View source
<?php
function webform_protected_downloads_download_page($node, $hash = NULL) {
global $conf;
$conf['cache'] = 0;
$admin_access = FALSE;
$access = FALSE;
if ($hash === NULL) {
global $user;
$admin_access = user_access('administer webform protected downloads');
$nid = $node->nid;
}
else {
$nid = webform_protected_downloads_get_node_from_hash($hash);
$access = webform_protected_downloads_hash_is_valid($hash) || webform_protected_downloads_session_is_valid($hash);
}
drupal_set_title($node->title);
$configuration = webform_protected_downloads_get_configuration($node->nid);
if ($nid && $node->nid == $nid && ($access || $admin_access)) {
$hash_details = webform_protected_downloads_get_hash_details($hash);
if (!$admin_access) {
webform_protected_downloads_session_update($node, $hash);
db_update("wpd_access_hashes")
->fields(array(
'used' => time(),
))
->condition('hash', $hash)
->execute();
module_load_include('inc', 'webform', 'includes/webform.submissions');
$submission = webform_get_submission($node->nid, $hash_details->sid);
}
$files = array();
foreach ($node->wpd['private_files'] as $key => $file) {
if (webform_protected_downloads_file_user_has_access($node->nid, $key) || $admin_access) {
$files[] = (array) $file;
}
}
$output = _webform_protected_downloads_token_replace($configuration->text_download_access, $node, $hash);
if (!$admin_access) {
foreach ($submission->data as $cid => $data_value) {
if (isset($submission->data[$cid]['value'])) {
foreach ($submission->data[$cid]['value'] as $key => $value) {
$submission->data[$cid]['value'][$key] = _webform_filter_xss($value);
}
}
else {
foreach ($submission->data[$cid] as $key => $value) {
$submission->data[$cid][$key] = _webform_filter_xss($value);
}
}
}
$output = _webform_filter_values($output, $node, $submission, $email = NULL, $strict = FALSE, $allow_anonymous = TRUE);
}
$output = check_markup($output, $configuration->text_download_access_format, $node->language);
$files_table = '<p>' . t('No files have been found.') . '</p>';
if (count($files)) {
$files_table = theme('file_formatter_table', array(
'items' => $files,
));
}
return theme('webform_protected_downloads_download_page', array(
'text' => $output,
'files_table' => $files_table,
));
}
$output = _webform_protected_downloads_token_replace($configuration->text_download_noaccess, $node, $hash);
$output = check_markup($output, $configuration->text_download_noaccess_format, $node->language);
return theme('webform_protected_downloads_download_page', array(
'text' => $output,
));
}
function webform_protected_downloads_hash_is_valid($hash) {
$sql = "SELECT expires, access_type, used\n FROM {wpd_access_hashes}\n LEFT JOIN {webform_submissions} USING(sid)\n LEFT JOIN {wpd_node_configuration} USING(nid)\n WHERE hash = :hash";
$access = db_query($sql, array(
':hash' => $hash,
))
->fetchObject();
if (!$access) {
return FALSE;
}
if ($access->access_type == WEBFORM_PROTECTED_DOWNLOADS_ACCESS_TYPE_SINGLE) {
return $access->used == 0;
}
else {
return $access->expires == 0 || $access->expires > time();
}
return FALSE;
}
function webform_protected_downloads_session_is_valid($hash) {
return isset($_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY][$hash]) && $_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY][$hash]['expires'] > time();
}
function webform_protected_downloads_session_update($node, $hash) {
if (!isset($_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY])) {
$_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY] = array();
}
if (!isset($_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY][$hash])) {
$session_expires = webform_protected_downloads_get_configuration($node->nid, 'expiration_session', WEBFORM_PROTECTED_DOWNLOADS_DEFAULT_EXPIRATION_SESSION);
$_SESSION[WEBFORM_PROTECTED_DOWNLOADS_SESSION_KEY][$hash] = array(
'expires' => $session_expires > 0 ? time() + $session_expires : 0,
'nid' => $node->nid,
);
}
}