Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeGetting StartedGetting StartedNew to DNN Plat...New to DNN Plat...Casdcading Dropdown and displaying directory contentsCasdcading Dropdown and displaying directory contents
Previous
 
Next
New Post
11/1/2012 1:49 PM
 
Rick Zoerner

Joined: 6/29/2008
Posts: 4

I hope someone can give me some advice or at least point me in a direction to solve a very real business/security problem.

I'm working with DNN 6.02.03 - and I am just dipping my toes in the DNN waters - so please excuse my lack of even the most basic knowledge of where to go.

I have a set of files, both pdf and xls, that need to be made available to registered users ONLY for download. Our previous (and current) website uses a login screen that then passes the user to a page that contained links to the files stored in a directory. The problem is that the page with the links itself - and the directories containing them, are not password or login protected. So... anybody can login once and add the page to "favorites" and bypass the login in the future, or email a link directly to one of the files to an unregistered user and they can easily download the file. -- don't ask. I'm currently trying to move this website inside DNN but while I can visualize what I want to get, I don't really know how to get from here to there. Any help would be appreciated. These files contain extremely sensitive information and have to be better protected than that.

These files are for a group of maybe 50 major categories, each having the same 2 sub-categories, and each subcategory having maybe 5 files in them (current information and previous information) that are updated with new "current" files monthly.

I thought some module (I don't even know which would work best) in combination with an internal directory hierarchy (i.e each Cat1 having 2 subdirectories of subcat1 and subcat2). Then, a display of 3 drop-downs and 2 "download" buttons. When the user selects a Category in the first drop-down, the other two dropdowns auto-populate with the complete directory contents for their repective sub-directories - in reverse order of date (i.e. the "current" document becomes the default entry that displays, but the previous versions are also available via the drop-down). Then maintenance would be as simple as adding or deleting items to the directories and letting the module auto-gather them at execution. It would be even better if the first drop-down could auto-populate the categories alphabetically by reading the list of category directories - so maybe a three-tiered hierarchy with a "main" folder, "cat" subfolders, and then subcat folders under each of them.

Anybody have any ideas, guidance, direction, suggestions? This is critical and I need to get a resolution asap-est. Thanks in advance to everyone.

-Rick
 
New Post
4/4/2013 5:26 PM
 
rzoerner@cccparts.com


Joined: 8/27/2012
Posts: 2
I still need to address this issue - possibly with a custom written module. Does anyone have any ideas?

-Rick
 
New Post
4/5/2013 9:28 AM
 
ironm11


Joined: 3/5/2013
Posts: 29

I think you should solve at least part of your problem by implementing user roles. The roles approach provides great bit of control who can access what files. Lets say you have a role Clerk with some documents that need to be accessed only by the this role. So I would create a page listing those documents and restrict this page to be accessible only by Clerk group members. 
 
New Post
4/5/2013 9:37 AM
 
rzoerner@cccparts.com


Joined: 8/27/2012
Posts: 2

That's where I was originally headed, but my understanding of how DNN works is that it doesn't protect the documents themselves. We already have a web page that is login protected before you can get to links for downloading sensitive files - then we discovered Google had cheerfully managed to catalog the files themselves. Doing a search on Google would provide links directly to the files, bypassing our security. So, one of the things I need to achieve is storage in a database container of some kind, preferably encrypted, to avoid Google bypassing our security.

We'll certainly use user roles to control access to the DNN page, but I also need to know nobody can bypass DNN and access the files directly.

Thanks, - Rick
 
 Page 1 of 1
Previous
 
Next
HomeHomeGetting StartedGetting StartedNew to DNN Plat...New to DNN Plat...Casdcading Dropdown and displaying directory contentsCasdcading Dropdown and displaying directory contents


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out