[support] Restricting file download
Steve Karsch
steve at stevekarsch.com
Fri Mar 30 15:12:05 UTC 2012
You may want to take a look at this post regarding mixing public and
private download methods in Drupal 6:
http://www.drupalcoder.com/blog/mixing-private-and-public-downloads-in-drupal-6
Steve
On Fri, Mar 30, 2012 at 11:03 AM, Shérab
<Sebastien.Hinderer at ens-lyon.org> wrote:
> Dear all,
>
> I'm building a site on which certain files should be available for download:
> (1) only through https and
> (2) only for user with a given role.
>
> One possibility I see to achieve this is to
> (1) store the files outside of the documentroot and
> (2) writing a module that registers an URL such as download and takes a
> filename as argument.
> The module then should check that the connection was secure and that the
> user is logged in and has the specified role. It will then send the
> file.
>
> I'm wondering whether this approach seemsokay to you or whether there
> may be another more simple way to achieve that result.
>
> I'm aware that thee is the "private download" method in D6 but my
> understanding of this is that if it is enabled, then all the downloads
> will go through Drupal, e.g. css, javascripts, etc., which does not seem
> desirable to me and would anyway not be enough to implement what I'm
> looking for.
>
> Any advice or suggestion warmly welcome.
>
> Thanks !
> Sherab.
> --
> [ Drupal support list | http://lists.drupal.org/ ]
More information about the support
mailing list