You are here

Home » API reference » filedepot 7 » filedepot.module

function filedepot_download in filedepot 7

Same name and namespace in other branches
  1. 6 filedepot.module \filedepot_download()

Implementation of hook_download().

$mode: default is for normal files, 'edit' for the download for edit operation 'moderator' to indicate file is not yet approved - moderator request to download file

2 string references to 'filedepot_download'
filedepot_file_download in ./filedepot.module
Implements hook_file_download().
filedepot_menu in ./filedepot.module
Implementation of hook_menu().

File

./filedepot.module, line 1168
filedepot.module Filedepot: File Management Module developed by Nextide www.nextide.ca Full featured document managment module with a desktop application feel. Integrated Organic Group, Role and User permissions to secure folders, automated…

Code

function filedepot_download($node, $fid, $version, $mode = '') {
  global $conf, $user;
  $filedepot = filedepot_filedepot();
  $filepath = '';
  $content_disposition = 'attachment';
  if (empty($fid)) {
    watchdog('filedepot', "Download request - null file id");
    return drupal_access_denied();
  }
  elseif ($version == 'incoming') {
    $query = db_query("SELECT drupal_id,orig_filename,title FROM {filedepot_import_queue} WHERE id=:fid", array(
      ':fid' => $fid,
    ));
    list($dfid, $fname, $filetitle) = array_values($query
      ->fetchAssoc());
    if ($dfid > 0) {
      $filepath = db_query("SELECT filepath FROM {files} WHERE fid=:fid", array(
        ':fid' => $dfid,
      ))
        ->fetchField();
      if (file_exists($filepath)) {
        $result = db_query("SELECT * FROM {files} WHERE fid= :fid", array(
          ':fid' => $dfid,
        ));
        $file = $result
          ->fetchObject();
        $name = mime_header_encode($filetitle);
        $type = mime_header_encode($file->filemime);

        // By default, serve images, text, and flash content for display rather than
        // download. Or if variable 'filefield_inline_types' is set, use its patterns.
        $inline_types = variable_get('filefield_inline_types', array(
          '^text/',
          '^image/',
          'flash$',
        ));
        $disposition = 'attachment';
        foreach ($inline_types as $inline_type) {

          // Exclamation marks are used as delimiters to avoid escaping slashes.
          if (preg_match('!' . $inline_type . '!', $file->filemime)) {
            $disposition = 'inline';
          }
        }
        watchdog('filedepot', "Download of incoming file: @file (!fid) by user @user", array(
          '@file' => $filetitle,
          '!fid' => $fid,
          '@user' => isset($user->name) ? $user->name : "Anonymous",
        ));
        $headers = array(
          'Content-Type: ' . $type . '; name="' . $filetitle . '"',
          'Content-Length: ' . $file->filesize,
          'Content-Disposition: ' . $disposition . '; filename="' . $filetitle . '"',
          'Cache-Control: private',
        );
        if (count($headers)) {
          file_transfer($filepath, $headers);
        }
      }
      else {
        return drupal_not_found();
      }
    }
    else {
      watchdog('filedepot', "Download request for incoming file invalid");
      return drupal_access_denied();
    }
  }
  else {
    $version = intval($version);
    if ($version > 0) {
      $fname = db_query("SELECT fname FROM {filedepot_fileversions} WHERE fid=:fid AND version=:version", array(
        ':fid' => $fid,
        ':version' => $version,
      ))
        ->fetchField();
      $query = db_query("SELECT cid,drupal_fid,title FROM {filedepot_files} WHERE fid=:fid", array(
        ':fid' => $fid,
      ));
      $rec = $query
        ->fetchAssoc();
      if ($rec === FALSE) {
        watchdog('filedepot', "Download request - invalid file reference");
        return drupal_access_denied();
      }
      else {
        list($cid, $drupal_fid, $filetitle) = array_values($rec);
      }
    }
    elseif ($mode == 'moderator') {
      $query = db_query("SELECT cid,drupal_fid,fname,tempname,title FROM {filedepot_filesubmissions} WHERE id=:fid", array(
        ':fid' => $fid,
      ));
      $rec = $query
        ->fetchAssoc();
      if ($rec === FALSE) {
        watchdog('filedepot', "Download request for moderated file - invalid file reference");
        return drupal_access_denied();
      }
      list($cid, $drupal_fid, $fname, $tempname, $filetitle) = array_values($rec);
    }
    else {
      $query = db_query("SELECT cid,drupal_fid,fname,title FROM {filedepot_files} WHERE fid=:fid", array(
        ':fid' => $fid,
      ));
      $rec = $query
        ->fetchAssoc();
      if ($rec === FALSE) {
        watchdog('filedepot', "Download request - invalid file reference");
        return drupal_access_denied();
      }
      else {
        list($cid, $drupal_fid, $fname, $filetitle) = array_values($rec);
      }
    }
    if ($cid == 0) {
      watchdog('filedepot', "Download request - null category id");
      return drupal_access_denied();
    }
    else {
      $file = file_load($drupal_fid);

      // list($scheme, $target) = explode('://', $file->uri, 2);
      if ($file === FALSE) {
        watchdog('filedepot', "Download request for file:@fname (@fid), file id: @drupal_fid invalid - folder (@cid) for user: @username", array(
          "@fname" => $fname,
          "@fid" => $fid,
          "@drupal_fid" => $drupal_fid,
          "@cid" => $cid,
          "@username" => isset($user->name) ? $user->name : "Anonymous",
        ));
        return drupal_access_denied();
      }
      if ($mode == 'moderator') {
        $filepath = $filedepot->root_storage_path . "{$cid}/submissions/{$tempname}";
      }
      else {
        $filepath = $filedepot->root_storage_path . "{$cid}/{$fname}";
      }
      list($scheme, $target) = explode('://', $filepath, 2);
      if ($filedepot
        ->checkPermission($cid, 'view') === FALSE) {
        watchdog('filedepot', "Download request for incoming file invalid access to folder (@cid) for user: @username", array(
          "@cid" => $cid,
          "@username" => isset($user->name) ? $user->name : "Anonymous",
        ));
        return drupal_access_denied();
      }
      $real_filepath = drupal_realpath($filepath);
      if (file_exists($real_filepath) and !is_dir($real_filepath)) {
        if ($mode == 'moderator') {
          $name = mime_header_encode($filetitle);
          $type = mime_header_encode($file->filemime);
        }
        else {
          if (db_query("SELECT COUNT(*) FROM {filedepot_downloads} WHERE uid=:uid AND fid=:fid", array(
            ':uid' => $user->uid,
            ':fid' => $fid,
          ))
            ->fetchField() == 0) {
            db_query("INSERT into {filedepot_downloads} (uid,fid,remote_ip,date) VALUES (:uid,:fid,:remote_ip,:time)", array(
              ':uid' => $user->uid,
              ':fid' => $fid,
              ':remote_ip' => $_SERVER['REMOTE_ADDR'],
              ':time' => time(),
            ));
          }
          $name = mime_header_encode($filetitle);
          $type = mime_header_encode($file->filemime);
        }
        watchdog('filedepot', "Download of file: @file (!fid), version !version by user @user", array(
          '@file' => $filetitle,
          '!fid' => $fid,
          '!version' => $version,
          '@user' => isset($user->name) ? $user->name : "Anonymous",
        ));

        /* We can assume the repository is setup using Drupal's private filesystem
         * The file_download function will invole all modules with a hook_file_download()
         * We need to add our hook to test if this is a download for edit and add
         * the extra MIME header and altered filename for tracking
         */
        file_download($scheme, $target);
      }
    }
  }
}