• Recent
  • Tags
  • Popular
  • Register
  • Login
WPFTS Pro Main Site WPFTS Community Forum
  • Recent
  • Tags
  • Popular
  • Register
  • Login
Get WPFTS Pro today with 25% discount!

Protect attachment file from downloading (without plugins)?

Scheduled Pinned Locked Moved Recipes and Known Solutions
1 Posts 1 Posters 728 Views 1 Watching
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • E Offline
    EpsilonAdmin
    last edited by EpsilonAdmin 11 May 2020, 11:56 5 Nov 2020, 10:53

    Well, lots of WPFTS Pro users asked: how we can prevent open/download attachment (PDF, DOCX) files from non-authorized users? They want files to be found by their content and then shown in search results. But when the non-authorized user trying to open this file, he should be redirected to the special page where he can log in or buy access, etc.

    The solution is pretty simple and only contains a dozen lines of PHP code.

    The idea is to show "attachment page" links instead of direct links to files in search results (you can get this using the respective checkbox in WPFTS Settings). And then replace this attachment page with the simple script which is checking user rights and make a proper action: whether redirection to the "login page" or outputs the file data without disclosing the actual file path.

    First, we need to find the single-attachment.php file in the root of your current theme (or better, child theme).

    In case the file does not exist, we need to create an empty one.

    Next step, we should put the code in this file like this:

    <?php
    
    global $post;  // Current post (attachment)
    
    // Check user rights
    // Note: this piece can be different depending on the user access management plugin which you're using
    $is_allowed = false;
    if (is_user_logged_in()) {
        // User is logged in
        $user = wp_get_current_user();
    
        // Check the user rights
        if (in_array('customer', $user->roles) || in_array('administrator', $user->roles)) {
            // User is a customer or admin
            $is_allowed = true;
        }
    }
    
    if ($is_allowed) {
        // Output file data
        $fn = get_attached_file($post->ID);
    	
        if (is_file($fn) && file_exists($fn)) {
            $mime = mime_content_type($fn);
    
            header('Content-Type: '.$mime);
            
            //header('Content-Disposition: attachment; filename="'.basename($fn).'"');	// Download
            header('Content-Disposition: inline; filename="'.basename($fn).'"');	// Open inline
    
            readfile($fn); // Passthrou the file data
        } else {
            // File error
            header('HTTP/1.0 404 Not Found');
            header('Content-Type: text/plain');
    
            echo 'This file is not available. Please check the link.';
        }
    			
    } else {
        // Show "not enough rights" message or redirect to the proper page
    
        // Case 1: Show the message
        //header('Content-Type: text/plain');
        //echo 'Not enough rights to download this file. Please log in and ensure that you have proper license.';
        
        // Case 2: Redirect to the "payment page" or "login page", whatever you need
        header('Location: /wp-login.php&redirect_to='.urlencode($_SERVER['REQUEST_URI']));
    }
    exit();
     
    

    This is a sample code, which means that you need to change some pieces for your exact website.

    Hope it's understood. If you have questions - ask below. Thanks!

    https://e-wm.org

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post

    Suggested Topics

    • E

      [Solved] The files excerpt is not visible in Scientia Theme

      Watching Ignoring Scheduled Pinned Locked Moved Recipes and Known Solutions
      1 7 Oct 2022, 15:15
      7 Oct 2022, 15:15
      0 Votes
      1 Posts
      476 Views
      No one has replied
    • E

      [Solved] Search PDF by content in Real3D FlipBook Plugin

      Watching Ignoring Scheduled Pinned Locked Moved Recipes and Known Solutions search pdf real3d flipbook pdfviewer
      1 20 Nov 2020, 11:30
      20 Nov 2020, 11:30
      0 Votes
      1 Posts
      982 Views
      No one has replied
    • E

      How to search coupons by description in WP Coupons and Deals plugin

      Watching Ignoring Scheduled Pinned Locked Moved Recipes and Known Solutions wpcd coupons deals
      1 3 Nov 2020, 01:38
      3 Nov 2020, 01:38
      0 Votes
      1 Posts
      705 Views
      No one has replied
    • E

      How to search file by content when using PDFViewer plugin

      Watching Ignoring Scheduled Pinned Locked Moved Recipes and Known Solutions embedded pdf embedpdf pdfviewer search pdf
      1 29 Oct 2020, 09:00
      29 Oct 2020, 09:00
      0 Votes
      1 Posts
      724 Views
      No one has replied
    • E

      [Solved] Files not shown in TemplateToaster theme search results

      Watching Ignoring Scheduled Pinned Locked Moved Recipes and Known Solutions templatetoaster theme search
      1 23 Jul 2020, 21:17
      23 Jul 2020, 21:17
      0 Votes
      1 Posts
      699 Views
      No one has replied

    Additional Resources

    • My Account
    • Buy WPFTS Pro
    • Community Forum
    • Affiliate Program
    • Privacy Policy
    • Terms & Conditions
    • Contact Us
    • Coupon Partner

    Be the first to read the news!

    We are always improving our products, adding new functions and fixes. Subscribe now to be the first to get the updates and stay informed about our sales! We are not spammy. Seriously.

    Join Us Now!

    We are a professional IT-team. Many of us have been working in a Web IT field for more than 10 years. Our advanced experience of software development has been employed in the creation of the WordPress FullText Search plugin. All solutions implemented into the plugin have been used for 5 or more years in over 60 different web-projects.

    We are looking forward to your comments, requests and suggestions in relation to the current plugin and future updates.

    ewm-logo-450

    The forum powered by NodeBB | Contributors