function webform_protected_downloads_file_user_has_access in Webform Protected Downloads 7
Same name and namespace in other branches
- 6 webform_protected_downloads.module \webform_protected_downloads_file_user_has_access()
Checks wheather the current user has access to the given file for the given node
Parameters
int $nid:
int $fid:
Return value
boolean
2 calls to webform_protected_downloads_file_user_has_access()
- webform_protected_downloads_download_page in ./
webform_protected_downloads.page.inc - Displays the download page
- webform_protected_downloads_file_download in ./
webform_protected_downloads.module - Implementation of hook_file_download().
File
- ./
webform_protected_downloads.module, line 658 - This file contains hook declarations and functions for the Webform Protected Downloads module.
Code
function webform_protected_downloads_file_user_has_access($nid, $fid) {
// if it is protected, allow access only if the hash has been added to the
// session
if (!isset($_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY])) {
return FALSE;
}
$sql = "SELECT expires, hash\n FROM {wpd_protected_files} p\n LEFT JOIN {webform_submissions} s ON (s.nid = p.nid)\n LEFT JOIN {wpd_node_configuration} n ON (p.nid = n.nid)\n LEFT JOIN {wpd_access_hashes} h USING(sid)\n WHERE p.nid = :nid\n AND p.fid = :fid\n AND expires IS NOT NULL\n AND hash IS NOT NULL\n AND (n.retroactive = 1 OR (n.retroactive = 0 AND s.submitted > p.created))";
$args = array(
':nid' => $nid,
':fid' => $fid,
);
$result = db_query($sql, $args);
while ($row = $result
->fetchObject()) {
$ok = FALSE;
// necessary condition
if (isset($_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY][$row->hash])) {
$session_expires = $_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY][$row->hash]['expires'];
if ($session_expires == 0 || $session_expires > time()) {
$ok = TRUE;
}
else {
unset($_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY][$row->hash]);
$ok = FALSE;
}
}
else {
$ok = FALSE;
}
$ok = $ok && ($row->expires == 0 || $row->expires > time());
if ($ok) {
return TRUE;
}
}
return FALSE;
}