Posted by Christefano on December 4, 2007 at 4:15am
Jump to:
| Project: | Private Upload |
| Version: | 6.x-1.0-rc3 |
| Component: | Code |
| Category: | feature request |
| Priority: | minor |
| Assigned: | Unassigned |
| Status: | active |
Issue Summary
While troubleshooting 197154 I noticed that Private Upload does not alter the "File attachments" fieldset added to comment forms by Comment Upload. Files are attached successfully but the user isn't presented the "private" checkbox to toggle public/private state of the attachment.
Comments
#1
#2
Changing from bug to feature request.
#3
+1
#4
+1 this would be an important addition to a great module. Thanks!
#5
Drupal 6:
I made all files attached to comments (Comment Upload module) private by using doing this:
function private_upload_file_download($file) {
$private_dir = variable_get('private_upload_path', 'private');
if (_private_upload_starts_with($file, $private_dir)) {
$filepath = file_create_path($file);
$result = db_query("SELECT DISTINCT(u.nid) FROM {upload} u INNER JOIN {files} f ON u.fid = f.fid ".
"WHERE f.filepath = '%s'", $filepath);
while ($row = db_fetch_array($result)) {
$node = node_load($row['nid']);
if (node_access('view', $node)) {
return; // Access is ok as far as we are concerned.
}
}
//new stuff is below: access not granted by node, let's see if it's attached to any comments on nodes the user has access to
if(function_exists("comment_upload_nodeapi")){
$result = db_query("SELECT DISTINCT(u.nid) FROM {comment_upload} u INNER JOIN {files} f ON u.fid = f.fid ".
"WHERE f.filepath = '%s'", $filepath);
while ($row = db_fetch_array($result)) {
$node = node_load($row['nid']);
if (node_access('view', $node)) {
return; // Access is ok as far as we are concerned.
}
}
}
return -1; // No nodes are granting access, so veto download.
}
}
and then added this hook in a custom module
//implementation of hook_comment
function mymodule_comment(&$a1, $op){
if($op == 'validate'){
//all this stuff is copied from private_upload_nodeapi() and $node replaced by $a1
if (is_array($a1["files"])) {
foreach ($a1["files"] as $fid => $file) {
$file = (object)$file; // Convert file to object for compatibility
$fid = $file->fid; // for the cases where we have temp fid for uploaded files
$success = FALSE;
$filepath = $file->filepath; // need copy if file_move fails.
// save original name
$filepath_orig = $filepath;
$public = file_directory_path();
$private_path = _private_upload_path(); // actual path of private files
$file_is_private = _private_upload_is_file_private($filepath);
if (!$file_is_private) {
// private flag is set, but file NOT yet listed as being in private repo,
// so try and move it from public area to private repo
if (file_move($filepath, $private_path, FILE_EXISTS_RENAME)) {
// check whether the file was renamed
if ($filepath_orig != $filepath) {
// update the filename in the object if so
$file->filename = basename($filepath);
$file->filepath = $filepath;
}
$success = TRUE;
}
else {
drupal_set_message( "Could not move the file ($file->filepath) to the private directory ($private_path).", 'error' );
}
}
if ($success) { // we were able to move the file, so update filepath in db.
_private_upload_update_filepath($file);
$row_count = db_affected_rows();
if ($row_count != 1) {
drupal_set_message( "Error: Unable to make uploaded file private! (". $row_count .")", 'error' );
}
}
} // Done with all the files.
}
}
}
NB this code assumes that comment files are always private, there is no option to have them public. If the node that the comment is in reply to is public then the attachment might be, I haven't tried that out though.
#6
Thanks, rimu. Your solution works great.