8176 posts
  • Author Level 6
  • Trendsetter
  • Weekly Top Seller
  • Community Superstar
+8 more
doru
says

In that case, you should generate a new API key which is meant specifically for your FTP only ;)

any api keys will work with the ftp login.

but this debate is pointless

because it appears that


(currently it’s password OR API key).

didn’t knew that. :)

The only way that someone could profit from this, is that if he knows your api key then he can log in while you upload an item and download it from the ftp. I’m not sure if you can access your files after you click the submit button in the upload form and you send them to the queue button. If you can’t access the files then I think the opportunity window is pretty small, but if you can do it, then someone could copy your files while they are in the review queue.

Till the staff will clarify this I think the best solution is to delete all API keys and generate a new one and then keep that to yourself. No third party should know the API keys.

EDIT:

done! api keys deleted and generate a new one. I should be fine now.

2527 posts
  • 5 Years of Membership
  • Affiliate Level 2
  • Author Level 6
  • Beta Tester
+12 more
urbazon
says

The only way that someone could profit from this, is that if he knows your api key then he can log in while you upload an item and download it from the ftp.

The last time I checked, I wasn’t able to download anything from the ftp servers. I can only upload, but can’t download from there. I don’t know much about ftp, but I guess this was restricted on purpose for various reasons. Don’t know if it can be bypassed in any way… :/ Hope not :D

141 posts
  • Affiliate Level 2
  • Author Level 5
  • Beta Tester
  • Collector Level 2
+4 more
x4er0
says

At this time of the year may i suggest that a message is placed on authors dashboards or send out an email as many will not see this message and you will then receive a flood of posts no doubt in the new year asking why their FTP uploads are not working. Just a suggestion. +1 Jonathan
8176 posts
  • Author Level 6
  • Trendsetter
  • Weekly Top Seller
  • Community Superstar
+8 more
doru
says


The only way that someone could profit from this, is that if he knows your api key then he can log in while you upload an item and download it from the ftp.
The last time I checked, I wasn’t able to download anything from the ftp servers. I can only upload, but can’t download from there. I don’t know much about ftp, but I guess this was restricted on purpose for various reasons. Don’t know if it can be bypassed in any way… :/ Hope not :D

well, never tried to download the items while uploading via ftp so probably you are right. :)

3 posts
  • 2 Years of Membership
  • Collector Level 1
CgBoutique
says

Oh, that’s good info before i upload my first item ! :D

1162 posts
  • Weekly Top Seller
  • Featured Author
  • Front Page Master
  • Most Wanted Winner
+10 more
RafaelOliveira
says



The only way that someone could profit from this, is that if he knows your api key then he can log in while you upload an item and download it from the ftp.
The last time I checked, I wasn’t able to download anything from the ftp servers. I can only upload, but can’t download from there. I don’t know much about ftp, but I guess this was restricted on purpose for various reasons. Don’t know if it can be bypassed in any way… :/ Hope not :D
well, never tried to download the items while uploading via ftp so probably you are right. :)

I had tried and it’s impossible :)

121 posts
  • Affiliate Level 2
  • Collector Level 2
  • Freebie
  • Exclusive Author
+2 more
rabidflash
says

like others said, this doesn’t make sense. Why opt for open APIs which authors use in many 3rd party apps instead of more secure and closed password? You may not able to download/ edit the files but you can delete the uploaded files. I’m not sure what exactly happens once the item’s been submitted- whether the files are moved to a different path or still accessed from the same path, but the change makes no sense.

2527 posts
  • 5 Years of Membership
  • Affiliate Level 2
  • Author Level 6
  • Beta Tester
+12 more
urbazon
says

like others said, this doesn’t make sense. Why opt for open APIs which authors use in many 3rd party apps instead of more secure and closed password? You may not able to download/ edit the files but you can delete the uploaded files. I’m not sure what exactly happens once the item’s been submitted- whether the files are moved to a different path or still accessed from the same path, but the change makes no sense.

Once you submit the uploaded files via forms on the website, they do get removed from your ftp folder (although it’s not the case on PhotoDune since recently, it must be some kind of a bug…?)

But yes, never thought of that – files can be deleted indeed :/

121 posts
  • Affiliate Level 2
  • Collector Level 2
  • Freebie
  • Exclusive Author
+2 more
rabidflash
says

I’m almost certfiles from ftp don’t get deleted immediately after submitting them. They are deleted automatically after sometime even if you don’t submit them.

911 posts Never trust a ballerina with a moustache
  • 3 Years of Membership
  • Australia
  • Blog Interview
  • Collector Level 3
+6 more
Carmen
says

Hi guys, I’ll get one of the devs to reply to you. :)

by
by
by
by
by
by