$invalidIDStr = translate('Invalid entry id XXX.'); if (empty($blid)) { $error = translate('Invalid blob id'); } else { $res = dbi_execute(Doc::getSQLForDocId($blid)); if (!$res) { $error = db_error(); } } if (empty($error)) { $row = dbi_fetch_row($res); if (!$row) { $error = str_replace('XXX', $blid, $invalidIDStr); } else { $doc = new Doc($row); $description = $doc->getDescription(); $filedata = $doc->getData(); $filename = $doc->getName(); $id = $doc->getId(); $mimetype = $doc->getMimeType(); $owner = $doc->getLogin(); $size = $doc->getSize(); $type = $doc->getType(); } dbi_free_result($res); } // Make sure this user is allowed to look at this file. // If the blob is associated with an event, then the user must be able // to view the event in order to access this file. // TODO: move all this code (and code in view_entry.php) to a common // function named can_view_event or something similar.