[Plugin: WordPress Download Monitor] Request: Config File to Control

  • Seth Carstens

    (@sethcarstens)


    15 years ago

    Your plugin has a “browser” that is freakin awesome I must say first.
    However, this browser creates a security risk since it allows all my users to create downloads for existing files anywhere on the site.

    I’m hoping you consider my request for a config file, or some other way to control where the browser is allowed to browse. Even a ftp login info section so I can control via the FTP user where its starting directory is.

    I’m actually using WordPress MU, and also a multiblog wordpress configuration so dozens of people access the same wordpress install, and same wp-content folder. I’m hoping to point users and even admins of these blogs at there wp-content/blog.dir/blogname, and not allow them the option of changing the setting. Any ideas on how to make this come to life?

    https://www.ads-software.com/extend/plugins/download-monitor/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Mike

    (@jolley_small)

    Surly given FTP access they could find out about files on the server anyway; either by browsing or writing a php script like mine to do it.

    Theres currently no way to change the file browser root on a per user basis, but there is a way to control the upload directly through the hook:

    do_action('download_monitor_dlm_upload_dir', $pathdata)

    So you could write a function to hook in, and change the directory depending on the user uploading the file. FYI there is also a ‘dlm_upload_thumbnail_dir’ hook for thumbnails.

    However, I was under the impression that MU uploaded to the blog directories by default when using ‘wp_handle_upload’ (which is the function download monitor uses) – I may be wrong but you may want to check.

    Big trouble here…

    Please take a look at this asap – https://www.ads-software.com/support/topic/377842?replies=1 – as my downloads are all screwed redirecting registered users to the signup page instead of starting the file download.

    THanks!
    G

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘[Plugin: WordPress Download Monitor] Request: Config File to Control’ is closed to new replies.