Magento – PDF Drama = PDF Dream

Have you ever worked in Magento and wished you could have access to media files (including PDF’s) without having to use FTP?  Well, you can.  In this article, I will tell you how in under 5 minutes.

The Good, The Bad, and The Ugly

This is what I like to call FTP.  Good ole File Transfer Protocol.  I have been using FTP since the beginning of my web design days (circa 1997) and I am very familiar with it.  I know the do’s and don’ts, I know the perks and limitations and I know the good, the bad, and the ugly.   What is this exactly?  Well, this is when you give a client FTP access when they have had zero prior experience.

The Good

I would describe the good as the following –

  1. Individual limited FTP Accounts – You are able to setup and FTP for a client which limits them to what they see.  You can give them access to ONE folder where they will upload images for example.
  2. Client is FTP “well behaved” –  It is very good when you have a client who understands the risk of deleting, moving, or damaging files in FTP.  “The Good” client probably doesn’t explore much and sticks with the task they are trained to do.  “The Good” client may also be an inquisitive type who does explore for better understanding but has zero intention of be destructive.
  3. Backups – Of course, we have to mention back ups.  In a good scenario, you have off-site backups just in case something crazy happens.  But what crazy thing could possible happen in FTP???

The Bad

And then there is the bad –

  1. You have to give the client FULL ACCESS to FTP.  Because of your hosting type, you are unable to limit their view and now the client has full access to FTP which you did NOT want to give.
  2. The client pokes around in places they shouldn’t be and makes a few changes that may or may not consume your whole day fixing.
  3. The client elects members of their team who are less savvy to make updates to the site and they do not have a clear understanding of how permanent the FTP changes and are not keeping a log of the changes they made.  An inquiry into their actions may go like this.  “Something broke, I don’t know what I did. Can you please fix it?”   “Do you know where you were or what you were working on? Can you provide me with a screenshot of your error?”  “I have no idea.  I thought I was deleting images but when I went in the images folder they are all still there and now the site won’t work.”  “Ok, well, the site error is stating that a whole directory is missing,”  “Oh.. I guess I deleted it then?  Can you get it back?”
  4. Luckily in this scenario, you have back ups and can fumble through fixing this after about 6 hours of work.

The Ugly

The ugly is just plain ugly.  Shall we?

  1. Master/Admin/Root Access –  Not only can you not restrict their FTP account, but in this scenario, there is only ONE FTP account which is full access.
  2. Did I mention this is the same username and password for cPanel, WHM, and your hosting account login?
  3. Now the client has access to EVERYTHING which you never intended.  But they have to be able to upload their own PDF’s right?????
  4. “The Ugly” scenario – things are deleted, private emails are read on the mail server, credit cards or other personal account info has been accessed, oh and let’s not forget the disgruntle client or employee who changes the password and locks everyone out.
  5. Backups – What are those??

I have seen it all.  Literally.  Oh, and did I mention it started with myself?

Around 1999, I accidentally deleted another users website on a shared hosting plan.  Yeah, that’s right, me.  Me, who had been using FTP for probably a couple years and could write HTML in my sleep.  I know it can happen to the best of us so what happens when someone who is not a web designer is given access (and they don’t even want it) just to upload PDF’s?  9 out of 10 times – disaster.  It is inevitable.

That is why it is imperative when setting up your clients site to adjust your Magento CE code so that they can use the Magento Admin panel for all work tasks and not get caught up in “the good, the bad, and the ugly”.  You don’t want them to have FTP access, they do not WANT the access/responsibility/stress, and in the year 2014, is it really necessary for a CMS website?  Not really. So, here is how you can go from PDF Drama to PDF Dream in just a few easy steps.

Adjust Magento to Work For You

When creating or editing CMS pages in your Magento Admin panel, you have probably noticed an “Insert Image” button.  This button takes you to the magical land of the media library within your site.  Here you can select an image on your computer, upload it, and insert it in to your page.   This ensures that the URL is correct and that all media files are centrally located.  That is, all files except for PDF’s.

In the quick steps below, I will show you how to enable the PDF extension so that when you use the “Insert Image” button you will be able to upload, insert, and link PDF files in addition to image files.

Step 1

Using your FTP, File Manager, or other similar tool, navigate to –  app/code/core/Mage/Cms/etc/config.xml

Open this file with an editor and make the following changes:


Allow PDF

You are telling the WYSIWYG Editor to Allow the PDF extension when you select “Insert Image” orange button.

Now, we also want to be able to select the Insert Image Icon in the WYSIWYG Editor and have the PDF extension available to use so you will want to make the following change:

Image Allowed PDF

Save this file.

Return to your Magento Admin panel and be sure to clear your cache and reindex through the Configuration tab.

You should now be able to train your clients to easily upload PDF’s through the Magento Admin as well as link them in their pages without the stress of using FTP.