Forums

WordPress › Support » Plugins and Hacks

[Plugin: WordPress Download Monitor] Request: Config File to Control (3 posts)

  1. sethmatics
    Member
    Posted 2 years ago #

    Your plugin has a "browser" that is freakin awesome I must say first.
    However, this browser creates a security risk since it allows all my users to create downloads for existing files anywhere on the site.

    I'm hoping you consider my request for a config file, or some other way to control where the browser is allowed to browse. Even a ftp login info section so I can control via the FTP user where its starting directory is.

    I'm actually using WordPress MU, and also a multiblog wordpress configuration so dozens of people access the same wordpress install, and same wp-content folder. I'm hoping to point users and even admins of these blogs at there wp-content/blog.dir/blogname, and not allow them the option of changing the setting. Any ideas on how to make this come to life?

    http://wordpress.org/extend/plugins/download-monitor/

  2. Mike
    Member
    Posted 2 years ago #

    Surly given FTP access they could find out about files on the server anyway; either by browsing or writing a php script like mine to do it.

    Theres currently no way to change the file browser root on a per user basis, but there is a way to control the upload directly through the hook:

    do_action('download_monitor_dlm_upload_dir', $pathdata)

    So you could write a function to hook in, and change the directory depending on the user uploading the file. FYI there is also a 'dlm_upload_thumbnail_dir' hook for thumbnails.

    However, I was under the impression that MU uploaded to the blog directories by default when using 'wp_handle_upload' (which is the function download monitor uses) - I may be wrong but you may want to check.

  3. GabrieleIT
    Member
    Posted 2 years ago #

    Big trouble here...

    Please take a look at this asap - http://wordpress.org/support/topic/377842?replies=1 - as my downloads are all screwed redirecting registered users to the signup page instead of starting the file download.

    THanks!
    G

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags