file/attachment storage api with revision control - needs a bit more testing but the framework is in place
This commit is contained in:
friendica
@@ -1,42 +1,25 @@
|
||||
<?php
|
||||
|
||||
require_once('include/security.php');
|
||||
require_once('include/attach.php');
|
||||
|
||||
function attach_init(&$a) {
|
||||
|
||||
if(argc() != 2) {
|
||||
if(argc() < 2) {
|
||||
notice( t('Item not available.') . EOL);
|
||||
return;
|
||||
}
|
||||
|
||||
$hash = argv(1);
|
||||
$r = attach_by_hash(argv(1),((argc() > 2) ? intval(argv(2)) : 0));
|
||||
|
||||
// Check for existence, which will also provide us the owner uid
|
||||
|
||||
$r = q("SELECT * FROM `attach` WHERE `hash` = '%s' LIMIT 1",
|
||||
dbesc($hash)
|
||||
);
|
||||
if(! count($r)) {
|
||||
notice( t('Item was not found.'). EOL);
|
||||
if(! $r['success']) {
|
||||
notice( $r['message'] . EOL);
|
||||
return;
|
||||
}
|
||||
|
||||
$sql_extra = permissions_sql($r[0]['uid']);
|
||||
|
||||
// Now we'll see if we can access the attachment
|
||||
|
||||
$r = q("SELECT * FROM `attach` WHERE hash = '%s' $sql_extra LIMIT 1",
|
||||
dbesc($hash)
|
||||
);
|
||||
|
||||
if(! count($r)) {
|
||||
notice( t('Permission denied.') . EOL);
|
||||
return;
|
||||
}
|
||||
|
||||
header('Content-type: ' . $r[0]['filetype']);
|
||||
header('Content-disposition: attachment; filename=' . $r[0]['filename']);
|
||||
echo $r[0]['data'];
|
||||
header('Content-type: ' . $r['data']['filetype']);
|
||||
header('Content-disposition: attachment; filename=' . $r['data']['filename']);
|
||||
echo $r['data']['data'];
|
||||
killme();
|
||||
// NOTREACHED
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user