Collections functions
Encryption functions
General functions
Render functions
Theme permission functions
Video functions
Resource functions

resource_download_allowed()

Description

For the given resource and size, can the current user download it?
resource type and access may already be available in the case of search, so pass them along to get_resource_access to avoid extra queries
$resource can be a resource-specific search result array.

Parameters

ColumnTypeDefaultDescription
$resource int ID of resource
$size string ID of size
$resource_type int ID of resource type
$alternative int -1 Use alternative?

Return

boolean

Location

include/resource_functions.php lines 4961 to 5034

Definition

 
function resource_download_allowed($resource,$size,$resource_type,$alternative=-1)
    {
    global 
$userref$usergroup$user_dl_limit$user_dl_days$noattach;
    
$access=get_resource_access($resource);

    if (
checkperm('T' $resource_type "_" $size))
        {
        return 
false;
        }

    if (
checkperm('X' $resource_type "_" $size) && $alternative==-1)
        {
        
# Block access to this resource type / size? Not if an alternative file
        # Only if no specific user access override (i.e. they have successfully requested this size).
        
$usercustomaccess get_custom_access_user($resource,$userref);
        
$usergroupcustomaccess get_custom_access($resource,$usergroup);
        if ((
$usercustomaccess === false || !($usercustomaccess==='0')) && ($usergroupcustomaccess === false || !($usergroupcustomaccess==='0'))) {return false;}
        }
    
    if((
$size == "" || $size == "hpr" || getval("noattach","") == "")  && intval($user_dl_limit) > 0)
        {
        
$download_limit_check get_user_downloads($userref,$user_dl_days);
        if(
$download_limit_check >= $user_dl_limit)
            {
            return 
false;
            }
        }

    
# Full access
    
if ($access==0)
        {
        return 
true;
        }

    
# Special case for purchased downloads.
    
global $userref;
    if (isset(
$userref))
        {
        
$complete=sql_value("select cr.purchase_complete value from collection_resource cr join collection c on cr.collection=c.ref where c.user='$userref' and cr.resource='$resource' and cr.purchase_size='" escape_check($size) . "'",0);
        if (
$complete==1) {return true;}
        }

    
# Restricted
    
if(== $access)
        {
        
// The system should always allow these sizes to be downloaded as these are needed for search results and it makes
        // sense to allow them if a request for one of them is received. For example when $hide_real_filepath is enabled.
        // 'videojs' represents the preview loaded by videojs viewer.
        
$sizes_always_allowed = array('col''thm''pre''snapshot','videojs');

        if(
'' == $size)
            {
            
# Original file - access depends on the 'restricted_full_download' config setting.
            
global $restricted_full_download;
            return 
$restricted_full_download;
            }
        else if(
'' != $size && in_array($size$sizes_always_allowed))
            {
            return 
true;
            }
        else
            {
            
# Return the restricted access setting for this resource type.
            
return (sql_value("select allow_restricted value from preview_size where id='" escape_check($size) . "'",0)==1);
            }
        }

    
# Confidential
    
if ($access==2)
        {
        return 
false;
        }
    
    }

This article was last updated 23rd November 2020 18:35 Europe/London time based on the source file dated 13th November 2020 16:50 Europe/London time.