• Login
  • Register

DNN Forums

A community discussion page. We're starting from scratch, so...let's get the party started!

best module for anonymous users to upload

You are not authorized to post a reply.
Sort:


New Member


Posts:18
New Member

    what are the best options available for a module that will allow anonymous users to upload files?

     

    i don't think it's possible with form n list, maybe a repository module would suffice if permission was taken away for users to download? - and they just had upload facility?



    Advanced Member


    Posts:246
    Advanced Member

      I think you can use the DAM (digital asset manager) that is shipped by default. It has a permissions tab which enables you to grat permissions to certain roles.
      Having said that: the file manager is getting rebuilt. DNN 9.7 will have the most part of the new DAM on board. It is already available as RC so that would be a great start to test if it servers your purpose. The current DAM will be deprecated in the next major release, I believe.
      Tjep's digital agencyRegards,
      Tycho de Waard

      Tjep's digital agency
      We just love DNN
      https://www.tjeps.com


      New Member


      Posts:18
      New Member

        Posted By Tycho de Waard (SU) on 31 Jul 2020 07:49 AM
        I think you can use the DAM (digital asset manager) that is shipped by default. It has a permissions tab which enables you to grat permissions to certain roles.

        If you have to grant permissions - then roles i'm not sure this will work for us because we want the public to upload files (like application forms) without logging in.

        We don't want users logging in to upload. Our site got hacked a few weeks ago (on version 7.4.2 DNN) and we no longer want end users to be able to login to our CMS (for security reasons). We think hackers might have found a way in via registereing as a user, so that's why we don't want users to register for anything on our site.

        we are now on DNN 9.6.1

         

         

         

         

         



        Basic Member


        Posts:45
        Basic Member

          Action Form with the File Management Add-In works well. It's a form generator, not a file uploader, but it has the ability to upload files. You would create the small form that uploads files yourself. After that, you can continue to use the form generator for many other tasks.



          Advanced Member


          Posts:246
          Advanced Member

            Posted By sypa on 31 Jul 2020 08:19 AM
            Posted By Tycho de Waard (SU) on 31 Jul 2020 07:49 AM
            I think you can use the DAM (digital asset manager) that is shipped by default. It has a permissions tab which enables you to grat permissions to certain roles.

            If you have to grant permissions - then roles i'm not sure this will work for us because we want the public to upload files (like application forms) without logging in.

            We don't want users logging in to upload. Our site got hacked a few weeks ago (on version 7.4.2 DNN) and we no longer want end users to be able to login to our CMS (for security reasons). We think hackers might have found a way in via registereing as a user, so that's why we don't want users to register for anything on our site.

            we are now on DNN 9.6.1

             

             

             

             

             

            If you grant persmission to the role 'unauthenticated users', people won't have to login.

            Having said that, I can not oversee the possible security issues. In the security settings, you can limit the extensions that are allowed.
            The option Mark mentioned, might be a safer one as ActionForm has another option to limit the extensions which applies to just tha 1 form instead of the entire websites.

            Now, for the security: upgrade. You really need to upgrade. If you are on 7, there are no quick fixes. It is not just a few mitigations in the webconfig and you'll be ok for another year. It can be a tough one but take a week for the following:

            1. create a clone
            2. remove unused third party modules
            3. upgrade modules and themes to the latest (check recommendations of the respective vendors)
            4. if a latest version is more than 2 years old, check if it is compatible with 9.3.2 (in that case, it will probably work in 9.6.2 as well)
            5. create a back up if this situation
            6. upgrade to 804
            7. Test 
            8. Fix stuff if needed
            9. If you have DNN Sharp modules, install NewtonPatch
            10. Upgrade to 9.3.2
            11. Test (9.2 deprecated a lot )
            12. Upgrade to 9.6.2
            13. Test

             

             

            Tjep's digital agencyRegards,
            Tycho de Waard

            Tjep's digital agency
            We just love DNN
            https://www.tjeps.com
            You are not authorized to post a reply.

            These Forums are dedicated to discussion of DNN Platform.

            For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

            1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
            2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
            3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
            4. No Flaming or Trolling.
            5. No Profanity, Racism, or Prejudice.
            6. Site Moderators have the final word on approving / removing a thread or post or comment.
            7. English language posting only, please.

            Would you like to help us?

            Awesome! Simply post in the forums using the link below and we'll get you started.

            Get Involved