Jump to content
Sign in to follow this  
swampmusic

PageFileSecure Problem With Protected Folders. Only Superuser now has access.

Recommended Posts

Having a problem with PageFileSecure. Everything was working before, but now it seems to be broken.

We have a specific template that creates a protected page with multiple image & document fields. On creation these pages successfully appear with "-" prefix under assets/files.

Registered & Logged In users used to be able to view the pages and download content on them.

Now only the superuser can.

I checked the permission and roles, and all these registered users still have the "login-register" role assigned to them.

I checked the permissions on the "login-register" role and they still have the page-view permissions assigned for the locked page template together with home ( required by default).

It's baffling. the .htaccess has not been touched or modified.

I am running under 3.0.98 but tried on latest and seeing same issue.

I am a bit lost with this one as to why only superuser account can do download and not the logged in as well :-(

Anybody and ideas ?

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By n0sleeves
      A company approached me wanting to convert their paper-based ways of collecting customer information into electronic. Reason being they want to instead use a tablet (in office) and have them fill out everything electronically in order to prevent readability / processing errors and also offer the ability to fill out on their website.
      The type of information such a company needs from their client is pretty intense and detailed. Customers are filling out multiple documents disclosing  personal information, not only about themselves, but also about the defendant - everything from vehicle registration, address / work history to personal identity to the fullest extent) - things like social security numbers, etc.  It seems there isn't a sensitive data question not being asked.  Not only that but they are also disclosing credit card info (for payment). It's pretty monumental in terms of data.
      I never accepted the project and said I'll look into what's possible but out of curiosity and being the curious type I am, I have already built a mobile-responsive / electronic version of their entire 200+ question form(s), complete with task completion status, page summary, auto-complete, validation, terms of service. It's damn beautiful but that was the easy. Even though I like getting my feet wet, I am wondering if I should continue or if it's even worth the headaches, not to mention the technical hurdles.
      The questions I am wondering are numerous (and for understandable reasons). I guess the top would be:
      I know all this data has to be encrypted and secured to the highest extent. I don't know what's involved or how deep it can get. I do know the risks and the laws governing storage of such sensitive data and also the penalties for the company if it gets stolen. So I'm hesitant to even take on this task for that reason alone; especially since I'm still very much a PHP / programming beginner (although devoted). I don't want to major f*** up

        I was thinking storage would be on the web host instead of some sort of in-office database? An online back-end would have to be created to retrieve information so that the company then could process it (they wanted it as a pdf). They need some way to retrieve the data.

        They need to be able to charge / have access to the  credit card again at a later date so integration with a payment processor needs to be implemented, correct? I am asking more what direction / route / study material I should look into (first steps) more than specific procedures because I understand it's very involved. If I can't tackle this now, I would like to learn so I can accomplish this in the future because building, integrating and deploying things of this nature is where I would like to go.
      Just curious on your thoughts.
      Thanks everyone
    • By raydale
      Hi, I was wondering whether there was an easy way to protect files so that they are only available to the page that links to them?
      For example: if I have a client page template and add a file field type to it, then create the page and attach a file - I would like to be able to secure that file so that it can only be accessed by the person viewing the page. This way I can create a secure page and file that can only be accessed by a client logging in and accessing their page.
×
×
  • Create New...