I assume this is a bug? or at least an oversight.
Our Client has reported that their customers are able to download a file from a Joomla Article (Type > Field> Uploads) that is supposed to be a members only download.
They are using the file link as generated in the web page, however the link points to the file in the uploads folder directly.
I can only assume that there can be no protection on the actual file, as there is no php proxy script checking ACL authority, and then getting and downloading the file.
So how do I protect files in Cobalt ?
Cheers,
Pete
Problem
Announcement
Conversation
Idea
Praise
Question
Open
I assume this is a bug? or at least an oversight.
Our Client has reported that their customers are able to download a file from a Joomla Article (Type > Field> Uploads) that is supposed to be a members only download.
They are using the file link as generated in the web page, however the link points to the file in the uploads folder directly.
I can only assume that there can be no protection on the actual file, as there is no php proxy script checking ACL authority, and then getting and downloading the file.
So how do I protect files in Cobalt ?
Cheers, Pete