This is a somewhat esoteric post but maybe useful to know, I saw this while working with the docmanager template, but it might apply in other cases where file downloads and therefore mfhandler.php (library included in phpr) are in use:
The list page in docmanager includes the "file" db-field (which stores the file name, path etc. in json), this is then blended out with CSS display:none.
I removed the file in my app, since I wanted to not have it in any way in the page/source.
This breaks then the call to mfhandler.php which handles file downloads, because it determines the user right to download a file here:
This check seems to depend whether the field "file" is on the page or not (lost some hair until I found that out...)
This might just be the way things are when using mfhandler for file downloads, but I wondered if there's already a way to use it without having the field "file" on the page at all (short of coding everything myself for the handling of the download).
The list page in docmanager includes the "file" db-field (which stores the file name, path etc. in json), this is then blended out with CSS display:none.
I removed the file in my app, since I wanted to not have it in any way in the page/source.
This breaks then the call to mfhandler.php which handles file downloads, because it determines the user right to download a file here:
if( !Security::userHasFieldPermissions( $table, $field, $pageType, $pageName, $requestAction == "POST" || postvalue("fkey") ) ) {
exit(0);
}This check seems to depend whether the field "file" is on the page or not (lost some hair until I found that out...)
This might just be the way things are when using mfhandler for file downloads, but I wondered if there's already a way to use it without having the field "file" on the page at all (short of coding everything myself for the handling of the download).