Hi, Not sure this is truly a pre-sales question, but after some research I’m still not sure whether Safecracker is capable of the following:
My client needs a travel site where customers who register for her tours will need to upload fairly sensitive information: scans of their passports, visa applications, etc. These customers will self-register (might use ZooVisitor to manage these screens), get assigned to a “customer” member group, and be invited to fill out a form, visible only to logged-in users.
Assuming this is one large Safecracker form…
- Are Safecracker/EE “secure” in the sense that file uploads, if going over https, will be inaccessible after being uploaded? Does this require a file upload directory outside of the web root (and then is it even possible to use it as a Safecracker File upload destination?). It would seem inadequate to me if their uploads could be accessed at domain.com/files/joes-visa-application.pdf
- Does Safecracker handle file naming conflicts so that one “visa-application.pdf” doesn’t overwrite an existing file of the same name in that directory?
- I am a little intimidated by the plethora of SSL-related add-ons and forum discussions surrounding EE, Safecracker, and SSL. Is there a smarter way to handle this functionality?
Thanks very much