Version: 2.2.8, by AndrewD
Developer Last Online: Apr 2010
Category: Major Additions -
Version: 3.6.x
Rating:
Released: 06-18-2006
Last Update: 02-03-2008
Installs: 661
DB Changes Uses Plugins
Additional Files Translations
No support by the author.
Version 2.3.0 of LDM is now the official release. This works with both VB3.7 and VB3.8. You can obtain it here
Version 2.2.8 remains available here, with limited support.
04.02.08: patch-cat.xml 'extra' uploaded - see first post for information
27.10.07: Version 2.2.8-post1 uploaded
French translation of product installer uploaded (other language translations are in the main release zip)
Remember to back up your current database tables before upgrading.
What this is and does
LDM is a general-purpose link and file manager, which handles user uploads and downloads in a flexible way. A range of media players is integrated into LDM and others are included as plugin extras. LDM is described below in the first post of this thread, which also contains a brief list of the currently-known bugs.
This release of LDM works correctly with all VB versions 3.6.x and recent versions of vbadvanced.
Hi Andrew, do you remember the download allowance problem I mentioned before?
I edited local_links.php file, moved these codes
PHP Code:
// Use filesize recorded in database to check that user has sufficient allowance to complete the download
$allow = check_user_allowances($linksize, $linkid);
if (!$allow['can_download']) {
eval(standard_error($allow['errormessage']));
exit;
}
before these codes
PHP Code:
if (!$links_permissions["can_access_link"]) {
ldmjump_access_error();
exit;
}
now everything goes OK.
Thanks - glad you've got things going how you want - but I don't think that that is a proper fix. You've moved the test to before the point where the code has worked out the size of the download. It's correct for links, but not for downloads.
Why is it that when I create a new usergroup based off of "Administrators" usergroup and set the permissions in the LDM admin area to match those of Administrators, that usergroup cannot access the LDM Admin area (they can only access the moderator area). I REALLY need to deny forum admins access to this area and only grant it to the webmaster usergroup I created. A rogue admin could go in there and delete *everything* in the LDM database the way it's currently configured. I searched the LDM admin file for some reference to usergroup numbers but could find nowhere to add this new usergroup. Just to clarify, the webmaster usergroup is configured properly and "can_set_permissions" is checked for this group. However, when trying to access the LDM admin area I am getting the ol' "Insufficient Permissions" error.
What I can't figure out is why you're so paranoid about Admin access to LDM when the rest of your board is obviously twice as vulnerable due to this factor. You might wanna rethink your permissions strategy, period.
What I can't figure out is why you're so paranoid about Admin access to LDM when the rest of your board is obviously twice as vulnerable due to this factor. You might wanna rethink your permissions strategy, period.
Well the only part of it which concerns me (forum wise) is an admins ability to hard delete posts. I have a friend who owns a 1.3 million post board and he had a rogue admin delete 10,000 posts on him. That's kind of scary. I've never had such incident myself but his situation made me very aware of how easily one person can screw a board up. With my site, it's doubly critical because my LDM has around 100 GB of content hosted and growing daily. I'd say it's pretty reasonable for me to not want every admin to have access to it.
Well the only part of it which concerns me (forum wise) is an admins ability to hard delete posts. I have a friend who owns a 1.3 million post board and he had a rogue admin delete 10,000 posts on him. That's kind of scary. I've never had such incident myself but his situation made me very aware of how easily one person can screw a board up. With my site, it's doubly critical because my LDM has around 100 GB of content hosted and growing daily. I'd say it's pretty reasonable for me to not want every admin to have access to it.
Access to the LDM admin page is given to users who are members of the ADMIN_USER_GROUP usergroup, where ADMIN_USER_GROUP is defined in the file includes/local_links_init.php. In the standard release, ADMIN_USER_GROUP has the value 6. You can edit that as you like. It's hard coded into the init file to avoid the situation where you completely lock yourself out.
The code looks for extended group membership, so all you need to do (I did a quick test, seems ok) is to create a new user group, give the authorised admins extended right to that group via the vb admincp, and edit the ldm init file
Links and Downloads Manager Details »»
About Developer
Visit Web Site
DB Changes 
No support by the author.
05-31-2007, 01:55 AM
