Password for uploads

Help
aitor
2008-10-03
2013-05-17
  • aitor

    aitor - 2008-10-03

    Hi, I´d like to know which .php module do I need to modify in order to be able to upload files using a password.

    With the ordinary installation there is not any field in the upload page reserved for a password but I´ve seen in other implementations (such as this one http://consigna.ehu.es/index.php?action=upload&order=name&srt=yes\) this possibility.

    I also have troubles assigning permissions to the files, by default only the owner of the file has R/W permissions and I´d prefer to allow everybody to download the files clicking over the nave of the file, not just oiver the action icon.

    Thanks in advance
    Aitor

     
    • Claudio Klingler

      You have to modify the fun_up.php to implement this kind of password protection.

      However, i recommend to activate user login in the config file and set up one or more users that have the permissions to upload files. The disadvantage is, that as soon as you activate user login, unregistered access to the files is no longer possible.

       
    • Claudio Klingler

      Regarding the file permissions. The file permissions of new uploaded files depend on your user, group an umask settings of the webserver process. Changing the file permissions by quixplorer does only work correctly on unix servers.

       
    • aitor

      aitor - 2008-10-03

      Thank you very much for your quick answer Claudio.

      I appreciate your suggestion regarding the user login but the use I´m going to offer with your system is open. Is there any standard function and/or code lines to implement the pasword protection?

      My server es Linux so I assume that the file permissions will work, could I assign full permissions for every user uploading any file?

      Thanks
      Aitor

       
    • Claudio Klingler

      Which version of quixplorer do you use?

       
    • aitor

      aitor - 2008-10-03

      2.3

      Thx

       
    • Claudio Klingler

      This might be interesting for you: ;-)

      http://sourceforge.net/forum/forum.php?forum_id=873278

      Regarding the access permissions: i changed the download link in version 2.3.1 since the direct file download is quite unsecure and makes some problems. So if the user now clicks on the file, the download is initiated like he clicks on the button.

       
    • aitor

      aitor - 2008-10-06

      Thanks for your help, I´ve tried installing the new version. Now the problem with the download when clicking the name of the file is solved but the upload icon is shaded and I can´t try the upload process.

      The permissions in my php.ini are OK and I´ve included the line $GLOBALS["file_uploads"] = true; in the .conf/conf.php
      I´m using the line $GLOBALS["require_login"] = false so the access is open

      Bestr regards
      Aitor

       
      • Claudio Klingler

        Ensure, that you have the global permissions line in your conf.php:

        $GLOBALS["global_permissions"] = 0x0001;

        That allows unregistered users to read (download) the files.

        Additionally, you have to set up an registered user in the admin interface. Logon as admin, there is a login link in the footer line. Go to the admin interface and add a new user (e.g. name upload) with a password. Set up write access for this user. Now you can share this username and password to all people who are allowed to upload files. They have to logon before they can upload files using the login link, the given username and the password.

        I'm not a fan of doing the same thing in different ways. This is the reason why i prefer a registered user for uploading files with the (small) disadvantage, that everybody who wants to upload files has to login first.

        Guests  may download any files without registration.

         
    • aitor

      aitor - 2008-10-06

      It works!!!

      I´ll try to design a php function in order to allow uploading a password protected file and to download it only if the password is provided.

      Thank you very much
      Aitor - LYNTEL

       

Log in to post a comment.