? support-602602.patch
Index: support.admin.inc
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/support/support.admin.inc,v
retrieving revision 1.2.2.15
diff -u -p -r1.2.2.15 support.admin.inc
--- support.admin.inc	23 Dec 2009 18:55:32 -0000	1.2.2.15
+++ support.admin.inc	11 Feb 2010 09:11:09 -0000
@@ -420,6 +420,12 @@ function support_admin_settings() {
     '#description' => t('When enabled, the entire message subject will be used to match replies with the original tickets.  By default the subject will only be matched against other open tickets.'),
     '#default_value' => variable_get('support_thread_by_subject', 3),
   );
+  $form['mail']['support_store_files_privately'] = array(
+    '#title' => t('Private storage of attachments'),
+    '#type' => 'checkbox',
+    '#default_value' => variable_get('support_store_files_privately', FALSE),
+    '#description' => t('Check this box if you would like to store attachments privately.'),
+  );
 
   return system_settings_form($form);
 }
Index: support.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/support/support.module,v
retrieving revision 1.3.2.52
diff -u -p -r1.3.2.52 support.module
--- support.module	23 Dec 2009 18:55:32 -0000	1.3.2.52
+++ support.module	11 Feb 2010 09:11:10 -0000
@@ -1144,7 +1144,13 @@ function _support_save_attachments($atta
           $attachment->filename = 'noname';
         }
       }
-      $attachment->filepath = file_save_data($attachment->attachment, file_directory_path() .'/'. utf8_encode($attachment->filename));
+			if(variable_get('support_store_files_privately', FALSE) == TRUE) {
+      	$attachment->private = TRUE;
+      	$attachment->filepath = file_save_data($attachment->attachment, file_create_path( variable_get('private_upload_path', 'private')) .'/'. utf8_encode($attachment->filename), FILE_EXISTS_RENAME);
+      }
+      else {
+      	$attachment->filepath = file_save_data($attachment->attachment, file_directory_path() .'/'. utf8_encode($attachment->filename)); 
+      }
       if ($attachment->filepath) {
         watchdog('support', 'Saved %size byte %type attachment %file to %path.', array('%size' => number_format($attachment->bytes), '%type' => $attachment->filemime, '%file' => utf8_encode($attachment->filename), '%path' => $attachment->filepath), WATCHDOG_INFO);
         db_query("INSERT INTO {files} (uid, filename, filepath, filemime, filesize, status, timestamp) VALUES(%d, '%s', '%s', '%s', %d, %d, %d)", $account->uid, utf8_encode($attachment->filename), $attachment->filepath, $attachment->filemime, $attachment->bytes, 1, time());