beginning of backend file/attachment api
This commit is contained in:
friendica
parent
e270bd3874
commit
3767bba3c3
10
boot.php
10
boot.php
@ -16,7 +16,7 @@ require_once('include/features.php');
|
||||
define ( 'FRIENDICA_PLATFORM', 'Friendica Red');
|
||||
define ( 'FRIENDICA_VERSION', trim(file_get_contents('version.inc')) . 'R');
|
||||
define ( 'ZOT_REVISION', 1 );
|
||||
define ( 'DB_UPDATE_VERSION', 1022 );
|
||||
define ( 'DB_UPDATE_VERSION', 1023 );
|
||||
|
||||
define ( 'EOL', '<br />' . "\r\n" );
|
||||
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
|
||||
@ -2032,6 +2032,14 @@ function dba_timer() {
|
||||
return microtime(true);
|
||||
}
|
||||
|
||||
function get_observer_hash() {
|
||||
$observer = get_app()->get_observer();
|
||||
if(is_array($observer))
|
||||
return $observer['xchan_hash'];
|
||||
return '';
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Returns the complete URL of the current page, e.g.: http(s)://something.com/network
|
||||
*
|
||||
|
||||
@ -81,3 +81,71 @@ function z_mime_content_type($filename) {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
function attach_count_files($channel_id, $observer, $hash = '', $filename = '', $filetype = '') {
|
||||
|
||||
$ret = array('success' => false);
|
||||
|
||||
if(! perm_is_allowed($channel_id,$observer, 'read_storage')) {
|
||||
$ret['message'] = t('Permission denied.');
|
||||
return $ret;
|
||||
}
|
||||
|
||||
require_once('include/security.php');
|
||||
$sql_extra = permissions_sql($channel_id);
|
||||
|
||||
if($hash)
|
||||
$sql_extra .= protect_sprintf(" and hash = '" . dbesc($hash) . "' ");
|
||||
|
||||
if($filename)
|
||||
$sql_extra .= protect_sprintf(" and filename like '@" . dbesc($filename) . "@' ");
|
||||
|
||||
if($filetype)
|
||||
$sql_extra .= protect_sprintf(" and filetype like '@" . dbesc($filetype) . "@' ");
|
||||
|
||||
$r = q("select id from attach where channel_id = %d $sql_extra",
|
||||
intval($channel_id)
|
||||
);
|
||||
|
||||
$ret['success'] = ((is_array($r)) ? true : false);
|
||||
$ret['results'] = ((is_array($r)) ? count($r) : false);
|
||||
return $ret;
|
||||
|
||||
}
|
||||
|
||||
function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $filetype = '', $orderby = 'created desc', $start = 0, $entries = 0) {
|
||||
|
||||
$ret = array('success' => false);
|
||||
|
||||
if(! perm_is_allowed($channel_id,$observer, 'read_storage')) {
|
||||
$ret['message'] = t('Permission denied.');
|
||||
return $ret;
|
||||
}
|
||||
|
||||
require_once('include/security.php');
|
||||
$sql_extra = permissions_sql($channel_id);
|
||||
|
||||
if($hash)
|
||||
$sql_extra .= protect_sprintf(" and hash = '" . dbesc($hash) . "' ");
|
||||
|
||||
if($filename)
|
||||
$sql_extra .= protect_sprintf(" and filename like '@" . dbesc($filename) . "@' ");
|
||||
|
||||
if($filetype)
|
||||
$sql_extra .= protect_sprintf(" and filetype like '@" . dbesc($filetype) . "@' ");
|
||||
|
||||
if($entries)
|
||||
$limit = " limit " . intval($start) . ", " . intval(entries) . " ";
|
||||
|
||||
// Retrieve all columns except 'data'
|
||||
|
||||
$r = q("select id, aid, uid, hash, filename, filetype, filesize, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where channel_id = %d $sql_extra $orderby $limit",
|
||||
intval($channel_id)
|
||||
);
|
||||
|
||||
$ret['success'] = ((is_array($r)) ? true : false);
|
||||
$ret['results'] = ((is_array($r)) ? $r : false);
|
||||
return $ret;
|
||||
|
||||
}
|
||||
|
||||
@ -94,7 +94,12 @@ CREATE TABLE IF NOT EXISTS `attach` (
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `aid` (`aid`),
|
||||
KEY `uid` (`uid`),
|
||||
KEY `hash` (`hash`)
|
||||
KEY `hash` (`hash`),
|
||||
KEY `filename` (`filename`),
|
||||
KEY `filetype` (`filetype`),
|
||||
KEY `filesize` (`filesize`),
|
||||
KEY `created` (`created`),
|
||||
KEY `edited` (`edited`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `auth_codes` (
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
define( 'UPDATE_VERSION' , 1022 );
|
||||
define( 'UPDATE_VERSION' , 1023 );
|
||||
|
||||
/**
|
||||
*
|
||||
@ -303,3 +303,9 @@ function update_r1021() {
|
||||
return UPDATE_FAILED;
|
||||
}
|
||||
|
||||
function update_r1022() {
|
||||
$r = q("alter table attach add index ( filename ), add index ( filetype ), add index ( filesize ), add index ( created ), add index ( edited ) ");
|
||||
if($r)
|
||||
return UPDATE_SUCCESS;
|
||||
return UPDATE_FAILED;
|
||||
}
|
||||
|
||||
@ -29,9 +29,7 @@ function wall_attach_post(&$a) {
|
||||
|
||||
$page_owner_uid = $channel['channel_id'];
|
||||
|
||||
$observer = $a->get_observer();
|
||||
|
||||
if(! perm_is_allowed($page_owner_uid,$observer['xchan_hash'],'write_storage')) {
|
||||
if(! perm_is_allowed($page_owner_uid,get_observer_hash(),'write_storage')) {
|
||||
notice( t('Permission denied.') . EOL);
|
||||
killme();
|
||||
}
|
||||
|
||||
@ -1 +1 @@
|
||||
2013-01-29.215
|
||||
2013-01-30.216
|
||||
|
||||
Reference in New Issue
Block a user