Hi
First post! I was hoping I could get through Elgg without having to make one!
I've spent a good 5hrs this evening trying to get to grips with restricting File uploads to Admins only. I managed to find the "Gatekeeper" workaround for creating pages, but I'm not having any joy with the files.
I need the facility to be able to stop users uploading files of any description and for this facility just to be made available to the admin. I'm not too fussed about it looking pretty and removing the upload / zip boxes - I just need to stop them from actually doing it.
Hope somebody can take the time to help me, My Elgg installation depends on this and I've come so far, this is my last issue before I can go live.
Thanks in advance,
Maritn
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
quikNderty = mod\file\actions\file\upload.php
And you can use the function elgg_is_admin_logged_in() to check if the user is an admin
;-oO Matt.. we're 1/2 the time crossing tee hee.. hope (aint dozed & that) he realizesi merely gave really Quick N Dirty Solution - not *the proper way ! Sounded 2 2 deperate;P soo..
Hi
I'm afraid I'm still having no joy with this. Not sure If I've misunderstood what I need to do.
I tried adding a admin_gatekeeper() line into the upload.php but this stopped me from uploading any files, even when logged in as the administrator.
Do you reckon you could spot me a step by step for me to follow to stop standard users from uploading files. Apologies - not a coder.
Cheers,
M
nope ;-) the answers are all above ;-P
but if you wanna post here :-
* exact fully qualified name of the php script file you are editing and
* the exact code that's causing you grief..
someone cud probably spot the problems quickish
++ What version of Elgg ?
Hi, don't know what you mean by "fully qualifed" but
I'm editing
xx\mod\file\actions\file\upload.php, as below - using
Release - 1.8.8, Version - 2012071100
forward($file->getURL());
}
yew did post the qualified filename ;-P
but
you did not post the badd code !;(
anyways - if you change this file to
<?php
admin_gatekeeper();
/**
* Elgg file uploader/edit action
* @package ElggFile
*/
// Get variables
should block any non-Admin from executing a file-upload;
although other will still see the 'upload a new..' button.
or you can do it without modifying the action file
thanks matt, that helped me too. :)
Another easier option is create a plugin hook for the 'file/upload' action and return false, if the current user is not an admin.
Single problem, multiple options, selection is yours. :)
- Previous
- 1
- 2
- Next
You must log in to post replies.