=== modified file 'includes/common.inc'
--- includes/common.inc 2007-08-12 15:55:35 +0000
+++ includes/common.inc 2007-08-15 20:49:25 +0000
@@ -1592,7 +1592,7 @@ function drupal_build_css_cache($types,
$data = '';
// Create the css/ within the files folder.
- $csspath = file_create_path('css');
+ $csspath = _file_create_path('css', FILE_DOWNLOADS_PUBLIC);
file_check_directory($csspath, FILE_CREATE_DIRECTORY);
if (!file_exists($csspath .'/'. $filename)) {
@@ -1636,7 +1636,7 @@ function drupal_build_css_cache($types,
* Delete all cached CSS files.
*/
function drupal_clear_css_cache() {
- file_scan_directory(file_create_path('css'), '.*', array('.', '..', 'CVS'), 'file_delete', TRUE);
+ file_scan_directory(_file_create_path('css', FILE_DOWNLOADS_PUBLIC), '.*', array('.', '..', 'CVS'), 'file_delete', TRUE);
}
/**
@@ -1830,7 +1830,7 @@ function drupal_build_js_cache($files, $
$contents = '';
// Create the js/ within the files folder.
- $jspath = file_create_path('js');
+ $jspath = _file_create_path('js', FILE_DOWNLOADS_PUBLIC);
file_check_directory($jspath, FILE_CREATE_DIRECTORY);
if (!file_exists($jspath .'/'. $filename)) {
@@ -2077,7 +2077,7 @@ function _packer_backreferences($match,
* Delete all cached JS files.
*/
function drupal_clear_js_cache() {
- file_scan_directory(file_create_path('js'), '.*', array('.', '..', 'CVS'), 'file_delete', TRUE);
+ file_scan_directory(_file_create_path('js', FILE_DOWNLOADS_PUBLIC), '.*', array('.', '..', 'CVS'), 'file_delete', TRUE);
variable_set('javascript_parsed', array());
}
=== modified file 'includes/file.inc'
--- includes/file.inc 2007-07-25 17:41:27 +0000
+++ includes/file.inc 2007-08-15 21:20:37 +0000
@@ -12,8 +12,8 @@
* Common file handling functions.
*/
-define('FILE_DOWNLOADS_PUBLIC', 1);
-define('FILE_DOWNLOADS_PRIVATE', 2);
+define('FILE_DOWNLOADS_PUBLIC', 0);
+define('FILE_DOWNLOADS_PRIVATE', 1);
define('FILE_CREATE_DIRECTORY', 1);
define('FILE_MODIFY_PERMISSIONS', 2);
define('FILE_EXISTS_RENAME', 0);
@@ -32,40 +32,122 @@ define('FILE_EXISTS_ERROR', 2);
define('FILE_STATUS_TEMPORARY', 0);
define('FILE_STATUS_PERMANENT', 1);
+
+/**
+ * Create download path to a file.
+ *
+ * Unlike _file_create_url this takes a file object as input rather than a path.
+ *
+ * @param &$file A file object.
+ * @return A string containing the path to the desired file
+ */
+function file_create_url(&$file) {
+ // Avoid duplication with _file_create_url
+ if (!isset($file->private)) {
+ $file->private = FILE_DOWNLOADS_PUBLIC;
+ }
+ return _file_create_url($file->filename, $file->private);
+}
+
+
/**
* Create the download path to a file.
*
* @param $path A string containing the path of the file to generate URL for.
+ * @param $private An integer indicated whether the file is public (0) or private (1).
* @return A string containing a URL that can be used to download the file.
*/
-function file_create_url($path) {
+function _file_create_url($path, $private = FILE_DOWNLOADS_PUBLIC) {
// Strip file_directory_path from $path. We only include relative paths in urls.
if (strpos($path, file_directory_path() .'/') === 0) {
$path = trim(substr($path, strlen(file_directory_path())), '\\/');
}
- switch (variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC)) {
- case FILE_DOWNLOADS_PUBLIC:
- return $GLOBALS['base_url'] .'/'. file_directory_path() .'/'. str_replace('\\', '/', $path);
- case FILE_DOWNLOADS_PRIVATE:
- return url('system/files/'. $path, array('absolute' => TRUE));
+
+ // Check if the file is private
+ if ( $private ) {
+ // If it is private return a private file path
+ return url('system/files/'. $path, array('absolute' => TRUE)); // TODO: this will need to be changed when private.php is implemented
+ }
+ else {
+ // Otherwise return a public file path
+ return $GLOBALS['base_url'] .'/'. file_directory_path() .'/'. str_replace('\\', '/', $path);
}
}
+
+/**
+ * Make sure the destination is a complete path and resides in the file system
+ * directory, if it is not prepend the file system directory.
+ *
+ * Unlike _file_create_path this function takes a file object as input rather than a path.
+ *
+ * @param $file A file object containing the path to verify and the public/private
+ * status of the file.
+ * @return A string containing the path to file, with file system directory
+ * appended if necessary, or FALSE if the path is invalid (i.e. outside the
+ * configured 'files' or temp directories).
+ */
+function file_create_path(&$file) {
+
+
+ /*
+ * Note by Kyle C
+ *
+ * This should probably be updated to have better logic. Something along the lines
+ * of if private isn't set then we should query the database.
+ */
+ if ( !isset($file->private) ) {
+ $file->private = FILE_DOWNLOADS_PUBLIC;
+ }
+
+ // Avoiding Duplication with _file_create_path
+ return _file_create_path($file->filename, $file->private);
+}
+
/**
* Make sure the destination is a complete path and resides in the file system
* directory, if it is not prepend the file system directory.
*
* @param $dest A string containing the path to verify. If this value is
* omitted, Drupal's 'files' directory will be used.
+ * @param $private An integer containg 0 if the public file path
+ * should be checked or a 1 if the private file path should be checked.
+ * This should be omitted if it isn't known whether a file will reside
+ * in the public or private file path.
* @return A string containing the path to file, with file system directory
* appended if necessary, or FALSE if the path is invalid (i.e. outside the
* configured 'files' or temp directories).
*/
-function file_create_path($dest = 0) {
- $file_path = file_directory_path();
+function _file_create_path($dest = 0, $private = NULL) {
+
+ /*
+ A small performance hit will be necessary in some cases because it won't
+ be clear from the calling function whether a file will be residing in
+ the public or private file path. So in that case we query the database
+ to determine if the file is public or private.
+ */
+ if ($private == NULL) {
+
+ $result = db_query("SELECT private,status FROM {files} WHERE filepath='%s'",$dest);
+ while($file = db_fetch_object($result) ) {
+ $private = $file->private;
+ }
+
+ }
+
+ // If private look in private files directory otherwise look in public files directory
+ if ($private == FILE_DOWNLOADS_PRIVATE) {
+ $file_path = file_directory_private_path();
+ }
+ else {
+ $file_path = file_directory_path();
+ }
+
+ // Return file_directory_path if $dest is not supplied
if (!$dest) {
return $file_path;
}
+
// file_check_location() checks whether the destination is inside the Drupal files directory.
if (file_check_location($dest, $file_path)) {
return $dest;
@@ -211,11 +293,15 @@ function file_check_location($source, $d
* - FILE_EXISTS_REPLACE - Replace the existing file
* - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique
* - FILE_EXISTS_ERROR - Do nothing and return FALSE.
- * @return True for success, FALSE for failure.
+ * @param $private An integer indicating whether the file should be copied to Drupal's
+ * public or private file path.
+ * FILE_DOWNLOADS_PUBLIC - The public file path should be used.
+ * FILE_DOWNLOADS_PRIVATE - The private file path should be used.
+ * @return TRUE for success, FALSE for failure.
*/
-function file_copy(&$source, $dest = 0, $replace = FILE_EXISTS_RENAME) {
- $dest = file_create_path($dest);
-
+function file_copy(&$source, $dest = 0, $replace = FILE_EXISTS_RENAME, $private = FILE_DOWNLOADS_PUBLIC) {
+
+ $dest = _file_create_path($dest, $private);
$directory = $dest;
$basename = file_check_path($directory);
@@ -289,7 +375,7 @@ function file_copy(&$source, $dest = 0,
* - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is
* unique
* - FILE_EXISTS_ERROR - Do nothing and return FALSE.
- * @return The destination file path or FALSE if the file already exists and
+ * @return The destination file path or FALSE if the file already exists or
* FILE_EXISTS_ERROR was specified.
*/
function file_destination($destination, $replace) {
@@ -325,12 +411,16 @@ function file_destination($destination,
* - FILE_EXISTS_REPLACE - Replace the existing file
* - FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is unique
* - FILE_EXISTS_ERROR - Do nothing and return FALSE.
+ * @param $private An integer indicating whether the file should be moved to Drupal's
+ * public or private file path.
+ * - FILE_DOWNLOADS_PUBLIC - The public file path should be used.
+ * - FILE_DOWNLOADS_PRIAVTE - The private file path should be used.
* @return True for success, FALSE for failure.
*/
-function file_move(&$source, $dest = 0, $replace = FILE_EXISTS_RENAME) {
+function file_move(&$source, $dest = 0, $replace = FILE_EXISTS_RENAME, $private = FILE_DOWNLOADS_PUBLIC) {
$path_original = is_object($source) ? $source->filepath : $source;
- if (file_copy($source, $dest, $replace)) {
+ if (file_copy($source, $dest, $replace, $private)) {
$path_current = is_object($source) ? $source->filepath : $source;
if ($path_original == $path_current || file_delete($path_original)) {
@@ -413,6 +503,7 @@ function file_create_filename($basename,
}
else {
$name = $basename;
+ $ext = "";
}
$counter = 0;
@@ -538,7 +629,7 @@ function file_save_upload($source, $vali
// Create temporary name/path for newly uploaded files.
if (!$dest) {
- $dest = file_destination(file_create_path($file->filename), FILE_EXISTS_RENAME);
+ $dest = file_destination(file_create_path($file), FILE_EXISTS_RENAME);
}
$file->source = $source;
$file->destination = $dest;
@@ -797,7 +888,7 @@ function file_transfer($source, $headers
drupal_set_header($header);
}
- $source = file_create_path($source);
+ $source = _file_create_path($source, FILE_DOWNLOADS_PRIVATE);
// Transfer file in 1024 byte chunks to save memory usage.
if ($fd = fopen($source, 'rb')) {
@@ -829,7 +920,7 @@ function file_download() {
$filepath = $_GET['file'];
}
- if (file_exists(file_create_path($filepath))) {
+ if (file_exists(_file_create_path($filepath,0))) {
$headers = module_invoke_all('file_download', $filepath);
if (in_array(-1, $headers)) {
return drupal_access_denied();
@@ -956,6 +1047,15 @@ function file_directory_path() {
}
/**
+ * Determine the default 'private-files' directory
+ *
+ * @return A string containing the path to Drupal's private-files directory.
+ */
+function file_directory_private_path() {
+ return variable_get('file_private_path','private-files');
+}
+
+/**
* Determine the maximum file upload size by querying the PHP settings.
*
* @return
@@ -972,3 +1072,70 @@ function file_upload_max_size() {
}
return $max_size;
}
+
+
+/**
+ * Set file accessibility in Drupal's database and update file path accordingly.
+ *
+ * @param A file object that has had its "private" variable updated to
+ * indicate whether the file should be public or private.
+ * - To have the file be privately accessible the "private" field should be set to FILE_DOWNLOADS_PRIVATE.
+ * . - To have the file be publicly accessible the "private" field should be set to FILE_DOWNLOADS_PUBLC.
+ * @return A boolean with TRUE if the operation was successful and FALSE if the operation failed.
+ */
+function file_set_private(&$file) {
+
+ // Make sure private member is set
+ if ( !isset($file->private) ) {
+ $file->private = FILE_DOWNLOADS_PUBLIC;
+ }
+
+ // If file is private we check the private directory to make sure it is writable, if not the directory is created
+ if( $file->private && file_check_directory( file_directory_private_path(), FILE_CREATE_DIRECTORY) ) {
+
+ // Move file to private path
+ if( file_move($file, file_directory_private_path(), FILE_EXISTS_RENAME, FILE_DOWNLOADS_PRIVATE) ) {
+ $result = db_query ('UPDATE {files} SET private=\'%d\', filepath=\'%s\' WHERE filename=\'%s\'',$file->private, $file->filepath, $file->filename);
+ return TRUE;
+ }
+ else {
+ drupal_set_message ('The chosen file could not be moved to the private path.','error');
+ return FALSE;
+ }
+ }
+ else if( $file->private ) {
+ drupal_set_message ('The chosen private path is not writable or cannot be created, please choose another.','error');
+ return FALSE;
+ }
+
+
+ // If this point has be reached the file is public
+ if( file_check_directory( file_directory_path(), FILE_CREATE_DIRECTORY) ) {
+
+ if( file_move( $file->filepath, file_directory_path(), FILE_EXISTS_RENAME, FILE_DOWNLOADS_PUBLIC ) ){
+ $result = db_query('UPDATE {files} SET private=\'%d\', filepath=\'%s\' WHERE filename=\'%s\'',$file->private, $file->filepath, $file->filename);
+ return TRUE;
+ }
+ else {
+ drupal_set_message('The chosen file could not be moved to the public path', 'error');
+ }
+ }
+
+ return FALSE;
+}
+
+
+/**
+* Quick and dirty debugging of an arbitrary number of variables.
+*/
+function file_debug() {
+
+ for($i = 0; $i < func_num_args(); $i++) {
+
+ $string = ''.print_r( func_get_arg($i) , TRUE).'
';
+ $string = nl2br($string);
+ drupal_set_message($string, 'error');
+ $string = '';
+
+ }
+}
=== modified file 'includes/locale.inc'
--- includes/locale.inc 2007-08-12 15:55:35 +0000
+++ includes/locale.inc 2007-08-15 22:15:48 +0000
@@ -1624,7 +1624,7 @@ function _locale_update_js_files() {
// Add the translation JavaScript file to the page.
if ($files && !empty($language->javascript)) {
- drupal_add_js(file_create_path(variable_get('locale_js_directory', 'languages') .'/'. $language->language .'_'. $language->javascript .'.js'), 'core');
+ drupal_add_js(_file_create_path(variable_get('locale_js_directory', 'languages') .'/'. $language->language .'_'. $language->javascript .'.js', FILE_DOWNLOADS_PUBLIC), 'core');
}
}
@@ -2086,14 +2086,14 @@ function _locale_rebuild_js($langcode =
// Construct the directory where JS translation files are stored.
// There is (on purpose) no front end to edit that variable.
- $dir = file_create_path(variable_get('locale_js_directory', 'languages'));
+ $dir = _file_create_path(variable_get('locale_js_directory', 'languages'), FILE_DOWNLOADS_PUBLIC);
// Only create a new file if the content has changed.
$data_hash = md5($data);
if ($language->javascript != $data_hash) {
if (!empty($language->javascript)) {
// We are recreating the new file, so delete the old one.
- file_delete(file_create_path($dir .'/'. $language->language .'_'. $language->javascript .'.js'));
+ file_delete(_file_create_path($dir .'/'. $language->language .'_'. $language->javascript .'.js', FILE_DOWNLOADS_PUBLIC));
$language->javascript = '';
}
else {
@@ -2141,7 +2141,7 @@ function _locale_rebuild_js($langcode =
// delete it and reset the database.
elseif (!empty($language->javascript)) {
// Delete the old JavaScript file
- file_delete(file_create_path(variable_get('locale_js_directory', 'languages') .'/'. $language->language .'_'. $language->javascript .'.js'));
+ file_delete(_file_create_path(variable_get('locale_js_directory', 'languages') .'/'. $language->language .'_'. $language->javascript .'.js', FILE_DOWNLOADS_PUBLIC));
db_query("UPDATE {languages} SET javascript = '' WHERE language = '%s'", $language->language);
watchdog('locale', 'Deleted JavaScript translation file for the locale %language.', array('%language' => t($language->name)));
}
=== modified file 'modules/blogapi/blogapi.module'
--- modules/blogapi/blogapi.module 2007-06-30 19:46:54 +0000
+++ modules/blogapi/blogapi.module 2007-08-15 20:49:25 +0000
@@ -367,7 +367,7 @@ function blogapi_metaweblog_new_media_ob
}
// Return the successful result.
- return array('url' => file_create_url($file), 'struct');
+ return array('url' => _file_create_url($file, FILE_DOWNLOADS_PUBLIC), 'struct');
}
/**
* Blogging API callback. Returns a list of the taxonomy terms that can be
=== modified file 'modules/locale/locale.install'
--- modules/locale/locale.install 2007-06-17 17:41:40 +0000
+++ modules/locale/locale.install 2007-08-15 20:49:25 +0000
@@ -121,7 +121,7 @@ function locale_uninstall() {
$files = db_query('SELECT javascript FROM {languages}');
while ($file = db_fetch_object($files)) {
if (!empty($file)) {
- file_delete(file_create_path($file->javascript));
+ file_delete(file_create_path($file));
}
}
=== modified file 'modules/system/system.module'
--- modules/system/system.module 2007-08-12 15:55:35 +0000
+++ modules/system/system.module 2007-08-15 20:49:25 +0000
@@ -753,13 +753,22 @@ function system_file_system_settings() {
$form['file_directory_path'] = array(
'#type' => 'textfield',
- '#title' => t('File system path'),
+ '#title' => t('Public file path'),
'#default_value' => file_directory_path(),
'#maxlength' => 255,
- '#description' => t('A file system path where the files will be stored. This directory has to exist and be writable by Drupal. If the download method is set to public this directory has to be relative to the Drupal installation directory, and be accessible over the web. When download method is set to private this directory should not be accessible over the web. Changing this location after the site has been in use will cause problems so only change this setting on an existing site if you know what you are doing.'),
+ '#description' => t('A file system path where public files will be stored. This directory has to exist and be writable by Drupal. Changing this location after the site has been in use will cause problems so only change this setting on an existing site if you know what you are doing.'),
'#after_build' => array('system_check_directory'),
);
+ $form['file_private_path'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Private file path'),
+ '#default_value' => file_directory_private_path(),
+ '#maxlength' => 255,
+ '#description' => t('A file system path where priavte files will be stored. This directory has to exist and be writable by Drupal. Changing this location after the site has been in use will cause problems so only change this setting on an existing site if you know what you are doing.'),
+ '#after_build' => array('system_check_directory'),
+ );
+
$form['file_directory_temp'] = array(
'#type' => 'textfield',
'#title' => t('Temporary directory'),
@@ -771,10 +780,12 @@ function system_file_system_settings() {
$form['file_downloads'] = array(
'#type' => 'radios',
- '#title' => t('Download method'),
+ '#title' => t('Download method default'),
'#default_value' => variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC),
'#options' => array(FILE_DOWNLOADS_PUBLIC => t('Public - files are available using HTTP directly.'), FILE_DOWNLOADS_PRIVATE => t('Private - files are transferred by Drupal.')),
- '#description' => t('If you want any sort of access control on the downloading of files, this needs to be set to private. You can change this at any time, however all download URLs will change and there may be unexpected problems so it is not recommended.')
+ '#description' => t('This determines Drupal\'s default download method. Private files will
+ have node access restrictions placed on them. Public Files will be available for download
+ by anyone.')
);
return system_settings_form($form);
=== modified file 'modules/system/system.schema'
--- modules/system/system.schema 2007-08-11 14:06:14 +0000
+++ modules/system/system.schema 2007-08-15 20:49:25 +0000
@@ -39,6 +39,7 @@ function system_schema() {
'filemime' => array('type' => 'varchar', 'length' => 255, 'not null' => TRUE, 'default' => ''),
'filesize' => array('type' => 'int', 'unsigned' => TRUE, 'not null' => TRUE, 'default' => 0),
'status' => array('type' => 'int', 'not null' => TRUE, 'default' => 0),
+ 'private' => array('type' => 'int', 'not null' => TRUE, 'default' => 0),
'timestamp' => array('type' => 'int', 'unsigned' => TRUE, 'not null' => TRUE, 'default' => 0),
),
'indexes' => array(
=== modified file 'modules/upload/upload.admin.inc'
--- modules/upload/upload.admin.inc 2007-08-07 08:39:35 +0000
+++ modules/upload/upload.admin.inc 2007-08-15 21:05:46 +0000
@@ -80,6 +80,14 @@ function upload_admin_settings() {
'#options' => array(0 => t('No'), 1 => t('Yes')),
'#description' => t('Set whether files attached to nodes are listed or not in the node view by default.'),
);
+
+ $form['settings_general']['upload_private_default'] = array(
+ '#type' => 'radios',
+ '#title' => t('Upload access default'),
+ '#default_value' => variable_get('upload_private_default', FILE_DOWNLOADS_PUBLIC),
+ '#options' => array(FILE_DOWNLOADS_PUBLIC => t('Public - files are available using HTTP directly.'), FILE_DOWNLOADS_PRIVATE => t('Private - files are transferred by Drupal.')),
+ '#description' => t('This determines whether file uploads will be publicly or privately accessible by default'),
+ );
$form['settings_general']['upload_extensions_default'] = array(
'#type' => 'textfield',
=== modified file 'modules/upload/upload.module'
--- modules/upload/upload.module 2007-08-09 11:00:58 +0000
+++ modules/upload/upload.module 2007-08-15 21:06:42 +0000
@@ -148,7 +148,7 @@ function upload_file_download($file) {
if (!user_access('view uploaded files')) {
return -1;
}
- $file = file_create_path($file);
+ $file = _file_create_path($file, FILE_DOWNLOADS_PRIVATE);
$result = db_query("SELECT f.* FROM {files} f INNER JOIN {upload} u ON f.fid = u.fid WHERE filepath = '%s'", $file);
if ($file = db_fetch_object($result)) {
return array(
@@ -192,6 +192,7 @@ function _upload_prepare(&$node) {
// Save new file uploads.
if (($user->uid != 1 || user_access('upload files')) && ($file = file_save_upload('upload', $validators))) {
+ $file->private = variable_get('upload_private_default', FILE_DOWNLOADS_PUBLIC);
$file->list = variable_get('upload_list_default',1);
$file->description = $file->filename;
$_SESSION['upload_current_file'] = $file->fid;
@@ -204,10 +205,12 @@ function _upload_prepare(&$node) {
$node->files[$fid] = $file;
}
}
+
}
function upload_form_alter(&$form, $form_state, $form_id) {
if ($form_id == 'node_type_form' && isset($form['identity']['type'])) {
+ $form['#cache'] = FALSE;
$form['workflow']['upload'] = array(
'#type' => 'radios',
'#title' => t('Attachments'),
@@ -326,7 +329,7 @@ function upload_nodeapi(&$node, $op, $te
array(
'key' => 'enclosure',
'attributes' => array(
- 'url' => file_create_url($file->filepath),
+ 'url' => file_create_url($file),
'length' => $file->filesize,
'type' => $file->filemime
)
@@ -347,7 +350,7 @@ function theme_upload_attachments($files
foreach ($files as $file) {
$file = (object)$file;
if ($file->list && empty($file->remove)) {
- $href = file_create_url($file->filepath);
+ $href = file_create_url($file);
$text = $file->description ? $file->description : $file->filename;
$rows[] = array(l($text, $href), format_size($file->filesize));
}
@@ -403,11 +406,13 @@ function upload_save(&$node) {
if (!empty($node->old_vid) || array_key_exists($fid, $_SESSION['upload_files'])) {
db_query("INSERT INTO {upload} (fid, nid, vid, list, description) VALUES (%d, %d, %d, %d, '%s')", $file->fid, $node->nid, $node->vid, $file->list, $file->description);
file_set_status($file, FILE_STATUS_PERMANENT);
+ file_set_private($file);
}
// Update existing revision.
else {
db_query("UPDATE {upload} SET list = %d, description = '%s' WHERE fid = %d AND vid = %d", $file->list, $file->description, $file->fid, $node->vid);
file_set_status($file, FILE_STATUS_PERMANENT);
+ file_set_private($file);
}
}
// Empty the session storage after save. We use this variable to track files
@@ -459,10 +464,11 @@ function _upload_form($node) {
$form['files']['#theme'] = 'upload_form_current';
$form['files']['#tree'] = TRUE;
foreach ($node->files as $key => $file) {
- $description = file_create_url($file->filepath);
+ $description = file_create_url($file);
$description = "". check_plain($description) ."";
$form['files'][$key]['description'] = array('#type' => 'textfield', '#default_value' => !empty($file->description) ? $file->description : $file->filename, '#maxlength' => 256, '#description' => $description );
$form['files'][$key]['size'] = array('#value' => format_size($file->filesize));
+ $form['files'][$key]['private'] = array('#type' => 'radios', '#options' => array(FILE_DOWNLOADS_PUBLIC => 'Public', FILE_DOWNLOADS_PRIVATE => 'Private'), '#default_value' => $file->private );
$form['files'][$key]['remove'] = array('#type' => 'checkbox', '#default_value' => !empty($file->remove));
$form['files'][$key]['list'] = array('#type' => 'checkbox', '#default_value' => $file->list);
// If the file was uploaded this page request, set value. this fixes the
@@ -506,12 +512,13 @@ function _upload_form($node) {
* Theme the attachments list.
*/
function theme_upload_form_current(&$form) {
- $header = array(t('Delete'), t('List'), t('Description'), t('Size'));
+ $header = array(t('Delete'), t('List'),t('Access'), t('Description'), t('Size'));
foreach (element_children($form) as $key) {
$row = array();
$row[] = drupal_render($form[$key]['remove']);
$row[] = drupal_render($form[$key]['list']);
+ $row[] = drupal_render($form[$key]['private']);
$row[] = drupal_render($form[$key]['description']);
$row[] = drupal_render($form[$key]['size']);
$rows[] = $row;
@@ -581,4 +588,4 @@ function upload_js() {
// the header output by drupal_json() causes problems in some browsers.
print drupal_to_js(array('status' => TRUE, 'data' => $output));
exit;
-}
+}
\ No newline at end of file
=== modified file 'modules/user/user.module'
--- modules/user/user.module 2007-08-12 19:25:57 +0000
+++ modules/user/user.module 2007-08-15 20:49:25 +0000
@@ -499,7 +499,7 @@ function user_perm() {
*/
function user_file_download($file) {
if (strpos($file, variable_get('user_picture_path', 'pictures') .'/picture-') === 0) {
- $info = image_get_info(file_create_path($file));
+ $info = image_get_info(_file_create_path($file, FILE_DOWNLOADS_PRIVATE));
return array('Content-type: '. $info['mime_type']);
}
}
@@ -745,7 +745,7 @@ function template_preprocess_user_pictur
if (variable_get('user_pictures', 0)) {
$account = $variables['account'];
if (!empty($account->picture) && file_exists($account->picture)) {
- $picture = file_create_url($account->picture);
+ $picture = _file_create_url($account->picture, FILE_DOWNLOADS_PUBLIC);
}
else if (variable_get('user_picture_default', '')) {
$picture = variable_get('user_picture_default', '');
@@ -2794,7 +2794,7 @@ function user_admin_settings() {
// If picture support is enabled, check whether the picture directory exists:
if (variable_get('user_pictures', 0)) {
- $picture_path = file_create_path(variable_get('user_picture_path', 'pictures'));
+ $picture_path = _file_create_path(variable_get('user_picture_path', 'pictures'), FILE_DOWNLOADS_PUBLIC);
file_check_directory($picture_path, 1, 'user_picture_path');
}