gfpdf_tmp_location
Description
By default, temporary files Gravity PDF creates are stored in the tmp folder inside the PDF working directory. As we discussed in the PDF security documentation, this directory is protected from direct access by a .htaccess file. However, this only works for web servers running Apache or Litespeed. This filter allows you to move this folder to a private directory that isn't accessible from the web, ensuring your PDFs stay private.
Your web server needs write access to the folder you move this directory to, and it must be a dedicated folder used specifically for Gravity PDF e.g. /tmp/GravityPDF/ and not /tmp/.
Do you host with WP Engine? Instead of using the filter below, to protect your PDFs you need to setup a Redirect Rule in your control panel. Set the Source to ^/wp-content/uploads/PDF_EXTENDED_TEMPLATES/tmp/.* and the Destination to your home page.
Parameters
$path | string
- The path to the
tmpfolder.
$working_folder | string
- The working directory folder name. By default this is
PDF_EXTENDED_TEMPLATES.
$upload_path | string
- The path to your uploads directory (where the PDF working directory is stored by default).
Usage
Be aware that your hosting provider may limit your ability to write to folders outside the WordPress directory, so verify the filter works correctly after implementing. You should manually remove the old directory once you've confirmed everything works.
This filter will create a folder called GravityPDF one directory below WordPress' top-level ABSPATH location:
add_filter( 'gfpdf_tmp_location', function( $path, $working_folder, $upload_url ) {
return dirname( ABSPATH ) . '/GravityPDF/';
}, 10, 3 );
This filter will create a folder called GravityPDF inside WordPress' temporary directory:
add_filter( 'gfpdf_tmp_location', function( $path, $working_folder, $upload_url ) {
return get_temp_dir() . 'GravityPDF/';
}, 10, 3 );
Source Code
This filter is located in the Model_Install::setup_template_location() method of /src/model/Model_Install.php.