Shared and Secure Docs

If you are using Multisite, you most certainly can set up an additional site and have multiple users access it while restricting it from unregistered users.

I’d recommend a new sub-site. The docs folder would be on your server’s file system in /wp-content/blogs.dir/{blog_id} Off the top of my head, that URL isn’t reachable (could be wrong though). Personally, I prefer Word change control.

Hope this helps!

Thanks Dan – that certainly helps!

I looked at the directory structure and it’s something like:
/wp-content/blogs.dir/nn/files/yyyy/mm/(docs)
nn is the sub-site number

Do I stick some .htaccess thing in the appropriate sub-site folder? Down below that, the year and month are going to change all the time.

Still stuck I’m afraid.

I created a new sub-site and had some fun trying to get it to recognise document types (solved by installing the PJW mime config plugin). Some docs now uploaded, but can’t get .htaccess and .htpasswd to work. I’ve uploaded them to the files folder within the path: /www/wp-content/blogs.dir/17/files/ – 17 is the sub-site I just created.

The .htaccess file contains the line: AuthUserFile /www/wp-content/blogs.dir/17/files/.htpasswd

When I display a page on the new sub-site and click the link to an uploaded doc, I can see it without being prompted for a userid and password.

Anyone get me straight?

Look at how Boone did it with this plugin:
https://teleogistic.net/code/buddypress/buddypress-docs/

It’s buddypress specific but you may be able to adapt it to your needs.

Thanks Andrea – I looked at your link but couldn’t see an obvious answer to my problem. I think it’s just my lack of technical expertise in using .htaccess/.htpasswd that is the issue. Either I’ve got the syntax wrong or some higher level WP .htaccess is overriding my stuff.

To recap, I’ve tried various AuthUserFile paths:
(a) /www/wp-content/blogs.dir/17/files/.htpasswd
(b) /vhost/vhost8/s/o/u/soutarwriters.co.uk/www/wp-content/blogs.dir/17/files/.htpasswd (as returned by path.php)
(c) /www/drafts/files/.htpasswd (drafts is the sub-site name)
(d) as above, but placing .htaccess/.htpasswd in folders 17, files, 2011 and 05 and using the appropriate path.

The other syntax in .htaccess seems ok, viz:
AuthType Basic
AuthName “Soutar Writers Drafts”
Require valid-user

The .htpasswd syntax is just username:encrypted password, obtained from https://www.4webhelp.net/us/password.php

All of these variants fail to produce a username/password prompt dialogue box when I try to access docs in the 05 folder.

Can some .htaccess expert spot what I’m doing wrong?

THe link above actually didn’t use the htaccess method at all. ??

Andrea – I’m sure you’re right about the link, but the plugin seems to require buddypress. If I adapt it, I need to acquire the technical expertise to find out what it is doing, plus some php and js skills I don’t have. My earlier posts made the disclaimer that I’m an idiot.

Any simple solutions for simpletons out there?

Not really because it’s a complicated thing. Let’s try a different tactic….

What if they didn’t upload the doc, what if they copy/pasted the data into a post, and then you used a user-role plugin (like Members or something) to manage permissions for people to view and comment on that page?

Thanks Ipstenu – that looks very promising. I’ve already set up the sub-site with all the permitted users identified as contributors. Browsing through readme.html, the Private Blog component of Members should hide all content until a user logs in. I could define appropriate capabilities for contributor (and administrator) roles. Hopefully users could still upload their docs (as well as copy shorter texts into posts) as the doc links wouldn’t show to unregistered people. If I can avoid htaccess I’ll be pleased as my competence is low! I’ll install the plugin, do some tests and report back.