| View previous topic :: View next topic |
| Author |
Message |
Web888
Lurker
Joined: 15 Mar 2006
Posts: 8
|
 Posted: Wed Mar 15, 2006 4:02 am Post subject: Newbie's question regarding D-Man |
 |
|
Hi!
I want to purchase D-Man for creating my own download system. But I have some questions regarding this program and since I can't find Documentation I decide to ask them here.
In first, I describe what I want. The system must have ability to create user accounts instantly without any type of authentification. The mail with generated password (the login will be the e-mail address of user) must sended instantly when Administrator creates the user account and set permissions for download some file(s). When User receives this mail he can instantly go to login page and after succesful login instantly download file(s).
I want to setup timely permissions on User accounts (suppose the account will be valid only during 3 days). I don't want allowing to user did anything else - not changing password, not uploading files, not retreiving info. Only login and receive files.
Can D-Man solve this issues for me? Please, help me. |
|
| Back to top |
|
 |
Dan
Admin / Developer
Joined: 19 Feb 2001
Posts: 2057
|
| Posted: Wed Mar 15, 2006 12:13 pm Post subject: |
|
|
With a tweak or two, you can make it so users can create accounts without requiring email verification and admin validation.
Using the email address as the username would require changing a few sections in the code to check the appropriate database field...
When the admin creates an account (no verification required there, obviously), the option is there to add the authorizations at the same time, and the next screen provides a link directly to the email form to send the user their account information.
Expiring authorizations are not built-in by default (requires a fairly complex cronjob setup), but you can accomplish sort of the same thing by adding a time limit check to the login routines. In your case, you would look for an Add Date on the account less than 3 days old.
See this thread:
http://abledesign.com/forum/viewtopic.php?t=439
Does that answer your questions sufficiently?
Cheers,
Dan |
|
| Back to top |
|
|
Web888
Lurker
Joined: 15 Mar 2006
Posts: 8
|
| Posted: Wed Mar 15, 2006 1:00 pm Post subject: |
|
|
Dan,
thank You for quick response!
I want to myself to create accounts and ban this ability for users: only admin can create account and instantly activate it without any verification - is this possible?
And how I can disable other unnessary in my case user functionalities - changing pass, uploading files, retrieving info and so on?
Another question - what type of program I must buy - with plugins or not? |
|
| Back to top |
|
|
Dan
Admin / Developer
Joined: 19 Feb 2001
Posts: 2057
|
| Posted: Wed Mar 15, 2006 1:15 pm Post subject: |
|
|
Yes, admin creation of accounts is always immediate and does not require any email verfication on the user's part.
The online settable config options allow you to turn off users' ability to create accounts themselves and upload files. I'm not sure why you would want to disable the changing of passwords, but it could be done by simply disabling access to those routines in the code. Ditto for viewing/changing their account info.
The basic D-Man program covers everything you've asked about. The plugins are for generating registration licenses and automatic payment processing for immediate access to the downloads.
Cheers,
Dan |
|
| Back to top |
|
|
Web888
Lurker
Joined: 15 Mar 2006
Posts: 8
|
| Posted: Thu Mar 16, 2006 2:52 am Post subject: |
|
|
Dan,
New questions (because I can't find any docs):
Can D-Man ban direct http access to files? Is the program have ability to make "force" download the files (not opening in the browser window)? Have the program ability to hide link to file when it is downloaded by user?
And I send You PM with another issue. |
|
| Back to top |
|
|
Dan
Admin / Developer
Joined: 19 Feb 2001
Posts: 2057
|
| Posted: Thu Mar 16, 2006 9:51 am Post subject: |
|
|
| Quote: | | Can D-Man ban direct http access to files? |
If I understand the question directly, yes, that is the default behavior. As long as you follow the recommended installation setup of placing the downloads folder outside the web root, there's no way to access it directly via http.
| Quote: | | Is the program have ability to make "force" download the files (not opening in the browser window)? |
Yes and no. You can set which file types should be downloaded directly and which should be opened in the browser, but "forcing" it is a different matter, as every OS and browser has a slightly different way of interpreting the directions. 
| Quote: | | Have the program ability to hide link to file when it is downloaded by user? |
Doesn't matter, since all the user gets is a dynamic page request (by download id#) within D-Man that passes through the file from the server. The page is password protected within D-Man, so the only way to get to it is to be logged in.
Cheers,
Dan |
|
| Back to top |
|
|
Web888
Lurker
Joined: 15 Mar 2006
Posts: 8
|
| Posted: Thu Mar 16, 2006 9:58 am Post subject: |
|
|
Dan,
would the program makes "forced" downloads to .jpg files at least in IE, Opera and FireFox on WinXP?
And What You think about PM that I send You today? |
|
| Back to top |
|
|
Dan
Admin / Developer
Joined: 19 Feb 2001
Posts: 2057
|
| Posted: Thu Mar 16, 2006 10:06 am Post subject: |
|
|
| Quote: | | would the program makes "forced" downloads to .jpg files at least in IE, Opera and FireFox on WinXP? |
Doubtful, since all browsers will be set to handle .jpg's, which will make overriding the behavior very inconsistent at best.
| Quote: | | And What You think about PM that I send You today? |
I'm looking it over... It's actually the first I've heard of the security threat. I'll go ahead and post it for everyone to see, as I'm undecided if/how it's even an issue.
http://www.securitylab.ru/vulnerability/source/243385.php
Note that the only way the provided example can be abused is by the admin, which makes no sense to me. If the site admin is placing malicious html on visitors' sites, there would be lots of other ways to do so besides passing it into a variable, and you've got much larger worries if that's their intent.
Cheers,
Dan |
|
| Back to top |
|
|
Web888
Lurker
Joined: 15 Mar 2006
Posts: 8
|
| Posted: Fri Mar 17, 2006 2:19 am Post subject: |
|
|
Dan,
can You make 1 small .jpg file available to download through online Demo of D-man (with p/l guest/guest), please. This will be very helpful for me |
|
| Back to top |
|
|
Dan
Admin / Developer
Joined: 19 Feb 2001
Posts: 2057
|
| Posted: Fri Mar 17, 2006 12:30 pm Post subject: |
|
|
Are you wanting to test just the viewing of a jpg via the download manager or an attempted forced download? Normally, a grahpic download would just open in a new browser window. The best way to force the download is to zip the file(s) up, which will work pretty much 100% of the time.
Cheers,
Dan |
|
| Back to top |
|
|
Web888
Lurker
Joined: 15 Mar 2006
Posts: 8
|
| Posted: Mon Apr 10, 2006 2:59 am Post subject: |
|
|
Dan,
I have an issue with the program.
I made subdirectories in downloads folder to keep files in more logical way. But when I want to create "Download" I can't choose files from subdirectories of downloads folder - only from root of downloads folder.
What I'm made wrong? |
|
| Back to top |
|
|
Dan
Admin / Developer
Joined: 19 Feb 2001
Posts: 2057
|
| Posted: Mon Apr 10, 2006 3:07 am Post subject: |
|
|
Sounds like a permissions issue on the subdirectories. Try chmod'ing them to 0777 or 0666 and see if that works any better.
Cheers,
Dan |
|
| Back to top |
|
|
Web888
Lurker
Joined: 15 Mar 2006
Posts: 8
|
| Posted: Mon Apr 10, 2006 3:15 am Post subject: |
|
|
Thank You!
It's works! |
|
| Back to top |
|
|
Web888
Lurker
Joined: 15 Mar 2006
Posts: 8
|
| Posted: Wed Apr 19, 2006 2:23 am Post subject: |
|
|
Dan,
I again send You a PM with my questions - please, help me |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
