Hi I just took over a drupal website from somebody's else but I am new to it. Here is my problem, I have a download link in a page for registered users only, but how do I redirect anonymous users to login form? I tried a few content access modules but no luck.

I have also found this code, which I put it at the beginning of the page. It redirects anonymous users to login page only once for some reason (entering the page for second time the content is shown). So I am quite confused about it at the moment and hope to seek some help from here.

<?php
// we have to access the content of the global-scope variable $user
global $user;

//Checking if the user is registered
if (in_array('authenticated user', $user->roles)==FALSE) {
header('Location:/user') ;
}
?>

Comments

alinouman’s picture

hook_init and see if it helps?

carloswong’s picture

I tried putting it in but no luck. Would you have an idea how to do it if I were to start to do it from scratch again?

alinouman’s picture

to restrict content to only particular role. And also look into rules module.

carloswong’s picture

the thing is I want to make a direct download link in one the of page not accessible to anonymous, so when they clicked on the link it will redirect them to login page. But the link its not generated on drupal, so it doesn't have a type or anything and drupal only have the options to change what has been generated in drupal. Thank you for your help again n sorry for my bad explanation.

drupestre’s picture

Hi carlos,

Trying to help you, could you be more precise on this following questions :

  • When you say "the link is not generated by drupal", could u tell us how it is generated ? Is it with wysiwyg editor ?
  • Do you think you could edit this download link ?

If you can edit the download link, you will be able to replace href value with a call to a php script.
Then in this php script, it will be easier to switch between download or redirect.

Hope it helps,

Benoit

--------------------------
Share & Bon Marché

carloswong’s picture

and yeah I will be able to edit the link, but as I am not very good with PHP so I am not sure how to covert it from html to PHP.
At the moment, the previous guy who made it have something like this in the Body.

<p>Welcome, here you can find the latest and useful downloadable content</p>
<p><a href="/sites/default/files/download/Catalogue_2013.pdf"><img alt="Catalogue Download" height="125" src="/sites/default/files/download/button/catalogue.jpg" style="float: left;" width="360"></a></p>

Thanks you so much for your help!

drupestre’s picture

Supposing it is Drupal 7, the best way is to handle private and public files.

The following solution is bad, and it is not a good practice, but it could help you to quickly reach your goal.

1. Edit the link and replace 'sites/default/files/download/Catalogue_2013.pdf' with 'sites/default/files/download/catalogue.php'
2. Edit catalogue.php file and try to insert the following lines (do not know if it really works, but it might help you):

<?php
    $drupal_directory
= "../../../../../"// where Drupal is - (to be updated)
   
chdir($drupal_directory);
 
    require_once
'./includes/bootstrap.inc';
   
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

//Checking if the user is registered
if (in_array('authenticated user', $user->roles)==FALSE) {
header('Location:/user') ;

}
else {

header("Content-Type: application/force-download; name=Catalogue_2013.pdf");
header("Content-Transfer-Encoding: binary");
header("Content-Length: $size");
header("Content-Disposition: attachment; filename=Catalogue_2013.pdf");
header("Expires: 0");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
readfile("Catalogue_2013.pdf");
exit();
}
?>

Hope it helps

EDIT :
In the php 'header' lines, the path to Catalogue_2013.pdf should be updated with your site.

Benoit

--------------------------
Share & Bon Marché

carloswong’s picture

I'll give it a go later on and let you know how I get on

carloswong’s picture

I tried setting the file permission to 755 or 777 but it still not letting me to access the file, the message "You don't have permission to access /sites/default/files/download/catalogue.php on this server." appears everytime I go to the link. Any idea how to fix that? Also this might be a stupid question, in your code $drupal_directory = "../../../../../" I am not quite sure what you mean by where Drupal is?

drupestre’s picture

Carlos,

  • In order to make download.php file executable, try to put the following lines in a .htaccess file in the sites/default/files/download directory

.htaccess

SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
<Files *.php>
Order Deny,Allow
Deny from all
</Files>
<Files catalogue.php>
SetHandler None
Order Deny,Allow
Allow from all
</Files>
Options None
Options +FollowSymLinks

As Jaypan wrote in the following comment, this is bypassing D7, and i do not recommend this quick workaround.

Hope it helps
Benoit

--------------------------
Share & Bon Marché

Jaypan’s picture

If you are working with file downloads in D7, and you want to set permissions on the files, you should be using Drupal's private file system, and implementing hook_file_download() and/or hook_file_download_access(). Bypassing Drupal's APIs is never a good idea.

Have a look at all of the file download hooks here: D7 file hooks

drupestre’s picture

I totally agree with you Jaypan, but i am not sure carloswon masters drupal hooks.
The way you explain using D7 file hooks, is clearly the best one.

Besides, I should have provided the links you are talking about.
++
Benoit.

--------------------------
Share & Bon Marché

BlackyWhoElse’s picture

Here an example of my download Module

<?php
function downloads_permission() {
  return array(
   
'download any version' => array(
     
'title' => t('Download any version'),
     
'description' => t('Allow the user to download any version.'),
    ),
   
'download current version' => array(
     
'title' => t('Download current version'),
     
'description' => t('Allow the user to download the current version.'),
    ),
  );
}

function

downloads_file_download($uri) {
  global
$user;
 
 
// Check if user is Annonymus
 
if($user->uid == 0){
     
drupal_goto('user');
      return -
1;
  }
  else{
    if(
user_access("download any version")){
      return array(
'Content-Type' => file_get_mimetype($uri));
    }
    else{
      if(
user_access("download current version")){
        return array(
'Content-Type' => file_get_mimetype($uri));
      }
    }
   
drupal_set_message('You havent the permissions to download this file.');
  }
}

?>

Until the server crashes you're doing it quite right

Jaypan’s picture

Nice example, but you should remove that call to drupal_goto().

BlackyWhoElse’s picture

Yeah was the quickest soulution in my head :D
In my Source code i just return -1

Until the server crashes you're doing it quite right