diff options
| author | Paolo T <tuscanhobbit@users.noreply.github.com> | 2013-10-11 00:24:25 -0700 |
|---|---|---|
| committer | Paolo T <tuscanhobbit@users.noreply.github.com> | 2013-10-11 00:24:25 -0700 |
| commit | 7a63d5e50b0ae16a38e673867abd6043d4becc07 (patch) | |
| tree | 6d174d12a0de707ed8f875801a8dbc0c35f70d3f /mod/filestorage.php | |
| parent | c2a88c3e4858e3eb2c553bdc775d2f684b0d46b4 (diff) | |
| parent | 89fc319c900873be58fa677707518646f6c79eec (diff) | |
| download | volse-hubzilla-7a63d5e50b0ae16a38e673867abd6043d4becc07.tar.gz volse-hubzilla-7a63d5e50b0ae16a38e673867abd6043d4becc07.tar.bz2 volse-hubzilla-7a63d5e50b0ae16a38e673867abd6043d4becc07.zip | |
Merge pull request #2 from friendica/master
Upgraded to latest red
Diffstat (limited to 'mod/filestorage.php')
| -rw-r--r-- | mod/filestorage.php | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/mod/filestorage.php b/mod/filestorage.php new file mode 100644 index 000000000..5e1e61f42 --- /dev/null +++ b/mod/filestorage.php @@ -0,0 +1,90 @@ +<?php + +function filestorage_content(&$a) { + + if(argc() > 1) + $which = argv(1); + else { + notice( t('Requested profile is not available.') . EOL ); + $a->error = 404; + return; + } + + $r = q("select channel_id from channel where channel_address = '%s'", + dbesc($which) + ); + if($r) { + $owner = intval($r[0]['channel_id']); + } + + $observer = $a->get_observer(); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + $perms = get_all_perms($owner,$ob_hash); + + if(! $perms['view_storage']) { + notice( t('Permission denied.') . EOL); + return; + } + +// Since we have ACL'd files in the wild, but don't have ACL here yet, we +// need to return for anoyne other than the owner, despite the perms check for now. + + $is_owner = (((local_user()) && ($owner == local_user())) ? true : false); + if (! $is_owner) { + info( t('Permission Denied.') . EOL ); + return; + } + +// TODO This will also need to check for files on disk and delete them from there as well as the DB. + if ((argc() > 3 && argv(3) === 'delete') ? true : false);{ + if(! $perms['write_storage']) { + notice( t('Permission denied. VS.') . EOL); + return; + } + + $file = argv(2); + $r = q("delete from attach where id = '%s' and uid = '%s' limit 1", + dbesc($file), + intval($owner) + ); + + + } + + +$r = q("select * from attach where uid = %d order by filename asc", + intval($owner) +); + + $files = null; + + if($r) { + $files = array(); + foreach($r as $rr) { + $files[$rr['id']][] = array('id' => $rr['id'],'download' => $rr['hash'], 'title' => $rr['filename'], 'size' => $rr['filesize']); + } + } + + + $limit = service_class_fetch ($owner,'attach_upload_limit'); + $r = q("select sum(filesize) as total from attach where uid = %d ", + intval($owner) + ); + $used = $r[0]['total']; + + $url = z_root() . "/filestorage/" . $which; + return $o . replace_macros(get_markup_template("filestorage.tpl"), array( + '$baseurl' => $url, + '$download' => t('Download'), + '$files' => $files, + '$channel' => $which, + '$delete' => t('Delete'), + '$used' => $used, + '$usedlabel' => t('Used: '), + '$limit' => $limit, + '$limitlabel' => t('Limit: '), + )); + + +} |