Hi Horace,
naw_securedl creates a link for each download with a hash which is valid for a
limited period of time. If you have the link, you can download the file until
the link expires. If you make sure only users who are logged in can get the
links, then only they can download the files. IIRC, you can set the expiration
time in the EM settings for the extension (look for the setting which is
cryptically called 'cachetimeadd').
Of course, if they would send the link to someone else by email, that person can
download the file (until the link expires), but they could also send them the
file itself....
Hth,
Loek
On 10-06-13 23:31, horace grant wrote:
On Mon, Jun 10, 2013 at 11:00 PM, <jean-sebastien_gerv...@ssss.gouv.qc.ca>wrote:
Greetings Horace,
naw_sercuredl does restrict access to files (with proper apache configs)
to authentifacted users only, be it front end users or back end users.
yes, i know. but i can download the files even if i am not logged into the
frontend or backend.
what could be the reason for this?
i have also added an .htaccess file into the "secured" directory but i
guess this is only for preventing using the direct link to the file. i has
nothing to do with the naw_securedl links?
cheers,
horace
_______________________________________________
TYPO3-english mailing list
TYPO3-english@lists.typo3.org
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-english
