make private download method support css/js aggregation, color module and js translations

This is a bug, and I don't see why we shouldn't fix it in D6. You are just ranting uselessly.

we tested and successfully applied this patch to a 3000+ user community - everything looks good so far!

thanks a lot!

I applied the patch to a Drupal 6.14-page. css and js folders in misc/dynamic get created and the files are loaded. The layout of the page still looks the same and the date-picker jquery feature still works. Looks good, thanks alot :)

Created the misc/dynamic folder as suggested. Had to change it's permissions to 777, and press 'Clear cache' - after this patches worked as they should - css and js are aggregated. Thanks a lot!

Still, is it a good idea to leave 777 on the misc/dynamic folder?

I've tested it the following way:

chmod 755 dynamic
clear cache
- no css aggregation files

chmod 775 dynamic
clear cache
- no css aggregation files

chmod 777 dynamic
clear cache
- aggregation files appear

Maybe there are some config changes that I should make to assign the 'webserver' user to some group?

Regards,
Danila

if the directory is owned by the webserver, you can chmod 755.

because file and directory perms are in relation to a user / group, saying simply "777" or "775" is not meaningful until you also specify what user and group they relate to.

and where do we create those directorie(s) (misc/dynamic) exactly?

I just want to confirm that this is a drupal core patch (not a module) and that I should be in my drupal root, for both the patch and the new dir path.

I would like to use it for a 6.14 system I am setting up.

Thanks again for the patch :toast:

reverting issue title

that sounds like a core patch to me =)

thanks

subscribe

Subscribe

subscribe

Confirming that this works nicely on Pressflow 6.15 also.

FYI, I made a slight change from 'misc/dynamic' -> conf_path() . '/dynamic' for better support of upgrades and multi-site.

whoops, didnt mean to change status, although I would love to see this in D6, and tend to agree with Damien that it is a bug with a bubble gum solution at the present.

subscribing

This patch looks interesting. I have a couple of questions.

1. If this patch is applied and used on a site that is using the public download method will it be ok or will it cause problems?

2. Does this patch then eliminate the performance hit that many posts suggest is inherent with the private download method?

3. Is it sufficient to just apply this patch and switch to private download method or is it important to consider other private file modules?

Thanks in advance,

Izzy

@arhak, thanks for the answers.

In reference to gmap, it appears that there is a solution for gmap markers involving setting the path to another directory and one could use /misc as this patch does. http://drupal.org/node/402260 http://drupal.org/node/352273#comment-1174871

Izzy

Is this patch planned for being included in D6?

I can't seem to run this patch from #27 on my unix host because of the "(unix)" in the file name especially the brackets part of the file name. Foolishly I uploaded it as it is named and now I cannot remove it. #$#%&#&?

The SSH error is: -bash: syntax error near unexpected token `('

Thanks

I also came across the xsend module http://drupal.org/project/xsend which appears very interesting.

I am sorry to be cross-posting but I have been wondering what happens to css and js optimization under that module and started an issue http://drupal.org/node/691122

I appreciate the discussions in this thread and I am still struggling to understand the simplest way to enable private file handling in Drupal that is efficient and user friendly. While also developing an understanding of how Drupal 7 is approaching it.

I must admit I am finding it quite challenging to understand all the issues private v. public entails and have not found a good summary. I imagine this is because of the work people are still doing in these areas and I appreciate the work and discussions.

Thanks,

Izzy

@arhak Thanks so much for the detailed answer.

It leads me to the question of using the core hack in this thread in conjunction with the xsend module or if using the core hack removes the need for the xsend module?

Here is the #34 patch ported to D6.16

subscribe

subsribe

@#39 works like a charm! Thank you!

So, isn't this patch be intended to be officially applied in the D6 branch?

Thanks. I finally had the opportunity to test out private file systems with this patch. I applied the patch in #39 on Drupal 6.16 without any difficulties and it works great.

Izzy

Hum, I tried it against 6.17 and although it applied the patch, and the options were enabled, CSS and JS files weren't being optimised.
Anyone else has tested on 6.17?

Attaching patch against 6.17

So, patch againts 6.19 :D

If anyone has issues, remember to create the folder!!!
drupal/misc/dynamic

and make sure your server has write access. (If you are on a shared account, you might just need to create it, write access comes by default)

@jm.federico Thanks for re-rolling the patch for 6.19 The only issue I noticed was that the patch does not apply from the Drupal root directory. It applies when the patch is placed in a folder higher up that itself contains the folder \drupal-6.19

@izmeez: I missed that, re-rolling.

Well, several other modules need a patch too, to be compatible with it.
I maintain a patch for CSS Tidy and one for Chaos Tools but I don't know where is the best place to share them.

sorry im really new to this i dont understand nothing of what you say..
When i try to download the patch it brings me a page of code. I dont know what to do with it..
Could you explain me how to do?

@soundcooker

A patch file IS code. Save it to your Drupal directory. Instructions for using patches are here: http://drupal.org/patch/apply

@soundcooker

A patch file IS code. Save it to your Drupal directory. Instructions for using patches are here:

http://drupal.org/patch/apply

Guys, back here agin

I gave up on using this patch (patching core gave me headaches, updating core was a nightmare, too many installations), and moved to using what http://drupal.org/project/private_download does. More info on where it comes from here:

http://www.drupalcoder.com/story/406-mixing-private-and-public-downloads...

I chose the DIY approach, this is more or less the same as the article, but note that you do not need to implement hook_menu:

All you need (using apache)

Select your private folder and put this inside the .htaccess

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteBase /system/files/YOURFOLDERNAME
  RewriteRule ^(.*)$ $1 [L,R=301]
</IfModule>

Implement hook_file_download() on your own module. Depending on your needs you can make it fancier.
In my case all my files are being uploaded using a modules that use Drupal File API (like cck file field), and all the files are meant to be downloaded, I can then send better headers:

/**
 * Implementation of hook_file_download().
 */
function your_module_name_file_download($ffilepathile) {
  if ($file = db_fetch_object(db_query("SELECT * FROM {files} WHERE filepath = '%s'", file_create_path($filepath)))) {
    // Check access
    if (user_access('THE PERMISSION GOES HERE')) {
      $headers[] = 'Content-Description: File Transfer';
      $headers[] = 'Content-type: ' . $file->filemime;
      $headers[] = 'Content-Disposition: attachment; filename="'. $file->filename .'"';
      $headers[] = 'Content-Transfer-Encoding: binary';
      $headers[] = 'Cache-Control: must-revalidate, post-check=0, pre-check=0';
      $headers[] = 'Expires: 0';
      $headers[] = 'Pragma: public';
      $headers[] = 'Content-Length: '. $file->filesize;
      return $headers;
    }
    else {
      return -1;
    }
  }
}

And all without one single core patch.

Credit to Davy Van Den Bremt http://www.davyvandenbremt.be/

Cheers

Subscribing to this issue. For my Intranet site, I have 32 stylesheets, and I'll need to use this patch to allow aggregation (for performance reasons as well!).

subscribe.

Subscribing for future reference. Not really sure I want to be patching core, but I do have a couple of D6 sites using private filesystems and css/js aggregation may become highly desirable as traffic builds. I'm also running multisite so would much prefer that aggregated files reside in the relevant /sites/xxx directory rather than under core. Hm.

Anybody have an updated patch for 6.20 yet? Haven't had time to roll one myself.

Patch updated and tested in production against 6.20.

Again, warning/suggestion from #52:
If anyone has issues, remember to create the folder: drupalroot/misc/dynamic

In case this helps, these are the steps I did to change from public to private files on an existing 6.19 drupal install using the ie_css_optimizer module, with gmap installed and running under IIS7.

1. Put the Website in maintenance mode
2. Backup the database and take a snapshot backup of the server
3. Disable CSS/JS optimization on the 'Performance' page.
4. Create a new directory sites/misc/dynamic and make writeable
5. GMap marker javascript did not seem to like being in sites/misc/dynamic directory so I gave it its own /sites/default/misc/js
6. Copy gmap_marker.js from sites/default/files/js to sites/default/misc/js
7. Add and enable module ie_css_optimizer
8. Enable CSS/JS optimization on the 'Performance' page (once files set to private this option will not be changeable without temporarily changing back to public files)
9. Apply patches (see above)
10. Move sites/default/files outside of webroot, eg: to E:inetpub/files
11. Go to admin/settings/file-system and set file system path to '../../files. and 'Download Method' to private
12. If you go to the gmap settings page, admin/settings/gmap, you will now see a new field into which you put the path for the new gmap directory you created in step 6. Save this and then click on 'Regenerate'
13. You now must logon to mysql as root or privileged user and update the file settings for links to files by running these separate SQL statements:
* UPDATE files SET filepath = REPLACE(filepath,'sites/default/files','../../files');
* UPDATE node_revisions SET body = REPLACE(body,'/sites/default/files','/system/files');
* UPDATE node_revisions SET teaser = REPLACE(teaser,'/sites/default/files','/system/files');
* UPDATE boxes SET body = REPLACE(body,'/sites/default/files','/system/files');
14. If your logo and favicon were uploaded then you will need to copy them on the server to the default logo and favicon and set the theme to use the default
15. Flush caches
16. Confirm new 'css' and 'js' folders have been created under sites/misc/dynamic
17. Test site (and make sure unpublished document may not be directly accessed by anonymous users) and if all seems OK, put back online.

I got a question on #68 step 13. I have two site running on drupal 6, both is private. one is default and another is the domain name. How do update sql? Or can i skip this step?

The steps in #68 are only if you are moving from Public to Private, step 13 in particular. So you can skip step 13 if your sites were always set to private.

If they have been running under the Public setting and you are switching to Private the sites are probably running on two separate databases, in which case you could simply run the SQL queries in both databases, if they are running on a shared database (not common in my experience) you would need to be very familiar with the tables in the database before running the queries, you may have to adapt them to your local configuration.

Some time ago I created a module that does basically 2 things: allows including 3rd party libraries, like Zend Framework easily and enables dynamically generated CSS and JS while using private download mode. It is all done through Drupal hooks, so no core patch is required and should work in any environment. The only thing to consider is that you'll need some .htaccess files to disallow access to private files in the download folder.

Just thought someone may need this, so I shared it here.

#72 work with Nginx X-Sendfile. http://groups.drupal.org/node/130134
NICE, no more hacking core... :)

#72 - Thank you very much - This works perfectly, please release as a module.

How does the module in #72 compare with http://drupal.org/project/advagg

Here is the patch against Drupal 6.22

Remember to create drupal/misc/dynamic with write access for the apache user

(cf. #572516-52: make private download method support css/js aggregation, color module and js translations)

z7Tools maybe an acceptable bandaid to some, but I think crippled private upload functionality is an oversight in D6.

There is great interest to have that patch being part of D6 core. It is the only patch that I routinely apply to core on a number of active websites EVERY time there is a core update. Very annoying.

Are there any objections as to why it should not be accepted into D6? Earlier statement ("Drupal requirements state that private download method "is incompatible" with those features") is not cutting it for me. Requirements cannot have "shall not support" statements.

The patch works fine for about 12 months on 3 active websites, it makes a combination of very desirable features useful, while breaking absolutely nothing (very nicely done 100% backward-compatible code).

I agree, this was one of the more annoying facts re: D6. I finally decided to go another route and turn on public file download but make some subdirectories private by using apache mod_rewrite to rewrite access to the private URL to go via the 'system/files' directory.

The details for implementing this method may be found
@ http://www.drupalcoder.com/blog/mixing-private-and-public-downloads-in-d...
@ http://drupal.org/node/189239
@ http://success.grownupgeek.com/index.php/2010/11/23/drupal-change-from-p...

Now we don't need to worry about running patches or not having JS/CSS caching. And we have the added benefit that non private files have a much faster access time because Drupal does not need to be fully boot-strapped for each file download as before.

Please do not ask for this functionality. D6 stays as it it, D7 has this functionality. There are solutions that do not require patching core.

See comment #78 for more info

Marking as won't fix.