I successfully installed attachement_fu but I still have one question: How can I protect my uploaded files from being downloaded like http://127.0.0.1:3000/images/galleries/0000/0001/1.jpg I only what logged in users to download images? Thanx. -- Jochen K. gissmoh.de, figgfrosch.de, ror-ror.de
on 2007-07-10 19:48
on 2007-07-10 20:15
jochen kaechelin wrote: > > > This has been asked a few times in the past (though I don't have links handy) but basically: 1. You'll need to save files to a non-public directory (I've done this with file_column but I expect it's possible also with attachment_fu) 2. Add a controller action that will use send_file to send the file to the browser 3. Add a before_filter to make sure that the user is logged in. Cheers, Mohit. 7/11/2007 | 12:13 AM.
on 2007-07-11 04:57
On Jul 10, 8:47 am, jochen kaechelin <email@example.com> wrote: > > -- > Jochen K. > gissmoh.de, figgfrosch.de, ror-ror.de google for "protected download" or "secure download" or authenticated, etc http://www.bencurtis.com/archives/2006/11/serving-... http://robertrevans.com/article/files-outside-publ... http://www.rorsecurity.info/2007/03/27/working-wit...
on 2007-07-11 05:03
You might also be interested in this discussion: http://groups.google.com/group/WellRailed/browse_t... Cheers, Walter
on 2007-07-11 05:05
Correction. send_data and not send_file. -Pratik On 7/10/07, Mohit S. <firstname.lastname@example.org> wrote: > > > 3. Add a before_filter to make sure that the user is logged in. > > Cheers, > Mohit. > 7/11/2007 | 12:13 AM. > > > > > > -- http://m.onkey.org
on 2007-07-11 08:29
Pratik wrote: > Correction. send_data and not send_file. > > -Pratik > Thanks! Of course, that's what I meant :-P Cheers, Mohit. 7/11/2007 | 12:28 PM.