Am I missing something??
I was under the impression that when using Front End File Management uploads the users had to be logged in, in order to see the files. Under "Categories" I have set the "Authorized FEU Groups" as needed.
Yes, the files will only show up on the page if the user is logged in. But, if the user happens to know the " [origfile_url] " they can easily access the file without being logged in? Is there a way around that? I only want the file to be view-able if the user is logged in.
- Thanks again!
----------------------------------------------
Cms Version: 1.11.10
Installed Modules:
CMSMailer: 5.2.2
FileManager: 1.4.4
MenuManager: 1.8.6
ModuleManager: 1.5.5
News: 2.14.2
Printing: 1.0.4
Search: 1.7.11
ThemeManager: 1.1.8
TinyMCE: 2.9.12
FCKeditorX: 1.1.0
CGExtensions: 1.44.5
NMS: 2.3.2
FrontEndUsers: 1.25.1
CustomContent: 1.10
Calendar: 0.8.2
Showtime: 3.4
CMSPrinting: 1.0.5
MicroTiny: 1.2.6
JQueryTools: 1.2.6
CGSimpleSmarty: 1.7.4
Products: 2.21
CGEcommerceBase: 1.5.2
Cart2: 1.1.3
FormBuilder: 0.8
Uploads: 1.18.5
SelfRegistration: 1.8.3
Captcha: 0.5.0
Config Information:
php_memory_limit:
process_whole_template:
max_upload_size: 128000000
url_rewriting: none
page_extension:
query_var: page
image_manipulation_prog: GD
auto_alias_content: true
locale:
default_encoding: utf-8
admin_encoding: utf-8
set_names: false
Php Information:
phpversion: 5.6.4
md5_function: On (True)
gd_version: 2
tempnam_function: On (True)
magic_quotes_runtime: Off (False)
E_STRICT: 2048
E_DEPRECATED: 0
memory_limit: 128M
max_execution_time: 60
output_buffering: 4096
safe_mode: Off (False)
file_uploads: On (True)
post_max_size: 8M
upload_max_filesize: 128M
session_save_path: No check because open basedir active
session_use_cookies: On (True)
xml_function: On (True)
xmlreader_class: On (True)
Server Information:
Server Api: cgi-fcgi
Server Db Type: MySQL (mysql)
Server Db Version: 5.0.95
Server Db Grants: Found a "GRANT ALL" statement that appears to be suitable
Server Time Diff: No filesystem time difference found
----------------------------------------------
Front End Uploads - View File
-
welsfordvfd
- Forum Members
- Posts: 20
- Joined: Tue Dec 16, 2014 4:48 pm
Re: Front End Uploads - View File
No. AFAIK what you describe is the designed behaviour.welsfordvfd wrote:Am I missing something??
See also
http://forum.cmsmadesimple.org/viewtopi ... s+download
http://forum.cmsmadesimple.org/viewtopi ... s+download
To copy System Information to the forum:
https://docs.cmsmadesimple.org/troubles ... nformation
CMS Made Simple Geekmoots attended:
Nottingham, UK 2012 | Ghent, Belgium 2015 | Leicester, UK 2016
https://docs.cmsmadesimple.org/troubles ... nformation
CMS Made Simple Geekmoots attended:
Nottingham, UK 2012 | Ghent, Belgium 2015 | Leicester, UK 2016
-
welsfordvfd
- Forum Members
- Posts: 20
- Joined: Tue Dec 16, 2014 4:48 pm
Re: Front End Uploads - View File
Alright, So ive added a .htaccess file to the directory which will now prevent outside people from accessing the files with a direct url.
Here is the .htaccess file I used:
- Is there a way the logged in users can "open" the files in the browser rather than having to download it first?
Here is the .htaccess file I used:
Code: Select all
Order Deny,Allow
Deny from all
Allow from 127.0.0.1Re: Front End Uploads - View File
I thought that was file-type and browser dependant, e.g. my Chrome opens PDF documents in the browser window.welsfordvfd wrote:- Is there a way the logged in users can "open" the files in the browser rather than having to download it first?
To copy System Information to the forum:
https://docs.cmsmadesimple.org/troubles ... nformation
CMS Made Simple Geekmoots attended:
Nottingham, UK 2012 | Ghent, Belgium 2015 | Leicester, UK 2016
https://docs.cmsmadesimple.org/troubles ... nformation
CMS Made Simple Geekmoots attended:
Nottingham, UK 2012 | Ghent, Belgium 2015 | Leicester, UK 2016
