Request to review unblocking of module Fileshare

Several people expressed interest in fixing the module fileshare, and they have been given access to the project. When their work is finished, a review will be done. If the review is positive, the module may be republished.

You can still access the module from CVS, see the handbook for details if necessary.

--
The Manual | Troubleshooting FAQ | Tips for posting | How to report a security issue.

I use it for a repository of files and no one else has permission to upload so I hope that means it is still relatively safe.

The layout of the folders and files has been great I would really hate to start looking for another way to do this as easily as this one. Took me awhile to find this solution.

I also hoped to use this module for minutes of meetings on our Intranet when it moves into Drupal.

To those working on it , thank you and I hope you solve the issues.

Hi,

I am about to create a 120 page Intranet and intend on using fileshare because its a great module which allows one to create sub folders and upload and edit without having to go into the edit view. It would be a shame to see this module disappear.

The client's main purpose is to use the intranet for attachments/documents. I have looked at other file/ upload modules but nothing really compares in terms of funcitonality and simplicity.

Does anyone know of a good substitute that allows subfolder creation or should I just continue to use fileshare.

Being an Intranet we're not really worried about the security issues, just more concerned with reliability esp when we start getting a lot of attahcments.

Also in private mode on an IIS server, when clicking on an attachment we get th error about failing to return and incomplete set of http headers? Is there a patch for this or should we just run apache?

Lastly, perhaps not a fiar question for the developer of this module as he/she hasnt resloved the issue yet, but if i continue to use fileshare now , would i be able to the upgraded version (if this occurs) without having to rebuild everything?

thanks very much,
Ivo
Perth, Australia

I've spent 2 days testing files systems (even 3rd party options) and the deeper I dig..... the more everything points to the fileshare.module.

Can anyone recommend a file system solution with these 2 pieces of functionality?
1. Create folders
2. Make those folders only visible by authenticated users/profiles (within a role)

EXAMPLE: Image 2 directories (labeled username1 and usernamer2). When Username2 logs in, she can only see the directory "username2" with all the directories and docs within that folder (and not the "username1" folder).

Thank you for any help or pointing me in the right direction.

- regards

Please keep this great module alive!

and hoping for a fix, its a great module!

Not sure why this module was pulled with no discussion and without any real attempt at analysing how this could be fixed.

Here is something to get the communities conspiracy theory juices flowing. Am I the only one that suspects it is this anything to do with the launch of Acquia.

From my (somewhat limited) understanding, this module should only pose a security threat if you allow anyone other than a trusted admin permission to create a fileshare.

If no-one is allowed to create a fileshare, then they will not be able to access any folder not already authorized.

Who has an opinion on this?

I've made an attempt to get the project fixed. I changed the code in HEAD:
http://cvs.drupal.org/viewvc.py/drupal/contributions/modules/fileshare/

I guess I'll contact the security team and see if it's sufficient to get the project back online. Then I'll port the changes to the 5.x and maybe 4.7.x or 6.x...

Thanks, Jamie.

I'm using this module on drupal v 5 and hopefully this will be translated to version 6.

Thanks

"The most important gift we can give the world's children is the gift most likely to lead to future peace and prosperity - and that is the gift of a good education."
Laura Bush - First Lady
http://sunflowermission.org

I've been thinking about just re-creating fileshare as a new module with some changes. Perhaps not as a module that creates a new node each time, but as one that can just attach the directory browsing functionality to any node... Don't know if the drupal team would allow that, but what do you all think? I suppose it would have to have a new name... Thoughts?

Jamie.