function protected_node_file_download in Protected Node 6
Same name and namespace in other branches
- 5 protected_node.module \protected_node_file_download()
- 7 protected_node.module \protected_node_file_download()
- 1.0.x protected_node.module \protected_node_file_download()
Implementation of hook_file_download(). @link http://api.drupal.org/api/function/hook_file_download/6
File
- ./
protected_node.module, line 557
Code
function protected_node_file_download($file) {
global $user;
// the upload module glues the attachments and nodes together
// without that module, we cannot test anything here
// (it is not required anyway if the user is going to the /node/#
// page itself.)
if (user_access('bypass password protection') || !module_exists('upload')) {
return array();
}
// check whether the node linked to this file attachment is protected
$sql = "SELECT u.nid, n.uid, pn.protected_node_passwd_changed" . " FROM {files} f, {upload} u, {protected_nodes} pn, {node} n" . " WHERE pn.nid = u.nid AND u.nid = n.nid AND f.filename = '%s' AND u.fid = f.fid" . " AND pn.protected_node_is_protected = 1";
$file_info = db_fetch_array(db_query($sql, $file));
if ($file_info === FALSE || $user->uid && $user->uid == $file_info['uid']) {
// $user is the author
return array();
}
// got the password?
if (isset($_SESSION['_protected_node']['passwords'][$file_info['nid']])) {
$when = $_SESSION['_protected_node']['passwords'][$file_info['nid']];
if ($when > $file_info['protected_node_passwd_changed'] && $when > variable_get('protected_node_session_timelimit', 0)) {
// global reset time
return array();
}
}
// no password, access denied
return -1;
}