function add_permissions(&$attachments, $user, $article_id)
{
// Make sure we have a valid article ID
if ($article_id == null || $article_id == '' || !is_numeric($article_id)) {
$errmsg = JText::_('ERROR BAD ARTICLE ID');
JError::raiseError(500, $errmsg);
}
// If there are no attachments, don't do anything
if (count($attachments) == 0) {
return false;
}
// Get the component parameters
jimport('joomla.application.component.helper');
$params = JComponentHelper::getParams('com_attachments');
// Process each attachment
$logged_in = $user->get('username') != '';
$who_can_add = $params->get('who_can_add');
$some_visible = false;
for ($i = 0, $n = count($attachments); $i < $n; $i++) {
$attach =& $attachments[$i];
$attach->user_may_see = false;
$attach->user_may_modify = false;
// Determine if the user may modify this attachment
// (Nobody may modify attachments without being logged in)
if ($logged_in) {
$attach->user_may_modify = AttachmentsPermissions::user_may_modify_attachment($user, $attach, $article_id, $params);
}
// Determine if the user may see the attachment
$who_can_see = $params->get('who_can_see', 'logged_in');
if ($who_can_see == 'anyone' || $who_can_see == 'logged_in' && $logged_in) {
$attach->user_may_see = true;
$some_visible = true;
}
}
return $some_visible;
}
function update()
{
require_once JPATH_COMPONENT_SITE . DS . 'helper.php';
// Call with: index.php?option=com_attachments&task=update&id=1&tmpl=component
// or: component/attachments/update/id/1/tmpl/component
// Make sure we have a valid attachment ID
$id = JRequest::getVar('id');
if (is_numeric($id)) {
$id = intval($id);
} else {
$errmsg = JText::_('ERROR INVALID ATTACHMENT ID') . " ({$id})";
JError::raiseError(500, $errmsg);
exit;
}
// Get the attachment record
$attachment =& JTable::getInstance('attachments', 'Table');
if (!$attachment->load($id)) {
$errmsg = JText::_('ERROR CANNOT UPDATE ATTACHMENT INVALID ID') . " ({$id})";
JError::raiseError(500, $errmsg);
exit;
}
// Get the component parameters
jimport('joomla.application.component.helper');
$params = JComponentHelper::getParams('com_attachments');
// Verify that this user may add attachments to this article
$user =& JFactory::getUser();
$article_id = $attachment->article_id;
$article_title = AttachmentsHelper::get_article_title($article_id);
require_once JPATH_COMPONENT_SITE . DS . 'permissions.php';
if (!AttachmentsPermissions::user_may_modify_attachment($user, $attachment, $article_id, $params)) {
$errmsg = JText::_('ERROR NO PERMISSION TO UPLOAD');
JError::raiseError(500, $errmsg);
exit;
}
// Make sure the attachments directory exists
$upload_subdir = $params->get('attachments_subdir', 'attachments');
if ($upload_subdir == '') {
$upload_subdir = 'attachments';
}
$upload_dir = JPATH_BASE . DS . $upload_subdir;
$secure = $params->get('secure', false);
if (!AttachmentsHelper::setup_upload_directory($upload_dir, $secure)) {
$errmsg = JText::_('ERROR UNABLE TO SETUP UPLOAD DIR');
JError::raiseError(500, $errmsg);
}
// Set up the view
require_once JPATH_COMPONENT_SITE . DS . 'views' . DS . 'update' . DS . 'view.php';
$view = new AttachmentsViewUpdate();
$view->assign('update_file', JRequest::getVar('change', false));
$view->assign('save_url', "index.php?option=com_attachments&task=save&tmpl=component");
$view->assign('attachment_id', $id);
$view->assign('article_id', $article_id);
$view->assign('article_title', $article_title);
$view->assign('filename', $attachment->filename);
$view->assign('description', $attachment->description);
$view->assign('display_filename', $attachment->display_filename);
$view->assign('user_field_1', $attachment->user_field_1);
$view->assign('user_field_2', $attachment->user_field_2);
$view->assign('user_field_3', $attachment->user_field_3);
$view->assign('from', JRequest::getVar('from', 'closeme'));
$view->assign('Itemid', JRequest::getVar('Itemid', 1));
$view->assignRef('params', $params);
$view->display(null, false, false, false);
}
