function filedepot_user_access in filedepot 6
Same name and namespace in other branches
- 7 filedepot.module \filedepot_user_access()
Perform user access validation for passed permission.
1 string reference to 'filedepot_user_access'
- filedepot_menu in ./
filedepot.module - Implementation of hook_menu().
File
- ./
filedepot.module, line 367 - filedepot.module Filedepot: File Management Module developed by Nextide www.nextide.ca Full featured document managment module with a desktop application feel. Integrated role and user permissions to secure folders, automated notifications, Tag Cloud…
Code
function filedepot_user_access($perm) {
global $user, $base_path;
// Odd Mozilla/Firefox bug with the YUI Uploader (FLASH based) where $_COOKIES is not included in the POST VARS
// This causes the AJAX savefile request to fail or attempt to be processed as an anonymous user which is not what we want.
if (isset($_POST['cookie_session']) and !empty($_POST['cookie_session'])) {
/* Code added to handle the issue with the default $_COOKIE array being sent by the Flash Image uploader
* We can send the cookies in the post form data and then extract and rebuild the user object
*/
// Check if the session is still active, we have a record of the client's session in the database.
$user = db_fetch_object(db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = '%s'", $_POST['cookie_session']));
// We found the client's session record and they are an authenticated user
if ($user && $user->uid > 0) {
// This is done to unserialize the data member of $user and restore their session
$user = user_load($user->uid);
}
}
elseif ($perm == 'filedepot desktop client' and isset($_POST['username']) and isset($_POST['password'])) {
if (db_result(db_query("SELECT count(*) FROM {users} WHERE name='%s' AND pass='%s'", $_POST['username'], $_POST['password'])) == 1) {
return TRUE;
}
else {
return FALSE;
}
}
return user_access($perm);
}