Community Support Forums

Hi,

Thank you for a superb product.

My question regards protecting alternative folders for downloadable files (pdf's). I am using http://wpstorecart.com/ for a registration website and controling the registration process with s2Member, I don't need to use the shopping cart facility but the presentation of products looks good, and it works fine with the work-around I posted here: http://wpstorecart.com/forums/general-support-group1/mods-addons-integration-forum3/removing-shopping-cart-process-thread173/.

Unfortunatley, http://wpstorecart.com/ forces me to use their own download folder which is inside the /plugins directory. As the 'Store' is contained within a page http://wpstorecart.com/demo/ named STORE I can quite easily restrict access to it.

My questions are 1) How can I protect downloadable files in their download folder or 2) Is there any need to do this as I have protected the store page?

Any help greatly appreciated.

Damien

Hi Damien.

I think you can use this to change the download directory protected by s2Member. Create this directory and file

/wp-content/mu-plugins/s2hacks.php

Code: Select all

<?php
add_filter('ws_plugin__s2member_files_dir', 'my_files_directory');
function my_files_directory() {
    return '/server/path/to/other/download/directory';
}
?>

With the shop protected, though, it may not be needed to do anything else, but if you worry about users sharing the URLs to the files, then it's fine you try to protect them more.

I hope that helps.

Thanks Cristián,

Much appreciated and easier than using .htaccess, password and scramling the pdf title.

Another question for you - I'm using a 3rd party theme and the 'STORE' page is not a page bat rather a store.php file that is called by the index page.

The store.php is located at:- http://www.mydomain.com/server/path/to/ ... /store.php but the URL is:- http://www.mydomain.com/?page=store

In other words I do not have a Page id to enter in the page restrictions section. Is there any way I can protect the stroe page?

Thanks

If the page is being served by WordPress, then you can try using s2Member's URI Restrictions. WP Admin -> s2Member -> Restriction Options -> URI Restrictions

Once again Thanks Cristián,

The problem was down to my lack of understanding of URI fragments, once light dawned on my empty head everything worked fine, now its locked down tighter than a nun's virtue .

Just one final question and it is more from an aesthetics rather than a usablity perspetive. The template comes with a rather nice login/register page that obviously fits the theme. Is there a way to make this my 'Membership Options' page given that, like the 'STORE' page, it is a php file called by the template and not a wp-page? I have spent quite some time surfing the forum for any clues but I may be searching for the wrong thing

Many thanks for your assistance, it is very much appreciated.

Damien

lol Glad you managed to get the URI restriction working.

Hmm... The Membership Options Page can only be chosen from one of the pages you created in WordPress where s2Member is. That said, you could create a redirection with htaccess, or try another plugin that redirects pages, to the URL you want.

Cristián Lávaque wrote:Hi Damien.

I think you can use this to change the download directory protected by s2Member. Create this directory and file

/wp-content/mu-plugins/s2hacks.php

Code: Select all

<?php
add_filter('ws_plugin__s2member_files_dir', 'my_files_directory');
function my_files_directory() {
    return '/server/path/to/other/download/directory';
}
?>

With the shop protected, though, it may not be needed to do anything else, but if you worry about users sharing the URLs to the files, then it's fine you try to protect them more.

I hope that helps.

Hi, I don't know exactly what the URL should be?
If I have a http://mydomain.com/v1/memb1/contacts.php
What should I write first in: 'my_files_directory' ?
Should it be my: v1/memb1
And in the return '/also v1/memb1/?
Sorry I am lost.

PS,
My goal is to protect a non WP page that has the URL http://mydomain.com/v1/memb1/contacts.php

And if I understand the URI protection it should be: /v1/memb1/contacts.php

But I have tried to set that on level 0 on one of the "sub" blog in a multisite and it didn't work.
have tested to add the URI the "base" blog and it still is open for all to see.

Have I misunderstood that I could protect any .php page and or all material inside a folder if I protect for example /memb1/ in my example above?

Regards / Lars