You are here

Home » API reference » Album Photos 8.4 » photos_access.module

function photos_access_pass_validate in Album Photos 8.4

Same name and namespace in other branches
  1. 8.5 photos_access/photos_access.module \photos_access_pass_validate()
  2. 7.3 photos_access/photos_access.module \photos_access_pass_validate()
  3. 6.0.x photos_access/photos_access.module \photos_access_pass_validate()

Check password on node page.

2 calls to photos_access_pass_validate()
photos_access_request_album_password in photos_access/photos_access.module
Album password check.
_photos_access in ./photos.module
Photos access checks for different operations.

File

photos_access/photos_access.module, line 877
Implementation of photos_access.module.

Code

function photos_access_pass_validate($t) {
  $user = \Drupal::currentUser();

  // Check if admin or author.
  if ($user
    ->id() == 1 || isset($t['view']->uid) && $t['view']->uid == $user
    ->id()) {
    return TRUE;
  }
  if (isset($t['update']->pass)) {

    // Check if collaborator.
    $db = \Drupal::database();
    $result = $db
      ->query('SELECT uid FROM {photos_access_user} WHERE id = :id', [
      ':id' => $t['update']->id,
    ]);
    foreach ($result as $a) {
      if ($a->uid == $user
        ->id()) {
        return TRUE;
      }
    }
  }
  if ($t['view']->nid) {
    if (isset($_SESSION[$t['view']->nid . '_' . session_id()])) {

      // Check if password matches node password.
      if ($_SESSION[$t['view']->nid . '_' . session_id()] == $t['view']->pass) {
        return TRUE;
      }

      // If password is set, but does not match re enter password.
      \Drupal::messenger()
        ->addMessage(t('Password has expired.'));

      // Redirect.
      $current_path = \Drupal::service('path.current')
        ->getPath();
      $redirect_url = Url::fromUri('base:privacy/pass/' . $t['view']->nid, [
        'query' => [
          'destination' => $current_path,
        ],
      ])
        ->toString();
      $response = new RedirectResponse($redirect_url);
      $response
        ->send();
      exit;
    }
    else {

      // If password is not set, password is required.
      \Drupal::messenger()
        ->addMessage(t('Password required.'));

      // Redirect.
      $current_path = \Drupal::service('path.current')
        ->getPath();
      $redirect_url = Url::fromUri('base:privacy/pass/' . $t['view']->nid, [
        'query' => [
          'destination' => $current_path,
        ],
      ])
        ->toString();
      $response = new RedirectResponse($redirect_url);
      $response
        ->send();
      exit;
    }
  }
}