CodeSOD: Image Uploading

The startup life is difficult, at the best of times. It's extra hard when the startup's entire bundle of C-level executives are seniors in college. For the company Aniket Bhattacharyea worked for, they had a product, they had a plan, and they had funding from a Venture Capitalist. More than funding, the VC had their own irons in the fire, and they'd toss subcontracting work to Aniket's startup. It kept the lights on, but it also ate up their capacity to progress the startup's product.

One day, the VC had a new product to launch: a children's clothing store. The minimum viable product, in this case, was just a Magento demo with a Vue Storefront front-end. Strict tutorial-mode stuff, which the VC planned to present to stakeholders as an example of what their product could be.

Everything was going fine until five minutes before the demo. The VC discovered a show-stopping problem: "The storefront is showing obscene images!"

The "obscene" pictures were just photographs of female models, typical for a clothing storefront. But since this was a children's store, the VC was in a panic. "I can't demo this to other investors!"

Setting aside the problems of why the VC hadn't noticed this more than five minutes before, Aniket was given his mission: take a pile of replacement images and upload them to the server.

Well, with the configuration the server had, there was no way to upload images through the UI. Aniket could SSH in, but that presented a new problem: he didn't have write access to the directory where the files lived.

While Aniket tried to make a plan of how to fix this, his phone blew up with texts from both the VC and from the CEO of Aniket's startup. "What's the status?" "What's the ETA?" "You need to go faster."

Aniket couldn't overwrite the images, but he did have access to some commands via sudo, specifically managing Nginx. And that gave Aniket an idea.

All the images served by the storefront lived under the url /images. Aniket wrote an Nginx rule to redirect /images to port 8000, dropped the new images in a directory that he did have write access to, and then ran python -m http.server 8000 to launch a webserver hosting the files in that directory on port 8000.

The VC got to start their demo on time. Aniket closed his laptop and texted his CEO. "I've done the job, but my laptop is now broken. I'm going to take it in for repair." Aniket then went out for a much needed walk and took the rest of the afternoon off.

[Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!

This post originally appeared on The Daily WTF.

Leave a Reply

Your email address will not be published. Required fields are marked *