Posted by thet0olman on May 14, 2009 at 4:24pm
Jump to:
| Project: | Ubercart Marketplace |
| Version: | 5.x-1.x-dev |
| Component: | Code |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
Issue Summary
Can the part that removes the file for "security issues" be easily removed by me? In my site the edit node will probably be pushed frequently and for larger file products its very inefficient to repeatedly re-upload the file every time you need to edit the node.
All what is the security issue for which this was implemented for?
Comments
#1
Remove the two (I believe) instances of this in mp_file.module:
mp_file_clear_filefield($fid, $file_path);drupal_set_message(t('The file was attached to product. For security reasons, it has now been hidden from the product edit form.'));
The security issue is not a severe one and mostly has to do with the fact that I did not want sellers to be able to control the files (see early issues for discussion).
#2
Looks like this was addressed in #1.
#3
Automatically closed -- issue fixed for 2 weeks with no activity.