This forum is no longer open and is for reading/searching only.

Please use our new MachForm Community Forum instead.

MachForm Community Forums » MachForm 2

File Upload Directory Question....

Started 15 years ago by edparrott | 2 posts |


  1. edparrott
    Member

    Hi again, Folks! I am wondering if I can assign the File Upload Directory to a Directory outside of the root Machform Directory.

    The reason for this is that I use Machform for Job Applications for the company I work for.

    These job apps are then emailed to all of the field Superintendents.

    I would like to enable functionality to allow prospective Employee's to upload a resume', then have the Field Super click on the link in the email to retrieve the file - with out granting the Supers access to the Admin part of Machform.

    Soooo...... Would it be possible to create a directory outside of the Machform directory, then assign the upload files to go there?

    It would be easy enough then to protect that outside directory.

    Sorry for rambling so long here.

    Thank You for your help, and a Great App!!

    -Ed Parrott

    Posted 15 years ago #

  2. AMurray
    Pro Member

    It is possible, but creating the folder outside the root is not a function of Machform, you do this through your hosting company (an FTP client) or hosting CPanel etc.

    Additionally when you've done that you need to specify the path to that folder so Machform knows where to store the files.

    /** Data folder **/
    /** Folder settings for your CSS files and upload folder **/
    define('DATA_DIR', './yourfolder'); //CSS files folder
    define('UPLOAD_DIR', './yourfolder'); //for maximum security, set full path to any folder outside your document root.

    You might have to ask your host "how" to specify a folder above your public_html folder - outside the home directory for your webspace.

    Regarding other half of the question, it's not possible to have the "log on" function not work (e.g. as you have stated for your managers to view the job applications without the need to log on to the Admin area since the "view entries" (and download files) is really part of the "admin" functionality in this application.

    You could duplicate the relevant file(s) remove the "start_session();" (which is what checks the logged on status) and somehow get the email link to the file to reference the 'unprotected' version of the view-entries page.

    However, if someone were to learn the URL (other than the Super/Managers to the unprotected view-entries.php, they could just directly browse to that file, execute the script as normal and subsequently access the job application files.

    Posted 15 years ago #

RSS feed for this topic

Reply