function filedepot_download in filedepot 6
Same name and namespace in other branches
- 7 filedepot.module \filedepot_download()
Call modules that implement hook_file_download() to find out if a file is accessible and what headers it should be transferred with. If a module returns -1 drupal_access_denied() will be returned. If one or more modules returned headers the download will start with the returned headers. If no modules respond drupal_not_found() will be returned.
$mode: default is for normal files, 'edit' for the download for edit operation 'moderator' to indicate file is not yet approved - moderator request to download file
1 string reference to 'filedepot_download'
- filedepot_menu in ./
filedepot.module - Implementation of hook_menu().
File
- ./
filedepot.module, line 641 - filedepot.module Filedepot: File Management Module developed by Nextide www.nextide.ca Full featured document managment module with a desktop application feel. Integrated role and user permissions to secure folders, automated notifications, Tag Cloud…
Code
function filedepot_download($node, $fid, $version, $mode = '') {
global $conf, $user;
$filedepot = filedepot_filedepot();
$field = content_fields('field_filedepot_file', $node->type);
$db_info = content_database_info($field);
$filepath = '';
$content_disposition = 'attachment';
if (empty($fid)) {
watchdog('filedepot', "Download request - null file id");
return drupal_access_denied();
}
elseif ($version == 'incoming') {
$query = db_query("SELECT cckfid,orig_filename,title FROM {filedepot_import_queue} WHERE id=%d", $fid);
list($cckfid, $fname, $filetitle) = array_values(db_fetch_array($query));
if ($cckfid > 0) {
$filepath = db_result(db_query("SELECT filepath FROM {files} WHERE fid=%d", $cckfid));
if (file_exists($filepath)) {
$result = db_query("SELECT * FROM {files} WHERE fid= %d", $cckfid);
$file = db_fetch_object($result);
$name = mime_header_encode($filetitle);
$type = mime_header_encode($file->filemime);
// By default, serve images, text, and flash content for display rather than
// download. Or if variable 'filefield_inline_types' is set, use its patterns.
$inline_types = variable_get('filefield_inline_types', array(
'^text/',
'^image/',
'flash$',
));
$disposition = 'attachment';
foreach ($inline_types as $inline_type) {
// Exclamation marks are used as delimiters to avoid escaping slashes.
if (preg_match('!' . $inline_type . '!', $file->filemime)) {
$disposition = 'inline';
}
}
$headers = array(
'Content-Type: ' . $type . '; name="' . $filetitle . '"',
'Content-Length: ' . $file->filesize,
'Content-Disposition: ' . $disposition . '; filename="' . $filetitle . '"',
'Cache-Control: private',
);
if (count($headers)) {
file_transfer($filepath, $headers);
}
}
else {
return drupal_not_found();
}
}
else {
watchdog('filedepot', "Download request for incoming file invalid");
return drupal_access_denied();
}
}
else {
$version = intval($version);
if ($version > 0) {
$filetitle = db_result(db_query("SELECT title FROM {filedepot_files} WHERE fid=%d", $fid));
$fname = db_result(db_query("SELECT fname FROM {filedepot_fileversions} WHERE fid=%d AND version=%d", $fid, $version));
$cid = db_result(db_query("SELECT cid FROM {filedepot_files} WHERE fid=%d", $fid));
}
else {
if ($mode == 'moderator') {
$query = db_query("SELECT cid,fname,tempname,title FROM {filedepot_filesubmissions} WHERE id=%d", $fid);
$rec = db_fetch_array($query);
if ($rec === FALSE) {
watchdog('filedepot', "Download request for moderated file - invalid file reference");
return drupal_access_denied();
}
list($cid, $fname, $tempname, $filetitle) = array_values($rec);
}
else {
$query = db_query("SELECT cid,fname,title FROM {filedepot_files} WHERE fid=%d", $fid);
$rec = db_fetch_array($query);
if ($rec === FALSE) {
watchdog('filedepot', "Download request - invalid file reference");
return drupal_access_denied();
}
else {
list($cid, $fname, $filetitle) = array_values($rec);
}
}
}
if ($cid == 0) {
watchdog('filedepot', "Download request - null category id");
return drupal_access_denied();
}
else {
if ($mode == 'moderator') {
$filepath = $filedepot->root_storage_path . "{$cid}/submissions/{$tempname}";
}
else {
$filepath = $filedepot->root_storage_path . "{$cid}/{$fname}";
}
if ($filedepot
->checkPermission($cid, 'view') === FALSE) {
watchdog('filedepot', "Download request for incoming file invalid access to folder ({$cid}) for user: {$user->name}");
return drupal_access_denied();
}
if (file_exists($filepath) and !is_dir($filepath)) {
$system_directory_path = $conf['file_directory_path'];
$conf['file_directory_path'] = $filedepot->root_storage_path . $cid;
$result = db_query("SELECT * FROM {files} WHERE filepath = '%s'", $filepath);
if (!($file = db_fetch_object($result))) {
// We don't really care about this file.
watchdog('filedepot', "File record not found");
return drupal_access_denied();
}
if ($mode == 'moderator') {
$name = mime_header_encode($filetitle);
$type = mime_header_encode($file->filemime);
}
else {
if (db_result(db_query("SELECT COUNT(*) FROM {filedepot_downloads} WHERE uid=%d AND fid=%d", $user->uid, $fid)) == 0) {
db_query("INSERT into {filedepot_downloads} (uid,fid,remote_ip,date) VALUES (%d,%d,'%s',%d)", $user->uid, $fid, $_SERVER['REMOTE_ADDR'], time());
}
$name = mime_header_encode($filetitle);
$type = mime_header_encode($file->filemime);
}
// By default, serve images, text, and flash content for display rather than
// download. Or if variable 'filefield_inline_types' is set, use its patterns.
$inline_types = variable_get('filefield_inline_types', array(
'^text/',
'^image/',
'flash$',
));
$disposition = 'attachment';
foreach ($inline_types as $inline_type) {
// Exclamation marks are used as delimiters to avoid escaping slashes.
if (preg_match('!' . $inline_type . '!', $file->filemime)) {
$disposition = 'inline';
}
}
if ($mode == 'edit') {
// User is using the download for edit function
$ext = end(explode(".", $filetitle));
$pos = strpos($filetitle, ".");
// Generate a 15 character hash value (token) and append to filename
// Create a unique filename for download and save the token for compare use on upload
$filename = substr($filetitle, 0, $pos);
$hash = md5(uniqid(rand()));
$token = substr($hash, 0, 15);
$newfilename = $filename . '{' . $token . 't}' . ".{$ext}";
$newfilename = str_replace(' ', '+', $newfilename);
//Update the MimeHeader that will be used to send the file to the browser - need to include token in filename
$name = mime_header_encode($newfilename);
$sql = "INSERT INTO {filedepot_export_queue} (orig_filename,token,extension,timestamp,uid,fid) values ('%s','%s','%s',%d,%d,%d)";
db_query($sql, $filetitle, $token, $ext, time(), $user->uid, $fid);
// Change file status to locked - being edited
db_query("UPDATE {filedepot_files} SET status = 2, status_changedby_uid = %d WHERE fid=%d", $user->uid, $fid);
}
$headers = array(
'Content-Type: ' . $type . '; name="' . $name . '"',
'Content-Length: ' . $file->filesize,
'Content-Disposition: ' . $disposition . '; filename="' . $name . '"',
'Cache-Control: private',
);
if (count($headers)) {
file_transfer($filepath, $headers);
}
}
$conf['file_directory_path'] = $system_directory_path;
return drupal_not_found();
}
}
}