Upload path for user profile files

Este hilo está resuelto. Aquí tiene una descripción del problema y la solución.

Problem:

Is there a way to specify a custom file upload path or file name prefix for these fields so that I can protect those files as they are sensitive in nature and shouldn't be able to be found and accessed by the public?

Solution:

There isn't such kind of built-in feature within Toolset plugins, you will need to consider custom codes, for example:

https://toolset.com/forums/topic/upload-path-for-user-profile-files/#post-1302729

Relevant Documentation:

https://developer.wordpress.org/reference/hooks/upload_dir/

https://codex.wordpress.org/Plugin_API/Filter_Reference/wp_handle_upload_prefilter

This support ticket is created hace 5 años, 4 meses. There's a good chance that you are reading advice that it now obsolete.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

Hoy no hay técnicos de soporte disponibles en el foro Juego de herramientas. Siéntase libre de enviar sus tiques y les daremos trámite tan pronto como estemos disponibles en línea. Gracias por su comprensión.

Sun	Mon	Tue	Wed	Thu	Fri	Sat
-	9:00 – 13:00	9:00 – 13:00	9:00 – 13:00	9:00 – 13:00	9:00 – 13:00	-
-	14:00 – 18:00	14:00 – 18:00	14:00 – 18:00	14:00 – 18:00	14:00 – 18:00	-

Supporter timezone: Asia/Hong_Kong (GMT+08:00)

Etiquetado: Setting up custom fields, Types plugin

Este tema contiene 4 respuestas, tiene 2 mensajes.

Última actualización por frederikeM hace 5 años, 4 meses.

Asistido por: Luo Yang.

Autor

Mensajes

julio 29, 2019 at 7:35 am #1302609

frederikeM

Hi, I am looking into how to build a membership website (using MemberPress) which has a user profile section where users can upload documents which only the user and the admin should be able to see and edit. Is there a way to specify a custom file upload path or file name prefix for these fields so that I can protect those files as they are sensitive in nature and shouldn't be able to be found and accessed by the public?
Thanks,
Frederike

julio 29, 2019 at 7:52 am #1302657

Luo Yang

Dear Frederike,

There isn't such a built-in feature within Toolset plugins, since those fields are created by MemberPress plugin, I suggest you contact with MemberPress support for it:
enlace oculto

julio 29, 2019 at 8:05 am #1302675

frederikeM

Hi Luo,

the file upload fields would be created with Toolset Types. MemberPress doesn't support file upload fields and would be only used for managing the membership signup, renewals etc.

I am hoping to create the following 2 sections that the members can edit when they login to the website:

1- A page with their documents (these are certifications etc) that the admin can then view to make sure the users are qualified to be members of the website, as it is only for people who are qualified / professionals in their field. This is the section where the documents cannot be publicly accessible

2 - A user directory, so that the user can create a post for their profile and then we can display it publicly, with a search function etc.

I think #2 is not an issue with Toolset Types, but I am just unsure about #1 and whether those user files would be publicly viewable.

Thanks,
Frederike

julio 29, 2019 at 8:58 am #1302729

Luo Yang

For the original question of this thread:
Is there a way to specify a custom file upload path or file name prefix for these fields ...

There isn't such kind of built-in feature within Toolset plugins, you will need to consider custom codes, for example, you can change the upload path with WordPress built-in filter hook: upload_dir
https://developer.wordpress.org/reference/hooks/upload_dir/

Or add file name prefix with filter hook "wp_handle_upload_prefilter":
https://codex.wordpress.org/Plugin_API/Filter_Reference/wp_handle_upload_prefilter

For the new question:
but I am just unsure about #1 and whether those user files would be publicly viewable.

Yes, by default, all uploaded file to WordPress website are publicly view-able, I don't think Toolset plugins can protect those static files from guest, if they know file URLs.

julio 31, 2019 at 3:05 am #1304547

frederikeM

Thank you, that is helpful and I will investigate further.