Documentation /

Sharing & Privacy

VetCarePress allows staff and optionally customers to generate secure, time-limited share links for read-only access to patient profiles or individual medical records without requiring authentication.

Types of Share Links

Patient Share Links

  • Share an entire patient profile, including all associated medical records.
  • Stored in the wp_vcp_share_tokens database table.
  • Created from the Staff Dashboard share modal on a patient profile.

Record Share Links

  • Share a single medical record.
  • Stored in the wp_vcp_record_share_tokens database table.
  • Created from the Staff Dashboard share modal or the WP-Admin RecordShareMetabox on the record edit screen.

Token Structure

Each share link contains a unique, cryptographically random token. The URL format is:

Field Description
id Auto-incrementing primary key
patient_id / record_id The shared patient or record
token Unique, cryptographically random string
expires_at Expiration timestamp (nullable)
revoked_at Revocation timestamp (nullable)
created_by User ID of the link creator
created_at Creation timestamp

Generating Share Links

  • Staff Dashboard: Use the share modal available on patient profiles and individual record views.
  • WP-Admin: Use the RecordShareMetabox on the record edit screen to generate record share links.

Expiry

  • Configurable via the vcp_record_share_expiry_days setting (Settings > Advanced).
  • Default: 30 days.
  • Set to 0 to create links that never expire.
  • Expired tokens are automatically treated as invalid and cannot be used to access content.

Revoking Share Links

  • Staff can revoke any share link immediately from the dashboard.
  • Revoked tokens have their revoked_at timestamp set and become permanently invalid.
  • Revocation is instantaneous; anyone attempting to use a revoked link will be denied access.

Access Control

Who Can Create Links

  • Staff: Enabled by default via the vcp_allow_staff_share setting (Settings > Features). Requires the vcp_manage_share_tokens capability.
  • Customers: Disabled by default. Enable via the vcp_allow_customer_share setting (Settings > Features).

What Recipients See

  • Share link recipients view a read-only presentation of the patient profile or medical record.
  • No authentication is required to access content via a valid share link.

API Endpoints

Method Endpoint Purpose
POST /wp-json/vcp/v1/shares Create a patient share link
POST /wp-json/vcp/v1/record-shares Create a record share link
GET /wp-json/vcp/v1/shares List patient share links
GET /wp-json/vcp/v1/record-shares List record share links
DELETE /wp-json/vcp/v1/shares/{id} Revoke a patient share link
DELETE /wp-json/vcp/v1/record-shares/{id} Revoke a record share link

See Also

File Management

VetCarePress provides secure file management for patient attachments and medical imaging, with files stored outside the public web root and protected against unauthorized access.

Upload Directory

  • Files are stored in wp-content/uploads/vetcarepress/, created automatically on plugin activation.
  • An .htaccess file denies all direct HTTP access to the directory: 
    Order Deny,Allow
Deny from all
  • An index.php file is also present for additional safety on servers that do not respect .htaccess rules.

Security Measures

Scrambled Filenames

  • The FileManager stores files with randomized names to prevent URL guessing.
  • Original filenames are preserved in the database but are not used on disk.

Permission-Gated Serving

  • The FileServer serves files through WordPress, checking user permissions before delivering any content.
  • Direct URL access to the upload directory is blocked at the server level.
  • Files are served via virtual URLs:
    • Full file: /vcp-file/{id}/
    • Thumbnail: /vcp-file/{id}/{size}/

File Types

General Attachments

  • Supports images, PDFs, and other common document formats.
  • Uploaded images are automatically resized to maximum dimensions defined by vcp_attachment_width and vcp_attachment_height (default: 1200×1200 pixels).

DICOM Medical Imaging

  • Supports .dcm and .zip files for medical imaging data.
  • DICOM files are served through the same permission-gated system as other attachments.
  • A built-in DICOM viewer (located in lib/dicom-viewer-core/) allows in-browser viewing without requiring external software.
  • DICOM download behavior is configurable via the vcp_allow_dicom_download setting (default: on).
    • When enabled, customers can both view and download DICOM files.
    • When disabled, customers can view DICOM images in the browser but cannot download the raw .dcm file.

API Endpoints

Upload

  • Endpoint: POST /wp-json/vcp/v1/files
  • Content type: multipart/form-data (FormData)
  • Access: Staff only
  • Response: Returns the file ID and original filename.

Download

  • Endpoint: GET /wp-json/vcp/v1/files/{id}
  • Access: Permission check verifies the requester is either staff or the patient owner.
  • Response: Streams the file with appropriate content headers.

reCAPTCHA

VetCarePress supports Google reCAPTCHA v3 for invisible bot protection on customer-facing forms, with no user-facing challenges.

How reCAPTCHA v3 Works

  • Completely invisible to the end user — no checkbox or puzzle is displayed.
  • Each request is scored from 0.0 (likely bot) to 1.0 (likely human).
  • VetCarePress automatically rejects requests that fall below the configured score threshold.
  • The CaptchaService handles token verification against Google’s reCAPTCHA API on the server side.

What It Protects

  • Customer-facing OTP login forms (request code).
  • Share link access forms where applicable.

Setup

Step 1: Register Your Site

  1. Go to the Google reCAPTCHA admin console.
  2. Register your site and select reCAPTCHA v3 as the type.
  3. Add your site domain(s).
  4. Copy the Site Key and Secret Key provided by Google.

Step 2: Configure VetCarePress

  1. Navigate to VetCarePress Settings > Captcha.
  2. Set the provider to reCAPTCHA v3.
  3. Enter the Site Key in the corresponding field.
  4. Enter the Secret Key in the corresponding field.
  5. Set the Score Threshold (default: 0.5).
    • Raise the threshold for stricter protection (e.g., 0.7).
    • Lower the threshold for more permissive access (e.g., 0.3).
  6. Save changes.

When to Enable

  • If you experience bot abuse on the customer login form.
  • If you observe automated or excessive OTP code requests.
  • As a general preventive measure for public-facing forms.

Impact on Legitimate Users

  • reCAPTCHA v3 is completely invisible and requires no user interaction.
  • Legitimate users will not notice any difference in the form submission experience.
  • In rare cases, a legitimate user with an unusually low score may be blocked. Lowering the threshold can help in these situations.

See Also

© 2026 webdevelop.hu — Custom WordPress / WooCommerce Development & Migration SpecialistContact