You are here

Home » API reference » Webform Protected Downloads 7 » webform_protected_downloads.module

function webform_protected_downloads_file_user_has_access in Webform Protected Downloads 7

Same name and namespace in other branches
  1. 6 webform_protected_downloads.module \webform_protected_downloads_file_user_has_access()

Checks wheather the current user has access to the given file for the given node

Parameters

int $nid:

int $fid:

Return value

boolean

2 calls to webform_protected_downloads_file_user_has_access()
webform_protected_downloads_download_page in ./webform_protected_downloads.page.inc
Displays the download page
webform_protected_downloads_file_download in ./webform_protected_downloads.module
Implementation of hook_file_download().

File

./webform_protected_downloads.module, line 658
This file contains hook declarations and functions for the Webform Protected Downloads module.

Code

function webform_protected_downloads_file_user_has_access($nid, $fid) {

  // if it is protected, allow access only if the hash has been added to the
  // session
  if (!isset($_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY])) {
    return FALSE;
  }
  $sql = "SELECT    expires, hash\n          FROM      {wpd_protected_files} p\n          LEFT JOIN {webform_submissions} s ON (s.nid = p.nid)\n          LEFT JOIN {wpd_node_configuration} n ON (p.nid = n.nid)\n          LEFT JOIN {wpd_access_hashes} h USING(sid)\n          WHERE     p.nid = :nid\n          AND       p.fid = :fid\n          AND       expires IS NOT NULL\n          AND       hash IS NOT NULL\n          AND       (n.retroactive = 1 OR (n.retroactive = 0 AND s.submitted > p.created))";
  $args = array(
    ':nid' => $nid,
    ':fid' => $fid,
  );
  $result = db_query($sql, $args);
  while ($row = $result
    ->fetchObject()) {
    $ok = FALSE;

    // necessary condition
    if (isset($_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY][$row->hash])) {
      $session_expires = $_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY][$row->hash]['expires'];
      if ($session_expires == 0 || $session_expires > time()) {
        $ok = TRUE;
      }
      else {
        unset($_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY][$row->hash]);
        $ok = FALSE;
      }
    }
    else {
      $ok = FALSE;
    }
    $ok = $ok && ($row->expires == 0 || $row->expires > time());
    if ($ok) {
      return TRUE;
    }
  }
  return FALSE;
}