Forum
Secure Member Downloads, Broken Thumbnail in Assets unless Logged In as Member
Here is the problem. I have a secure resource bucket, when a new asset is uploaded to the secure bucket, the thumbnail in the admin panel is a broken image unless the admin is also logged into members app. Without logging in to members app the asset thumbnail is broken, but login as a member and refresh assets and the thumbnail is no longer broken.
Here is the bucket.php
<?php
return array(
'secure' => array(
'web_path' => '/members/download.php?file=',
'file_path' => '/path/to/sites/secure', // <= of course my path is different
),
);
?>
The assets are correctly uploaded, and if a member is logged in they download just fine. There is no problem with the secure asset, there is just a problem with the thumbnails for secure assets. Secure assets use the default download.php script which ships with members app.
download.php
<?php
include('../perch/runtime.php');
// config
$bucket_name = 'secure';
$url_param = 'file';
// By default, deny downloads unless we've proved the member is allowed this file.
$allow_download = false;
// Check a member is logged in
if (perch_member_logged_in()) {
$allow_download = true;
}
/*
Alternatively, you could check for a specific tag, e.g.
if (perch_member_has_tag('subscriber')) {
$allow_download = true;
}
*/
// Deliver the file.
if ($allow_download) {
perch_members_secure_download(perch_get($url_param), $bucket_name);
}
exit;
?>
If I modify the download script like this:
// Check a member is logged in
if (perch_member_logged_in() || PerchSession::is_set('userID')) { // <= added PerchSession check
$allow_download = true;
}
then the asset thumbnail shows correctly.
What am I missing here?
RK
I imagine the issue is the headers set for the download.
perch_members_secure_download()
attempts to force download rather than display.