we show the image. That should make images work for all the honost vistors.

If you try to use the image somewhere else, 90% of all vistors there will get the "red cross"... That the last 10% see the image is not that much an issue, since using your site to host for instance signature and avatar images makes no sense if 90% can't see it.

This has worked well for us, and proven to work. So please do not limit image showing to only the same domain... you'll be loaded with support questions on why images don't work! Been there and tried THAT!