PictShare is an open source image, mp4, pastebin hosting service with a simple resizing and upload API that you can host yourself.

Overview

PictShare logo

PictShare

https://pictshare.net

Apache License HitCount

Host your own images gifs mp4s text bins and stay in control


Table of contents


New Features in v2

  • Added support for external storage
  • Encryption of files in external storage
  • Added text hosting (like pastebin)
  • Added URL shortening
  • Added WebP to images (and conversion from jpg,png to webp)
  • Massive code rework. Actually we designed it from the ground up to be more modular and easier to debug

Features

  • Selfhostable
  • Simple upload API
  • 100% file based - no database needed
  • Scalable
  • Many Filters for images
  • GIF to MP4 conversion
  • JPG, PNG to WEBP conversion
  • MP4 resizing
  • PictShare removes all exif data so you can upload photos from your phone and all GPS tags and camera model info get wiped
  • Change and resize your uploads just by editing the URL
  • Duplicates don't take up space. If the exact same file is uploaded twice, the second upload will link to the first
  • Many configuration options
  • Full control over your data. Delete images with individual and global delete codes

Development roadmap

  • Duplicate detection
  • Write permission detection
  • Delete codes for every uploaded file
  • Upload via link/url
  • Upload via base64
  • Autodestruct for every uploaded file

Config options

Read here what those options do

  • ALT_FOLDER
  • URL (instead of FORCE_DOMAIN but mandatory)
  • LOG_UPLOADER
  • FFMPEG_BINARY
  • PNG_COMPRESSION
  • JPEG_COMPRESSION
  • WEBP_COMPRESSION
  • MASTER_DELETE_CODE
  • MASTER_DELETE_IP
  • UPLOAD_FORM_LOCATION
  • UPLOAD_QUOTA
  • UPLOAD_CODE
  • LOW_PROFILE
  • IMAGE_CHANGE_CODE
  • MAX_RESIZED_IMAGES
  • ALLOW_BLOATING
  • BACKBLAZE

Image hosting

  • Resizing
  • Filters
  • Gif to mp4 conversion
  • Upload of images

Text file hosting

  • Upload of text files
  • Render template for text files
  • Raw data view
  • Downloadable

URL shortening

  • Upload of links to shorten

MP4 hosting

  • Resizing
  • Preview image generation
  • Upload of videos
  • Automatic conversion if not mobile friendly or wrong encoder used
  • Render template for videos

This is a HASCHEK SOLUTIONS project

HS logo

Comments
  • Valid response back, no image on server

    Valid response back, no image on server

    ui-response Server response is ok {"status":"OK","type":"png","hash":"1ucq23hnr5.png","url":"http:\/\/192.168.99.100\/1ucq23hnr5.png","domain":"http:\/\/192.168.99.100"}

    But image is not present in upload folder

    opened by scorobogaci 14
  • upload image from cordova

    upload image from cordova

    Hi there thanks for this great piece of work I've uploaded all files working just fine. I have one question though I've tried to add the url for upload in my hybrid app in view to upload the image via cordova. you have mentioned in your readme file the following. UPLOAD_CODE If set, will show users a code field in the upload form. If it doesn't match your setting, files won't be uploaded. If enabled, the Upload API will need the variable upload_code via GET (eg: https://pictshare.net/backend.php?getimage=https://www.0xf.at/css/imgs/logo.png&upload_code=YourUploadCodeHere)

    what if I am uploading the image from my phone there will be no url per se. in my file I have the path of the image only. Any help will be much appreciated

    opened by hmdadou 9
  • Very high CPU and swap space usage.

    Very high CPU and swap space usage.

    I'm getting really high CPU usage, and swap space being used up on my server all of the sudden from pictshare (I'm using the docker image). pictshare has about 5000 pictures, and has had no issues until now. Might be a memory leak?

    7416  php-fpm        335072 kB
    7415  php-fpm        334936 kB
    7417  php-fpm        334376 kB
    7428  php-fpm        334328 kB
    7424  php-fpm        333968 kB
    7426  php-fpm        231788 kB
    7513  php-fpm        31904 kB
    7422  php-fpm        12692 kB
    7973  php-fpm        8356 kB
    7396  php-fpm        3372 kB
    

    I just checked and no new files are being added to the pictshare folder, so no uploads are taking place either.

    opened by dessalines 8
  • Unsupported filetype for valid image using geturl.php

    Unsupported filetype for valid image using geturl.php

    Could you help me test this seemingly valid image with geturl.php?

    https://MY_PICTSHARE.com/pictshare/api/geturl.php?url=https://i.guim.co.uk/img/media/4d908693e566fdd7f8cdeac559f6375b739887a3/356_37_3264_1958/master/3264.jpg?width=1200&height=630&quality=85&auto=format&fit=crop&overlay-align=bottom%2Cleft&overlay-width=100p&overlay-base64=L2ltZy9zdGF0aWMvb3ZlcmxheXMvdGctZGVmYXVsdC5wbmc&enable=upscale&s=3a70177dcc60673c606302d96fcbd9bc

    Error:

    filetype: "x-empty"
    reason: "Unsupported filetype"
    status: "err"
    

    opened by dessalines 8
  • Include caching headers when serving image files

    Include caching headers when serving image files

    It would be beneficial if caching headers were part of the response when serving image files;

    Cache-control: public, max-age=31536000
    

    As these files should be pretty much immutable. I can submit a pull request for this, if you point me to suitable method where this should be handles.

    opened by thomasjsn 8
  • Possible XSS vulnerability

    Possible XSS vulnerability

    Hello,

    I would like to report for XSS vulnerability.

    in api/info.php

    function getInfoAboutHash

    function getInfoAboutHash($hash)
    {
        // ...
            
        return array('hash'=>$hash,'size_bytes'=>$size,'size_interpreted'=>$size_hr,'type'=>$type,'type_interpreted'=>getTypeOfFile($file));
    }
    

    line 15

    $hash = $_REQUEST['hash'];
    // ...
        $answer = getInfoAboutHash($hash);
        $answer['status'] = 'ok';
        exit(json_encode($answer));
    // ...
    

    exit function will terminate the script and print the message which has $_REQUEST['hash']. Then there is XSS vulnerability.

    opened by enferas 7
  • Potential Security Issues

    Potential Security Issues

    Hello,

    I'm just getting in touch as we recently received some disclosures against this repository through our disclosure program. I tried looking for a contactable e-mail and security policy to send the details to, but could not find either.

    You can find the details for the disclosures here:

    https://huntr.dev/bounties/1-HaschekSolutions/pictshare/ https://huntr.dev/bounties/2-HaschekSolutions/pictshare/ https://huntr.dev/bounties/3-HaschekSolutions/pictshare/ https://huntr.dev/bounties/4-HaschekSolutions/pictshare/

    They are private to yourself and the reporter. If you would prefer not to sign-up to view the disclosures, let me know, and I will be happy to share them with you over some other means.

    Let me know if you have any questions.

    -- Jamie from huntr.dev

    opened by JamieSlome 6
  • some sort of access control

    some sort of access control

    Is there any interest in adding some form of access control to limit who can upload files? I'm interested in using this, but I would be the only person I'd want to be able to upload files.

    An API key for the upload API would be simple. Some sort of login to limit the web interface would be a bit more work.

    opened by aaronpk 6
  • v2 Data directory not writable

    v2 Data directory not writable

    I am trying out v2 of pictshare and I noticed that upload page is not hidden if I enable

    define('UPLOAD_FORM_LOCATION', 'secret/upload');

    also I get this error, any idea what folder needs some modification or what kind of permission change is necessary?

    image

    opened by feruzm 6
  • CORS issue when uploading via browser

    CORS issue when uploading via browser

    Is there an example of how to upload images via regular form data ?

    I've been trying to use pictashare, hoewver getting errors when uploading

    Access has been blocked from origin by CORS policy

    opened by gevera 5
  • cannot make it work on ubuntu server

    cannot make it work on ubuntu server

    When I try to upload a file I'm getting cannot post error. Am I missing something?

    curl -F "file=@/Users/apple/Desktop/dev/bethabit/marketing/logo.png" https://bethabit.com/api/upload.php

    
    <!DOCTYPE html>
    <html lang="en">
    <head>
    <meta charset="utf-8">
    <title>Error</title>
    </head>
    <body>
    <pre>Cannot POST /api/upload.php</pre>
    </body>
    </html>
    

    this is the nginx block I use.

    
    server {
            listen 80;
            server_name bethabit.com www.bethabit.com;
    
            client_max_body_size 50M; # Set the max file upload size. This needs to be equal or larger than the size you specified in your php.ini
    
            root /var/www/pictshare-master; # or where ever you put it
            index index.php;
    
        location / {
            try_files $uri $uri/ /index.php?url=$request_uri;
        }
    
        location ~ \.php {
            fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; #may be slightly different depending on your php version
            fastcgi_index index.php;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_script_name;
        }
    
        location ~ /(data|tmp|bin|content-controllers|inc|interfaces|storage-controllers|templates|tools) {
           deny all;
           return 404;
        } 
    }
    
    

    this is the pictshare config

    
    <?php 
    /**
     * All settings that are uncommented are mandatory
     * Others optional
     */
    
    //Use a specific domain for links presented to the user
    //Format: https://your.domain.name/
    // MUST HAVE TAILING /
    define('URL','https://bethabit.com/');
    
    //define('JPEG_COMPRESSION', 90);
    //define('FFMPEG_BINARY','');
    //define('ALT_FOLDER','/ftp/pictshare');
    //define('ALLOWED_SUBNET','192.168.0.0/24');
    
    //S3 settings
    //
    //define('S3_BUCKET','bucketname');
    //define('S3_ACCESS_KEY','');
    //define('S3_SECRET_KEY','');
    //define('S3_ENDPOINT','http://localhost:9000'); //optional, only if you're using S3 compatible storage like Minio
    
    
    
    opened by ghost 5
  • Automatic WebP

    Automatic WebP

    opened by geek-at 0
  • Scaled instances and the deletion problem

    Scaled instances and the deletion problem

    Now the codebase has been rewritten we can start and think about the problem with scaling pictshare: deleting content.

    Imagine two Pictshare servers connected through a shared folder (ALT_FOLDER)

    An image is requested frequently so both servers have a local copy and there is a copy in the shared folder.

    If the user wants to delete the image, it's deleted off the server the user sent the request to and from the shared folder.

    the second server never got any info about any deleted hash so they kept theirs.

    Possible solutions:

    • Keep a list of deleted hashes in all storage controllers
    • Use some kind of centralized database that manages all hashes and stati
    • Make all nodes somehow communicate with each other
    help wanted Feature request 
    opened by geek-at 7
Owner
Haschek Solutions
Innovation - Education - Security
Haschek Solutions
Pomf is a simple lightweight file host with support for drop, paste, click and API uploading.

Pomf Pomf is a simple file uploading and sharing platform. Features One click uploading, no registration required A minimal, modern web interface Drag

Pomf 772 Jan 8, 2023
Upload File Library For PHP ( Simple & Easy User )

Upload File Library For Backend/ServerSide PHP ( Simple & Easy For Use ), Support Multiple Upload

Lamhot Simamora 1 Oct 12, 2021
Basic anonymous and registered upload storage for temporary share file self hosted.

TMPShareX Basic anonymous and registered upload storage for temporary share file self hosted. Server Requirement PHP 7.4.8 [Support PHP 8] Nginx 1.19.

Sandy Hermansyah 1 Feb 3, 2022
FIle Uploader is a php package to aid fast , easy and safe file upload

FILE UPLOADER FIle Uploader is a php package to aid fast , easy and safe file upload installation composer require codad5/file-helper Features Fast an

Aniezeofor Chibueze Michael 2 Sep 3, 2022
This package used to upload files using laravel-media-library before saving model.

Laravel Media Uploader This package used to upload files using laravel-media-library before saving model. In this package all uploaded media will be p

Ahmed Fathy 312 Dec 12, 2022
This project is a demo for Media-Upload package:

??️ Media-Upload-Demo This project is a demo for Media-Upload package: ?? Installation guide As always you need to: composer install Then npm install

Mohamed Hafidi 9 Jan 9, 2023
ORM-based file upload package for php.

#Stapler Note: If you've previously been using this package, then you've been using it with Laravel. This package is no longer directly coupled to the

Code Sleeve 541 Dec 30, 2022
FileGator - a free, open-source, self-hosted web application for managing files and folders.

FileGator - Powerful Multi-User File Manager FileGator is a free, open-source, self-hosted web application for managing files and folders. You can man

FileGator 1.3k Jan 3, 2023
High-quality cloud service for text translation. 100+ Languages

CloudAPI.Stream High-quality cloud service for text translation. 100+ Languages https://cloudapi.stream/ Class initialization $CAS = new CAS; Key inst

CloudAPI.Stream 1 May 8, 2022
🌩支持多家云存储的云盘系统 (A project helps you build your own cloud in minutes)

Cloudreve 支持多家云存储驱动的公有云文件系统. 演示站 • 讨论社区 • 文档 • 下载 • Telegram 群组 • 许可证 ✨ 特性 ☁️ 支持本机、从机、七牛、阿里云 OSS、腾讯云 COS、又拍云、OneDrive (包括世纪互联版) 作为存储端 ?? 上传/下载 支持客户端直传

Cloudreve 17k Jan 7, 2023
Simple file uploading, Pomf like

Pomf-0x80 Simple file uploading, Pomf like. Features One click uploading, no registration required IPFS Upload + Pin A minimal, modern web interface D

Iqbal Rifai 4 Apr 28, 2022
A Flysystem proxy adapter that enables compression and encryption of files and streams on the fly

Slam / flysystem-compress-and-encrypt-proxy Compress and Encrypt files and streams before saving them to the final Flysystem destination. Installation

Filippo Tessarotto 27 Jun 4, 2022
Private file storage and share with user build with laravel and vue inspired by google drive

LaravelDrive is a file storage system that allows store private file and share with users build wiht laravel and vue inspired by google drive. Laravel

Shahadat Hossain 70 Dec 22, 2022
Laravel Flysystem was created by, and is maintained by Graham Campbell, and is a Flysystem bridge for Laravel.

Laravel Flysystem Laravel Flysystem was created by, and is maintained by Graham Campbell, and is a Flysystem bridge for Laravel. It utilises my Larave

Graham Campbell 492 Feb 4, 2022
Abstraction for local and remote filesystems

League\Flysystem About Flysystem Flysystem is a file storage library for PHP. It provides one interface to interact with many types of filesystems. Wh

The League of Extraordinary Packages 12.7k Dec 30, 2022
Detects file type by filename or content and generates correct mimetype.

FileTypeDetector Files type detector based on file name extension or file content (binary content). Usage Installation Supported formats Usage File Ty

Sergey 31 Oct 6, 2022
Abstraction for local and remote filesystems

League\Flysystem About Flysystem Flysystem is a file storage library for PHP. It provides one interface to interact with many types of filesystems. Wh

The League of Extraordinary Packages 11.9k Apr 22, 2021