aboutsummaryrefslogtreecommitdiffstats
path: root/mod/attach.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/attach.php')
-rw-r--r--mod/attach.php35
1 files changed, 9 insertions, 26 deletions
diff --git a/mod/attach.php b/mod/attach.php
index f300ec6fb..b94c02c19 100644
--- a/mod/attach.php
+++ b/mod/attach.php
@@ -1,42 +1,25 @@
<?php
require_once('include/security.php');
+require_once('include/attach.php');
function attach_init(&$a) {
- if(argc() != 2) {
+ if(argc() < 2) {
notice( t('Item not available.') . EOL);
return;
}
- $hash = argv(1);
+ $r = attach_by_hash(argv(1),((argc() > 2) ? intval(argv(2)) : 0));
- // Check for existence, which will also provide us the owner uid
-
- $r = q("SELECT * FROM `attach` WHERE `hash` = '%s' LIMIT 1",
- dbesc($hash)
- );
- if(! count($r)) {
- notice( t('Item was not found.'). EOL);
- return;
- }
-
- $sql_extra = permissions_sql($r[0]['uid']);
-
- // Now we'll see if we can access the attachment
-
- $r = q("SELECT * FROM `attach` WHERE hash = '%s' $sql_extra LIMIT 1",
- dbesc($hash)
- );
-
- if(! count($r)) {
- notice( t('Permission denied.') . EOL);
+ if(! $r['success']) {
+ notice( $r['message'] . EOL);
return;
}
- header('Content-type: ' . $r[0]['filetype']);
- header('Content-disposition: attachment; filename=' . $r[0]['filename']);
- echo $r[0]['data'];
+ header('Content-type: ' . $r['data']['filetype']);
+ header('Content-disposition: attachment; filename=' . $r['data']['filename']);
+ echo $r['data']['data'];
killme();
- // NOTREACHED
+
} \ No newline at end of file