Hi Steviebabes,
In answer to your questions:
- Where are the PDF’s Stored?
They are stored in a folder in the invoice king pro plugin folder
- Are they accessible to anyone?
Yes, if someone knows the path on the server and the filenames then you can view that via the url in a browser
- How soon can they be removed from the server after being created?
Technically, as soon as the PDF is viewed or emailed since the plugin generated the PDF’s at the time of request however currently they aren’t being removed at all.
- How secure is the WordPress User database?
This isn’t a question regarding the plugin. Loosely answering this, the passwords are encrypted prior to being stored
Just putting it out there now, this plugin was not intended to be used for high security, top secret information scenarios. Just a way to allow freelancers to generate invoices quickly and easily. With that said, theres nothing stopping this from being built upon to give you additional functionality. Personally however, if the information is really that important to keep secure then using a free wordpress plugin (and the wordpress framework itself) shouldn’t be the path you take, I would be custom building something like that.
With that aside, things like deleting the PDF from the server after its either viewed or emailed is a great idea as it would also benefit saving space on the server so I will definitely add that to the list of future features.
After that, where they are stored then becomes irrelevant. The accessibility then also becomes irrelevant as there wont be anything to access HOWEVER…
You’re concerned about security of the users database. At the end of the day, if someone wants your data, they will hack the server itself, not the “site”, so I would suggest your main efforts should be used on the security further down the line. Whether the PDF is there or not, the data that would create that PDF is still in the database.
As the security side of this isn’t really part of what the plugin is built to do, I can only make suggestions, but thats as far as this can go.
Hope that helps