Description
By default the real location of an uploaded file is hidden. The download URL will be generated with a security token to prevent guessing or enumeration attacks to discover the location of other files. The gform_require_login_pre_download filter can be used to require the user be logged in before the download URL will allow access to the file.
Usage
The following would apply to all forms.
add_filter( 'gform_require_login_pre_download', 'your_function_name', 10, 3 );
Parameters
Examples
1. Require login for all forms
add_filter( 'gform_require_login_pre_download', '__return_true' );
2. Require login for specific form and field
add_filter( 'gform_require_login_pre_download', 'require_login_for_downloads', 10, 3 );
function require_login_for_downloads( $require_login, $form_id, $field_id ){
// Update values below to match your form and field id's
if ( $form_id == '97' && $field_id == '2' ) {
$require_login = true;
}
return $require_login;
}
3. Require login for all forms and redirect to login page
add_filter( 'gform_require_login_pre_download', function( $require_login ) {
$require_login = true;
if ( ! is_user_logged_in() ) {
auth_redirect();
}
return $require_login;
} );
4. Require login and redirect to login page if the form requires login
add_filter( 'gform_require_login_pre_download', function ( $require_login, $form_id ) {
if ( is_user_logged_in() ) {
return false;
}
$form = GFAPI::get_form( $form_id );
if ( empty( $form ) ) {
return $require_login;
}
$require_login = GFCommon::form_requires_login( $form );
if ( $require_login ) {
auth_redirect();
}
return $require_login;
}, 10, 2 );
Placement
This code can be used in the functions.php file of the active theme, a custom functions plugin, a custom add-on, or with a code snippets plugin.
See also the PHP section in this article: Where Do I Put This Code?
Since
This filter was added in Gravity Forms 2.2.3.16.
Source Code
This filter is located in GF_Download::validate_download() in includes/class-gf-download.php.