WP Version 3.5.1
GF Version 1.6.12
I have several questions concerning uploading images through a form. I have tested both and would like a combination of the two, but need to know how to implement and if it's even possible.
When I use Post Fields > Image and a User uploads an image file, an Untitled Draft post is generated as my default Category. Then, a notification is sent to the Admin's e-mail and a thumbnail is visible in the body of the message. The image file is stored in a directory.
When I use Advanced Fields > File Upload and a User uploads an image file. Then, a notification is sent to the Admin's e-mail and a link to the image is visible in the body of the message. The image file is stored in a directory.
I was able to apply a filter to change the file upload directory, but still have concerns about this directory being unsecure and visible to the general public and search engines. (I had to update my .htaccess file to prevent directory browsing and still need to change my meta data to apply a no-follow tag for search engines).
How I would like the form to work:
1.) User uploads image.
2.) Notification is sent to Admin.
3.) Thumbnail is visible in e-mail and in Form Entries.
4.) Admin can click on thumbnail to view original file but needs to be logged in to do so.
So, my questions and concerns are as follows:
1.) How can I make uploaded image directory totally secure from anyone viewing?
• I do not require Users to be logged in.
• I run SSL on form pages.
• Current permissions of Upload Directory is set to 755.
• I would like to grant the Contributor Role a Capability to view the Upload Directory when logged in, but do not see an option in Roles setting in WP. (Users > Roles > Capabilities)
*I guess I could password protect the directory on the server side, but not sure if this will effect Users from the ability to upload images? And, I don't really want to deal with 2 separate logins.
2.) Since I want to see a thumbnail in Notification e-mails and in Form Entries, do I have to use Post Fields > Image only?
3.) If I have to use Post Fields > Image, is there anyway to avoid creating an Untitled Post for every single form entry a User makes?
4.) If I have to use Post Fields > Image and an Untitled Post for every single form entry a User makes is generated, how/where can I change the Category from my default category set in my WP settings for Untitled Posts (Settings > Writing > Default Post Category)?