Announcement

**Floris** · Wed 26 Jan '05, 12:09pm

No, currently this is not possible. Nice suggestion though.
A user can only view all the attachments he or she uploaded to all the forums, through the user control panel > view attachments

**Dennis Olson** · Wed 26 Jan '05, 12:17pm

Also, is there a way to upload a file to the system without being associated with a message?

There are lots of FTP tools out there to push files up to the server. I have a directory (called "Mbrs_pics") where those kind of things are stored. They can then be referenced directly via a URL.

**Bacteria Man** · Thu 27 Jan '05, 8:47am

Thanks for your replies. I have a follow-up question.

My vB installation is configured (by default) to save attachments in the database. When stored in the file system, where in the directory hierarchy do files reside? Are they all lumped together or in individual folders? What's the naming convention?

**Dennis Olson** · Thu 27 Jan '05, 8:49am

They're all in one folder, the path of which you set in Options. The name is entirely arbitrary. Just make sure vB knows where it is...

**Steve Machol** · Thu 27 Jan '05, 8:56am

You need to specify the full path to a directory on the server that is chmod'd to 777. vB will then create subdirectories for attachments based on userids.

**Dennis Olson** · Thu 27 Jan '05, 8:58am

Really! Damn, I learn something new here every day. So all attachments are stored in subd's by userID?

**Steve Machol** · Thu 27 Jan '05, 9:04am

Yes. So attachments for user 1111, the directory will be:

.../attachments/1/1/1/1/

**Bacteria Man** · Thu 27 Jan '05, 10:40am

What prevents someone without the proper permissions of hot-linking a file? In other words, if they know the absolute URL?

**Dennis Olson** · Thu 27 Jan '05, 11:31am

Nothing.

**Steve Machol** · Thu 27 Jan '05, 6:33pm

Actually they would have to know the exact location of the attachment on the serveer and since all the uploaded files have an 'attach' extension, it would not be obvious what it is they are downloading.

However it is easy to stop even this. Just place your attachment directory above the root web directory and it will not be accessible from the web.

**Bacteria Man** · Thu 27 Jan '05, 9:41pm

Just place your attachment directory above the root web directory and it will not be accessible from the web.

That's a excellent point! I believe Apache (and probably most other web servers) can be configured to prevent hot linking as well.

Announcement

File Sharing

File Sharing

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment