Collections functions
Encryption functions
General functions
Theme permission functions
Resource functions

resource_download_allowed()

Parameters

ColumnTypeDefaultDescription
$resource
$size
$resource_type
$alternative -1

Location

include/resource_functions.php lines 4541 to 4618

Definition

 
function resource_download_allowed($resource,$size,$resource_type,$alternative=-1)
    {
    global 
$userref$usergroup$user_dl_limit$user_dl_days$noattach;
    
# For the given resource and size, can the current user download it?
    # resource type and access may already be available in the case of search, so pass them along to get_resource_access to avoid extra queries
    # $resource can be a resource-specific search result array.
    
$access=get_resource_access($resource);

    if (
checkperm('T' $resource_type "_" $size))
        {
        return 
false;
        }


    if (
checkperm('X' $resource_type "_" $size) && $alternative==-1)
        {
        
# Block access to this resource type / size? Not if an alternative file
        # Only if no specific user access override (i.e. they have successfully requested this size).
        
$usercustomaccess get_custom_access_user($resource,$userref);
        
$usergroupcustomaccess get_custom_access($resource,$usergroup);
        if ((
$usercustomaccess === false || !($usercustomaccess==='0')) && ($usergroupcustomaccess === false || !($usergroupcustomaccess==='0'))) {return false;}
        }
    
    if((
$size == "" || $size == "hpr" || getval("noattach","") == "")  && intval($user_dl_limit) > 0)
        {
        
$download_limit_check get_user_downloads($userref,$user_dl_days);
        if(
$download_limit_check >= $user_dl_limit)
            {
            return 
false;
            }
        }

    
# Full access
    
if ($access==0)
        {
        return 
true;
        }

    
# Special case for purchased downloads.
    
global $userref;
    if (isset(
$userref))
        {
        
$complete=sql_value("select cr.purchase_complete value from collection_resource cr join collection c on cr.collection=c.ref where c.user='$userref' and cr.resource='$resource' and cr.purchase_size='" escape_check($size) . "'",0);
        if (
$complete==1) {return true;}
        }

    
# Restricted
    
if(== $access)
        {
        
// The system should always allow these sizes to be downloaded as these are needed for search results and it makes
        // sense to allow them if a request for one of them is received. For example when $hide_real_filepath is enabled.
        // 'videojs' represents the preview loaded by videojs viewer.
        
$sizes_always_allowed = array('col''thm''pre''snapshot','videojs');

        if(
'' == $size)
            {
            
# Original file - access depends on the 'restricted_full_download' config setting.
            
global $restricted_full_download;
            return 
$restricted_full_download;
            }
        else if(
'' != $size && in_array($size$sizes_always_allowed))
            {
            return 
true;
            }
        else
            {
            
# Return the restricted access setting for this resource type.
            
return (sql_value("select allow_restricted value from preview_size where id='" escape_check($size) . "'",0)==1);
            }
        }

    
# Confidential
    
if ($access==2)
        {
        return 
false;
        }
    
    }

This article was last updated 10th July 2020 00:35 Europe/London time based on the source file dated 8th July 2020 11:40 Europe/London time.