|Subject:||Hi there, Excellent work, already using this on my experime...|
|Summary:||Package rating comment|
tobozo rated this package as follows:
|Utility: ||Not sure|
|Examples: ||Not sure|
|Hi there, |
Excellent work, already using this on my experimental environment.
Here's my 1$ contrib :
- Security issue : trusting the 'type' property of the uploaded file is not enough to prevent filetype spoofing and binary injection (especially since the content is passed to 'shell_exec' afterwards. You might consider using mime_content_type(), and parse video headers with ffmpeg as an enforcement.
- There are no options to tweak the encoding (size, ratio, fps, etc).
- The class checks for 'ffmpex2theora.exe' but shell_execs 'ffmpeg2theora', it won't work as is on linux/mac boxes.
- Consider using a better filename filter (ex: slugify() from Symfony does a decent job) as windows, linux and macos do not have the same restrictions, also check for file existence before writing, and use escapeshellarg() when building your shell_exec() string.
- Add webm, mp4 and flv support, html5 videos are not only in ogv format and some browsers need a fallback, converting to multiple formats in one operation is always helpful.
Hope this helps