fckeditor_file_download

Versions

6

fckeditor_file_download($file)

Implementation of hook_file_download(). Support for private downloads. FCKeditor does not implement any kind of potection on private files.

Code

contrib/fckeditor/fckeditor.module, line 377

<?php
function fckeditor_file_download($file) {
  if (($path = file_create_path($file))) {
    $result = db_query("SELECT f.* FROM {files} f WHERE filepath = '%s'", $path);
    if (db_fetch_object($result)) {
        return NULL;
    }

    //No info in DB? Probably a file uploaded with FCKeditor
    $global_profile = fckeditor_profile_load("FCKeditor Global Profile");

    //Assume that files inside of fckeditor directory belong to the FCKeditor. If private directory is set, let the decision about protection to the user.
    $private_dir = isset($global_profile->settings['private_dir']) ? trim($global_profile->settings['private_dir'], '\/') : '';
    $private_dir = preg_quote($private_dir, '#');
    $private_dir = strtr($private_dir, array('%u' => '(\d+)', '%n' => '([\x80-\xF7 \w@.-]+)')); // regex for %n taken from user_validate_name() in user.module
    $private_dir = trim($private_dir, '\/');

    $regex = '#^'. preg_quote(file_directory_path() .'/', '#') . $private_dir .'#';

    //If path to the file points to the FCKeditor private directory, allow downloading
    if (preg_match($regex, $path)) {
      $ctype = ($info = @getimagesize($path)) ? $info['mime'] : (function_exists('mime_content_type') ? mime_content_type($path) : 'application/x-download');
      return array('Content-Type: '. $ctype);
    }
  }
}
?>