Make scanning of files folder for fonts optional for D6 version (already dropped in D7 version)

The Image CAPTCHA admin page scans for available fonts in various places:

//(from image_captcha.admin.inc around line 235)

  // We only show the name of fonts from the files directory
  // and do not provide a preview for security reasons:
  // files in files directory can be uploaded by normal or even anonymous
  // users and should not be trusted.
  $fonts = _image_captcha_get_available_fonts_from_directories(array(file_directory_path()));
  foreach ($fonts as $font) {
    $available_fonts[$font->name] = $font->name ." ($font->filename)";
  }

Maybe you have a huge "files" directory and it's the scanning of that directory that takes all the time?

Can you try disabling the scanning of the files directory and check if that fixes your problem:

//  $fonts = _image_captcha_get_available_fonts_from_directories(array(file_directory_path()));
//  foreach ($fonts as $font) {
//    $available_fonts[$font->name] = $font->name ." ($font->filename)";
//  }

I'm even tempted to just drop the scanning of the files directory.
In #496204: Configurable font storage location (eg. /usr/share/fonts), we added scanning in folders sites/all/libraries/fonts and sites/example.com/libraries/fonts. This is much better than the files directory, which was the only option originally.

But maybe it's best to make it optional for the Drupal 6 version
and drop it for the Drupal 7 version

Please leave it active, because It's not fixed yet :)

commit http://drupal.org/cvs?commit=453490 from #670810: Port to Drupal 7 removed support for the files directory, so this issue is fixed for the Drupal7 version.

This issue is not fixed for 6.x version. And causing issues. The default array for scanning has the correct paths entered, but the admin page that calls the function passes in the files directory, negating the default paths.

Attached is a patch to remove that call and use the defaults only.

I have this issue too. Our files directory is on a SAN with 20GB+ and 200K+ files. Scanning all them by default would take ages. I created a patch that allows users to set extra folders to scan (one or more local dirs and/or the drupal files (sub)folders). By default it turns off files scanning thus breaking compatibility with current code (intentionally). It's patched against 6.0-2.5.

Cheers,
Andrei

I'm not sure if this is worth all the hassle of making it optional (note that explode(":", ..) of an empty string does not return an empty array).

Why not just drop support for the files directory in D6 completely?
There are security and performance reasons to do so.

I personally don't use the files feature, but I didn't want to just take it away since D6 version has it already. Maybe others rely on it.

I also wanted to make it customizable in case other want to use some different folders.

Related to explode and empty string, there is a if ($extra_paths). I think that's ok, right?