[wp-trac] [WordPress Trac] #17255: Draft status for media files
WordPress Trac
wp-trac at lists.automattic.com
Wed Apr 27 16:28:28 UTC 2011
#17255: Draft status for media files
--------------------------+------------------------------
Reporter: jane | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Media | Version: 3.1
Severity: normal | Resolution:
Keywords: 2nd-opinion |
--------------------------+------------------------------
Comment (by johnbillion):
You could prevent a contributor from using draft media anywhere else by
rewriting the URLs and requiring that users be logged in to view the file.
For example:
`example.com/draft-media/my-uploaded-file.png` is actually a rewritten URL
that points to a handler script (eg `example.com/wp-admin/draft-media-
handler.php?file=my-uploaded-file.png`) that checks if the user has the
correct capabilities to view the file. It serves the file if they have,
and serves a 403 if not.
This way the actual file URL is never exposed (draft media could be stored
in a hashed directory as nacin suggests) and sharing the draft media URL
has limited consequences (only logged in users can see it).
The same system could be used to give media items a private status.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/17255#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list