Search results
Security settings
ResourceSpace allows users to customise the security settings of their accounts. The length, complexity and frequency of password expiry can be configured, as can a failed login protocol, which determines when a ban is placed on a user account or IP address.
CSP frame-ancestors
The article discusses the use of CSP frame-ancestors to specify which sites can embed a ResourceSpace page using certain HTML tags. To enable this feature, the configuration option $csp_frame_ancestors needs to be set as an array of valid parent URLs.
Tesseract OCR
Tesseract OCR is an open-source utility for extracting text from images and scanned documents. It runs locally on servers, ensuring data privacy and compliance with data protection policies. Installation on Ubuntu/Debian involves updating packages and verifying installation.
Whisper
Whisper is an open-source automatic speech recognition (ASR) system by OpenAI that transcribes audio and video files into text using deep learning models, all locally on your server for privacy. It ensures data security, compliance with regulations like GDPR, and can be used offline.
Managing files with Microsoft SharePoint? You could do more with DAM
Is your organisation still using Microsoft SharePoint for digital asset management? You could do so much more with a dedicated DAM system.
SAML
Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorisation data between parties, specifically between an identity provider and a service provider. In the context of Digital Asset Management (DAM) systems like ResourceSpace, SAML is often used to facilitate Single Sign-On (SSO) capabilities.
The Complete Guide to Metadata
Metadata is data that provides information about other data, without describing the content of that data. It is crucial for digital assets and is used to categorize and describe various types of files, such as documents, videos, and audio files.
A Comprehensive Guide to Digital Curation: Tools and Techniques
Explore digital curation: key tools and techniques for preserving significant cultural assets.
What is Digital Asset Management?
A Digital Asset Management system is critical component of your organisation's tech stack. Explore the benefits of DAM, its use cases, and how it streamlines asset management.
The System Configuration page
The System Configuration Page is a feature in Moodle that can be accessed via the administration menu System category. It allows users to configure many system-wide properties, such as the default system language, timezone, and the appearance of the system.
Upgrading PHP versions
ResourceSpace has updated its PHP requirement to version 7.4 for its version 10.0 to maintain compatibility with the third-party file uploader library (Uppy) and to maintain security. The company has warned that PHP 7.
Signing all database PHP code
From version 10.0, any PHP code stored in the database and manipulated via the user interface must be signed using a command line utility. This is to prevent system compromise by a user that has gained administrator access.
The Digital Asset Management Buyer's Guide
In this guide we look at what DAM software actually is, the problems it solves and some questions to ask a vendor before making a buying decision.
Coding standards v2.1
The article provides coding standards for developers working on the ResourceSpace project. The standards cover various aspects of coding, including security, documentation, functionality, PHP version, MySQL strict mode, backward compatibility, file format, coding style, indentation, line length, control structures, function calls, function definitions, MySQL statements, readability of code blocks, returning early, and avoiding cross-site scripting vulnerabilities.
Resource tools
The article discusses the various resource tools available in the resource downloads area of the resource view page. These tools allow users to download, view, and request resource files, as well as perform actions such as adding to a collection or sharing.
Sharing resources
Resources and Resource Collections each offer a 'Share' option which allows them to be shared with other users, as well as with non-users of the system, to allow greater flexibility of use.
Creating users
This article provides a step-by-step guide on how to create a user account in a system. It explains that user accounts require user groups to be created first, as user permissions and configuration settings are managed in the groups.
Writing your own plugins
A plugin in ResourceSpace is a collection of PHP code, language files, graphics, CSS files and other related files that are structured to conform to the ResourceSpace plugin architecture. For deployment, the files that constitute a plugin are packaged together into a self-contained file called a ResourceSpace Plugin (.
Managing plugins
ResourceSpace is a digital asset management system that can be extended or modified using plugins. Plugins have a managed structure that makes it easy for third parties to write and for site administrators to maintain, even as function and bug fixes are applied to the base code.
Simple SAML
This plugin allows users to log on to ResourceSpace using a SAML compliant single sign-on (SSO) Identity Provider (IdP)
Installing on Windows Server
The article provides a step-by-step guide to installing ResourceSpace on Windows Server. The instructions include setting up the IIS Web Server role, installing Web Platform Installer to help with PHP and MySQL install, configuring php.
Wordpress_SSO
The Wordpress_SSO plugin enables users to log in to ResourceSpace using Wordpress single sign-on (SSO) Identity Provider (IdP). However, the plugin should only be enabled and configured by system administrators as it affects how users log in to ResourceSpace.
Configuring the database
This article provides instructions on how to configure a database for ResourceSpace, an open-source digital asset management system. The article explains how to create a new database and how to create dedicated users for ResourceSpace, which is a good security practice.
Query caching
Query caching is a technique that can be used to cache the results of selected queries to disk. This is useful where the same query is likely to be called a large number of times, for example, queries that are common across several pages and the same for large groups of users.
rsEncrypt()
Developer reference for function rsEncrypt()
command_line_only()
Description Check we're running on the command line, exit otherwise. Security feature for the scripts in /pages/tools/ Parameters This function accepts no parameters. Return void This article was last updated 13th March 2026 15:35 Europe/London time based on the source file dated 19th February 2026 15:50 Europe/London time.
check_filestore_browseability()
Description Check filestore folder browseability. For security reasons (e.g data breach) the filestore location shouldn't be indexed by the web server (in Apache2 - disable autoindex module) - status: An end user status of OK/FAIL - info: Any extra relevant information (aimed at end users) - filestore_url: ResourceSpace URL to the filestore location - index_disabled: PHP bool (used by code).
debug_track_vars()
Description Debug log tracked variables (as configured in System > System console). IMPORTANT: the debug log will contain the JSON encoded version of the tracked variable. For further analysis, just copy the value (ie.
parse_filename_extension()
Description Parse file name (can include path, although it's unnecessary) to prevent known security bypasses associated with extensions, such as: - Double extensions, e.g. .jpg.php - Null bytes, e.
TOTP (MFA via Google Authenticator)
The article introduces TOTP (Time-Based One-Time Password) as a plugin for enabling two-factor authentication (2FA) for selected user groups, adding an extra layer of security by requiring a temporary code along with the user's password.
Frequently Asked Questions (FAQs)
The most frequently asked questions about ResourceSpace, the free and open source Digital Asset Management system.
rsDecrypt()
Developer reference for function rsDecrypt()