Goal of this documentation
Your Drupal 6 site has a Public file system but you have files which require access rules. This is the Public/Private File system conundrum. The following tutorial demonstrates how to solve this problem using the Private Download module.
- There shouldn't be a private folder in sites/default/files/
$ ls -al sites/default/files
- If your Drupal code is found in www.example.com/drupal then you're in a sub-directory. If this is the case, set the base_url in settings.php to represent this.
Install and enable Private Download
Check Private Download settings
- If you're in a sub-directory check the RewriteBase rule and prepend your directory name to it if it isn't there already:
- No other changes should be necessary. Save configuration.
Check the "private" directory
$ ls -al sites/default/files/private
- The directory should contain an .htaccess file
Set up access permissions
- Specify which Roles can access private files by allowing that role to "access private download directory."
- Of course, you can create your own roles (admin/user/roles).
- Save permissions
Configure CCK FileField
- Add a CCK FileField to a content type, call them myFile and myContentType, respectively.
- When configuring myFile go to Path settings > File path and specify the private directory. Any files uploaded through this field will end up in the "private" directory.
Confirm Private Download is functioning as expected
- Create a myContentType and upload a file to myFile, we will use test_download.txt as an example. Save.
- Left click on test_download.txt, it should download (or open in browser).
- Right click on test_download.txt > Copy Link Location
- Logout of your website
- Clear your browser's cache and download history
- Open a new browser tab and try either of these URL's (both should produce an "Access denied" error:
Note: The second URL should be re-written to the first in the browser.