In regards unauthorized access, one work-around that I've built in the past was the following: In a typical CMS, most managed file content is abstracted into an ID based folder and file structure; these ID's are stored in the database along with a "friendly" name. When a user wants access to the file and desires that then name not be 100327.pdf but instead be more like 2007_Golfball_Inventory.pdf, I simply duplicate the file to a known fixed location with the name change applied (no worries about cfcontent or mimetypes). Then either at the request or session level or in most cases as a CF Scheduled Task I purge the transfer location after the file has been served. That way if someone were to bookmark the file path, it would no longer be available (after a set interval) unless they accessed via the original method.
Darin Kohles ------------------------------------------------------------- Annual Sponsor FigLeaf Software - http://www.figleaf.com To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
