Thanks Beat,
For what it's worth...
I read the manual to mean I was Granting Access to a group(plan). Not restricting access to other plans. Hence the lovely way it broke my site by stopping the art thumbnails from displaying on the home page. (the directory "art" image directory was protected. I was trying to give artist the ability to upload photos.)

I suggest a 3 prong approach to avoiding this potential situation in the future.

1) Text - Stating it as "Folder Protect grants access to a specific Folder/Directory for a specific Plan while preventing access to all other Plans and unregistered users."

2) Core programming - I would suggest making Admins or higher automatically included in the PW file. (or make a "call" to check for admin and higher in the DB ) That way admins can't lock themselves out. As the .htaccess method works extremely well at locking you out of the back-end side of the site as well.

3) UI - If deleting directory protection in the UI Does Not remove the actual .htaccess file. Then there should be a log of previously protected directories ON the UI Protection Page. For example if 2+ people are working on the site and one set up protection and then decides to delete it. The only way to find the .htaccess file is via a command line search of the site. Which most people can't do.

The fundamental problem is you guys are too good and we're spoiled rotten. So users expect everything to be WYSIWYG. When it's not - we need extra help.

As to back ups - I had several people sign up and many other edits the day this happened. So I really didn't want to loose everything by rolling back to the backup.

I hope this is helpful.
Eric

Post edited by: ZombieNRG, at: 2009/08/20 16:51

Post edited by: ZombieNRG, at: 2009/08/20 16:53