mulllhausen's secure links

Mulllhausen’s Secure Links lets you control the users who can download secure files from your site. Each user sees a different download URL, which is an encrypted combination of the user’s ID and the file name. If one user copies their download URL and sends it to another user then this other user will not be able to access the secure file.

Initial Setup

When you first install this plugin you should go to the admin panel page (under the tools menu) and make sure that everything is securely configured.

Usage

Once you have securely configured everything then the following shortcode becomes available:

[mulll0 allowed_users="alice anderson,bob brown,charlie clarke"]filename.pdf[/mulll0]

This will allow alice, bob and charlie to acces file filename.pdf. Each will have a different URL link to the same file. But if any of them try to copy their URL link and give it to denis then denis will not be able to access file filename.pdf.

• Usernames that contain the comma (,) symbol will not work, since the comma is used as a separator between usernames.
• Full usernames must be used – partial usernames are not recognized. Usernames can be found in the WordPress Admin under “Users > All Users”.
• Make sure to type shortcodes in wordpress text-mode, not visual-mode, to avoid unwanted html entering the shortcode text and breaking it.
• This plugin only enables secure downloads for files placed in the secure-downloads directory. If you like you can use another plugin (eg WP Easy Uploader) to upload files directly to this location through your web-browser.
• File paths should not be included within the shortcode – only the file name (basename) is necessary.
• Usernames listed within the allowed_users attribute of the shortcode are case insensitive.
• Administrator level users are able to download all links by default.

• Make sure not to upload files that have spaces at the start or end of the filename since this plugin strips whitespace from the filename specified in the shortcode.
  TODOs

  • Enable the admin to change the secure URL via the plugin admin panel (requires sanitization)
  • Enable the admin to change the secure directory name via the plugin admin panel (requires sanitization)
  • Include a insert secure link icon above the wordpress editor. This would open a popup window where users and files could be selected. This would eliminate typos in manually written shortcodes.
  • Make a pretty banner image for the wordpress.org/plugins page.