Protected Node doesn't Protect Files

I thought I tested that and had it working. But I don't check on each iteration since pretty much all my installs make use of a public file system.

If you're a programmer, you can check:

(1) the protected_node_init() function calls protected_node_and_attachment() if the "page" being accessed is "system/files/%";

(2) The protected_node_and_attachment() function is where all the tests are done to know whether the user has entered a password to have access to that file;

(3) The protected_node_file_download() function which does the final check to know whether the file can be accessed; this function does not call drupal_goto(), it only verifies that the very file is currently accessible.

If the protected_node_and_attachment() returns FALSE, then the function goes through (no password asked). If the function returns an $nid, then a password is required.

The protected_node_file_download() returns an empty array() when the file can be accessed.

Note that in all cases, the Protected Node module requires the upload module to work right on this one. If the upload module is not currently installed, then it is assumed that none of the files are protected.

Thank you.
Alexis Wilke

Yes. I do not know for sure but I think that testing for the upload module is faster than testing whether a table exists in the database since the loaded module are already in memory whereas testing for a table existence requires a hit to the db.

I guess there should be a warning in the global settings and global website report...

Let me know whether it works for you once you installed the upload module.

Thank you.
Alexis

I will assume that the missing Upload module was the only culprit to this problem and mark the issue as fixed for now.

Thank you.
Alexis Wilke