Thanks to all, I'll pass this along to my friend from the MMUG.
-James Edmunds
New Iberia, LA
----- Original Message -----
From: Mark Drew <[EMAIL PROTECTED]>
Date: Fri, 6 Aug 2004 19:52:18 +0200
Subject: Re: Passing info to IIS or Apache
To: CF-Talk <[EMAIL PROTECTED]>
The above solutions is how we did a HR application.. you dont want
people guessing your user's CV' names (markdrew.doc) and getting
people's info!
We moved all the uploads to a non visible folder and did something like:
<cfif SESSION.isAuth>
<cfcontent file="c:\Inetpub\uploadedCVS\#docname#" type="application/msword">
</cfif>
The docname of course was stored in a db and it is never seen as it is
changed on upload..
Hope that helps (same as above really but it worked for us)
MD
On Fri, 6 Aug 2004 10:28:34 -0700, Dick Applebaum <[EMAIL PROTECTED]> wrote:
> cfcontent can address files that are outside of the webroot, as such
> they are not directly accessible with a url.
>
> HTH
>
> Dick
>
>
>
> On Aug 6, 2004, at 10:11 AM, James Edmunds wrote:
>
> > Actually, the issue is that he doesn't want anyone to be able to have
> > access to the material that is sitting in directory that he would like
> > to have password protected.
> >
> > Will CFCONTENT load a file that is in a password-protected directory
> > or folder? Or does it have a way of passing the needed username and
> > password?
> >
> > In other words, if the URL for, say, a certain bit of content is, say:
> > /domain.com/content/group1/content.pdf or even
> > /domain.com/content/group1/photo10.jpg, he doesn't want that to be
> > viewable by anyone using just that URL (who has at that point not gone
> > through CF). He himself wants to be able to call pass the URL and
> > call it and load it into the bottom pane of a frameset, where it will
> > display whether PDF, JPG, HTM, CFM, etc.
> >
> > So, he wants things blocked to anyone who doesn't visit through his
> > pages. If CFCONTENT can either pass the username and password or
> > somehow otherwise subvert them, it will work; otherwise, I'm not sure
> > that it will help.
> >
> > Thanks for your thoughts!
> >
> > -James Edmunds
> > New Iberia, LA
> >
> > ----- Original Message -----
> > From: Dick Applebaum <[EMAIL PROTECTED]>
> > Date: Fri, 6 Aug 2004 08:19:46 -0700
> > Subject: Re: Passing info to IIS or Apache
> > To: CF-Talk <[EMAIL PROTECTED]>
> >
> > If I understand correctly, you want to force users to go through CF to
> > get certain site pages.
> >
> > If so, cfcontent will handle that nicely.
> >
> > HTH
> >
> > Dick
> >
> > On Aug 5, 2004, at 10:24 PM, James Edmunds wrote:
> >
> > > At a Show-and-Tell session of our Macromedia User Group last night,
> > > one of the members showed a site he was working on that would
> > gather a
> > > large amount of information about the craft of blacksmithing,
> > > categorized in various ways, with the content ultimately being
> > served
> > > out in the form of a URL that will show in the bottom pane of a
> > > frameset....cfm, htm, PDF, jpg, gif, whatever.
> > >
> > > One topic that was discussed was whether ColdFusion had a feature
> > that
> > > would help with this issue: since all of the content ultimately
> > can be
> > > accessed through loading a URL, how could he protect it? It was
> > > suggested that if the application.cfm file could contain the
> > username
> > > and password for an IIS or Apache protected folder where all the
> > > content material is stored in sub-folders, then the material would
> > be
> > > loaded normally into the browser when called through his pages, but
> > > the content material would not load when the URL of a specific
> > piece
> > > of content was pointed too without going through .cfm and therefore
> > > the application.cfm template.
> > >
> > > The question that none of us had the answer to was, can this be
> > done
> > > in ColdFusion? Can you pass the username and password that
> > protects a
> > > sub-directory out to Apache or IIS, so that material in that
> > > sub-directory is loaded if called through CF but won't load with
> > just
> > > the address in the browser? Thanks in advance for any ideas!
> > >________________________________
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
