PHP download

Download the PHP package bitmotion/secure-downloads without Composer

On this page you can find all versions of the php package bitmotion/secure-downloads. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download bitmotion/secure-downloads
More information about bitmotion/secure-downloads
Files in bitmotion/secure-downloads

Vendor bitmotion
Package secure-downloads
Short Description "Secure Download": Apply TYPO3 access rights to ALL file assets (PDFs, TGZs or JPGs etc. - configurable) - protect them from direct access.
License GPL-2.0-or-later
Homepage https://www.Leuchtfeuer.com

Keywords secure typo3 downloads

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Informations about the package secure-downloads

TYPO3 Extension "Secure Downloads"

In TYPO3, assets like PDFs, TGZs or JPGs etc. are normally just referenced by a URL e.g. to fileadmin/.... The file itself is delivered directly by the web server, and is therefore not part of the TYPO3 access control scheme – files remain unprotected, since URLs can be re-used, emailed, Search engine included or even guessed.

The "Secure Downloads" extension (EXT:secure_downloads) changes this behavior: Files will now be accessed through a script that honors TYPO3 access rights. The converted URL's will then look like this:

https://www.example.com/securedl/sdl-eyJ0eXAiOiJKV1QiLCJhbGciO[...]vcM5rWxIulg5tQ/protected_image.jpg

This works regardless of where the files come from and is not limited to special plugins, etc.

Since in most cases you will not want to protect everything (which means that everything undergoes rather performance-consuming access right checking), Secure Downloads is highly configurable. You may choose:

what directories to protect (e.g. you can include typo3temp or not)
what file types to protect (do you want to protect JPGs or not? etc.)

As a complementary measure, you will of course need to configure your web server not to deliver these things directly (e.g. using .htaccess settings).

Requirements

We are currently supporting following TYPO3 versions:

Extension Version	TYPO3 v12	TYPO3 v11	TYPO3 v10
6.x	x	-	-
5.x ¹⁾	-	x	x

¹⁾ Upcoming release as leuchtfeuer/secure-downloads (vendor name changed).

Outdated Versions

For the following versions no more free bug fixes and new features will be provided by the authors:

Extension Version	TYPO3 v10	TYPO3 v9	TYPO3 v8	TYPO3 v7	TYPO3 v6.2	TYPO3 v4.5
4.x	x	x	-	-	-	-
3.x	-	x	x	-	-	-
2.0.4 - 2.x	-	-	x	x	-	-
2.0.0 - 2.0.3	-	-	-	x	x	-
1.x²⁾	-	-	-	-	x	x

²⁾ As EXT:naw_securedl or typo3-ter/naw-securedl.

Installation

There are several ways to require and install this extension. We recommend getting this extension via composer.

Via Composer

If your TYPO3 instance is running in composer mode, you can simply require the extension by running:

composer req leuchtfeuer/secure-downloads:^6.0

Via Extension Manager

Open the extension manager module of your TYPO3 instance and select "Get Extensions" in the select menu above the upload button. There you can search for secure_downlaods and simply install the extension. Please make sure you are using the latest version of the extension by updating the extension list before installing the Secure Downloads extension.

Via ZIP File

You need to download the Secure Downloads extension from the TYPO3 Extension Repository and upload the ZIP file to the extension manager of your TYPO3 instance and activate the extension afterwards. You can also download an archive from GitHub and put its content directly into the typo3conf/ext directory of your TYPO3 instance. But please keep in mind, that the name of the folder must be secure_downloads (the repository name will be default).

Configuration

After installation you need to configure this extension. Take a look at the corresponding section of the official manual.

Best Practice

You can configure this extension to fit your specific needs. However, here are some "best practices" that may help you when first using Secure Downloads:

Install this extension as described above
Create a new "File Storage" of type "Local filesystem" on page 0 of your TYPO3 instance and set the "Is publicly available?" option to false
Create a directory on your filesystem which matches the previously configured "Base Path"
Put an .htaccess file into that folder that denies the access to all files within and underneath this path
Configure the extension in the admin section of your TYPO3 Backend to match all files (use an astrix for the securedFiletypes option) in your newly created file storage (use the path for the securedDirs option).

Access Configuration

You also need to secure all the directories and file types by your server configuration. This can be done with .htaccess files. Some example .htaccess files can be found in the Resources/Private/Examples folder.

Note: This extension cannot secure links to files that you include in your CSS file. For example, you can secure /fileadmin with the default .htaccess_deny file by putting the file in /fileadmin. You can allow /fileadmin/templates/ with the default .htaccess_allow file by putting this file to /fileadmin/template/.

Documentation

A detailed documentation can be found in the official TYPO3 documentation of this extension.

Changelog

The changelog can be found in the changelog chapter of the official TYPO3 documentation of this extension.

Contributing

You can contribute by making a pull request to the master branch of this repository, by using the "❤️ Sponsor" button on the top of this page, or just send us some beers 🍻...

All versions of secure-downloads with dependencies

PHP Build Version

Package Version

Version v6.0.3 Release 05. Apr 2024
create-project require 1 people choosed require and
0 people choosed create-project.

Download

Download latest version of secure-downloads from vendor bitmotion

Requires php Version ^8.1
typo3/cms-backend Version ^12.4
typo3/cms-core Version ^12.4
typo3/cms-extbase Version ^12.4
typo3/cms-frontend Version ^12.4
firebase/php-jwt Version ^6.1
ext-pdo Version *

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package bitmotion/secure-downloads contains the following files

Loading the files please wait ....