ACF File Field -- Set Folder Location?

[relish27]

Hello,

I am using ACF for this site and I have a particular file field that needs to upload to a particular folder. 

This is the field type:

http://www.advancedcustomfields.com/resources/field-types/file/

Right now it just gets uploaded to the main /uploads/ folder based on the Settings > Media upload files settings.  My goal is to have a way that only files uploaded using this one particular ACF file field go into this special folder.  Does anyone know if this is possible?  Also checking with ACF, but thought I'd ask here, too.

Thanks, Courtney

[Nick Ciske // Thought Refinery]

Images are uploaded via ajax using the core WP uploader -- which is why they end up in the wp-content/uploads folder.

You can filter the file name:

http://codex.wordpress.org/Plugin_API/Filter_Reference/wp_handle_upload_prefilter

And filter the upload folder:

http://codex.wordpress.org/Plugin_API/Filter_Reference/upload_dir

But... my guess is there's no context as to which ACF field that file is being uploaded to -- since core WP doesn’t really care where an image is being  uploaded.

All uploads, sure. All PDFs in a separate folder? Sure. Use /uploads/a/ vs /2014/? Sure.

Your case is trickier.

The only way I could see this working is an update_post_meta hook (that has the context of which field it is) that moves the already uploaded file (if necessary) ... then regenerates the media metadata so WP doesn’t look in the wrong place.

So, it's possible, but it'll be a bit of work.

_________________________

Nick Ciske

http://thoughtrefinery.com/

@nciske

Did I help you? Say thanks: http://bit.ly/1lahwy0

[Courtney Remes]

Thanks, Nick.  It sounds like the client is okay zipping up these DMG files, which would resolve the problem.

The actual problem is that DMG files open in the browser, depending on your browser and its settings.  I can do this -- http://stackoverflow.com/questions/7229361/how-to-force-mime-type-of-file-download -- but at WP Engine they'd also want to set up a proxy-pass for these files.  (I don't understand all the mechanics, but this is what they told me.)  In order to do this, they'd need these files to be in a specific location -- not just the whole /uploads/ folder.  So that's why I was looking to see if there's a way to separate out the files uploaded from a particular ACF file field.  

- Courtney

--
You received this message because you are subscribed to the Google Groups "Minneapolis St. Paul WordPress User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mpls-stpaul-word...@googlegroups.com.
To post to this group, send email to mpls-stpau...@googlegroups.com.
Visit this group at http://groups.google.com/group/mpls-stpaul-wordpress.
For more options, visit https://groups.google.com/d/optout.

[Nick Ciske // Thought Refinery]

Ah, you forgot to state the actual problem ;-)

Well, if you want to move all DMG files somewhere... that's actually pretty easy using the filters I mentioned as you're filtering based on filename extension (known) vs. ACF field (unknown). Zipping them makes things more difficult as they look like any other zip file to the filter.

You could possibly zip them on the server after moving them to the folder location... maybe? WPE means that'd have to be PHP zip which is unfortunate as gzip on the command line would be much more efficient.

In reality, you should perhaps ditch the upload field in ACF, have the client upload via SFTP (or to Amazon S3) and just store the filename in a text field and build the URL from that.

- SFTP makes the folder a known commodity for WPE to exclude and avoids file size limits and means you can't upload a infected DMG with just WP Admin access. DMGs could be zipped. It's more secure as SFTP credentials are harder to steal/brute force.

- S3 removes WPE from the equation and pushes hits off WPE to S3. DMGs could be zipped. More secure as you’d need the S3 credentials to upload new DMG files.

_________________________

Nick Ciske

http://thoughtrefinery.com/

@nciske

Did I help you? Say thanks: http://bit.ly/1lahwy0

[Courtney Remes]

I know -- was trying to keep things simple!  :)

Thanks for the in-depth response.  I do want to make this as easy as possible for the client, as they'll be the ones adding the DMG files in the future.  I'd prefer to let them do this using ACF via the control panel vs. having them SFTP things.  Just a little more fool-proof and easier for the person or persons administering to this (who may not know how to use SFTP).

I think, for now, we're just going to go the zipped DMG route.  Glad they were open to that... but I'll see if I get any interesting responses from ACF support.  

- Courtney

[Nicholas Ciske]

Sftp doesn't have to be scary, it can look like just another drive to the client:

http://www.expandrive.com

_______________________
Nick Ciske
@nciske
http://ThoughtRefinery.com

[Courtney Remes]

I know -- and SFTPing is an option I've suggested to them already.  It would require them to SFTP it, then find the URL path the item, then insert it into a text field in ACF, so that it is associated properly with the correct library item (which has other fields  and taxonomies associated with it).  It could be done, but if possible, it would nice to simplify the process. For now, it sounds like .zip files will do the trick.  But, I agree, having them do it more manually is a possibility.

BTW, ACF says:

ACF just invokes the standard wordpress file upload field, then after that is done, wires the file to the post in the post meta.
The plugin actually doesn't have any control over how the file is saved.

- Courtney

[Nick Ciske // Thought Refinery]

Your code can build the URL path, all you need is the filename to append to end -- I'm guessing the client can handle entering that?

I’d recommend making sure logins and the admin are over SSL -- otherwise your client is (possibly) one login over an untrusted network away from the risk of (undetected) malware injection into their DMG files.

RE: ACF

Ha! That sounds awfully familiar ;-)

_________________________

Nick Ciske

http://thoughtrefinery.com/

@nciske

Did I help you? Say thanks: http://bit.ly/1lahwy0

[Nick Ciske // Thought Refinery]

The other option is to write your own metabox with an upload field -- then you can save the file from that field wherever you want (as it'd use your own post action AJAX handler to save the uploaded file vs. the WP one).

_________________________

Nick Ciske

http://thoughtrefinery.com/

@nciske

Did I help you? Say thanks: http://bit.ly/1lahwy0

On Jun 18, 2014, at 9:15 AM, Courtney Remes <courtn...@gmail.com> wrote:

[chath...@antyrasolutions.com]

Hello try bellow code 

add_filter( 'acf/upload_prefilter/name=YOUR_FEILD_NAME', 'secure_upload_prefilter' );


function secure_upload_prefilter( $errors ) {
  add_filter( 'upload_dir', 'secure_upload_directory' );


  return $errors;
}


function secure_upload_directory( $param ) {
  $folder = get_home_path();


  $param['path'] = $folder;
  $param['url'] = $folder;
  $param['subdir'] = $folder;
  $param['basedir'] = $folder;
  $param['baseurl'] = $folder;


  return $param;


}