Hi
(sorry for my english)
I buy CkFINDER (ASP)
Everything work fine.
But I wonder if their have a simple way to block none register pepole to upload file with their web browser? If a persone know the URL of a file, He can download this file without CKFinder.
Is their a way simple to integrate a web.config file with your code in the folder where is the file?
Thanks for your time!
(sorry for my english)
I buy CkFINDER (ASP)
Everything work fine.
But I wonder if their have a simple way to block none register pepole to upload file with their web browser? If a persone know the URL of a file, He can download this file without CKFinder.
Is their a way simple to integrate a web.config file with your code in the folder where is the file?
Thanks for your time!
Re: secure file form uploading by URL browser
You talk both about uploads and downloads.
Do you want to restrict uploads so only registered users are able to add their files to the server?
This is done adjusting the value returned in CheckAuthentication() in the config.asp file. If you return false for non-registered users, they won't be able to use any of the features of CKFinder.
It's also possible to let them use CKFinder but using the accessControl array not allowing them to change anything, but this is a little more advanced question and usually not required.
If you want to avoid non-registered users to getting access to the uploaded files, then the answer is a little more complicated. You can configure the baseDir setting to a location that it's not accessible directly. I'm not sure what will happen if you try to leave then the baseUrl setting empty or an empty string, this is not something that we usually test as the best answer to protect the content is to disallow anonymous access for the server and require something like Basic authentication, so if they don't provide the user and password, the server itself takes care of restricting any access and they won't be able to download anything.
Hope this helps.