/**
* @brief Find an attachment by hash and revision.
*
* Returns the entire attach structure excluding data.
*
* @see attach_by_hash()
* @param $hash
* @param $rev revision default 0
* @return associative array with everything except data
* * \e boolean \b success boolean true or false
* * \e string \b message (optional) only when success is false
* * \e array \b data array of attach DB entry without data component
*/
function attach_by_hash_nodata($hash, $rev = 0)
{
$ret = array('success' => false);
// Check for existence, which will also provide us the owner uid
$sql_extra = '';
if ($rev == -1) {
$sql_extra = " order by revision desc ";
} elseif ($rev) {
$sql_extra = " and revision = " . intval($rev) . " ";
}
$r = q("SELECT uid FROM attach WHERE hash = '%s' {$sql_extra} LIMIT 1", dbesc($hash));
if (!$r) {
$ret['message'] = t('Item was not found.');
return $ret;
}
if (!perm_is_allowed($r[0]['uid'], get_observer_hash(), 'view_storage')) {
$ret['message'] = t('Permission denied.');
return $ret;
}
$sql_extra = permissions_sql($r[0]['uid']);
// Now we'll see if we can access the attachment
$r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' {$sql_extra} limit 1", intval($r[0]['uid']), dbesc($hash));
if (!$r) {
$ret['message'] = t('Permission denied.');
return $ret;
}
if ($r[0]['folder']) {
$x = attach_can_view_folder($r[0]['uid'], get_observer_hash(), $r[0]['folder']);
if (!$x) {
$ret['message'] = t('Permission denied.');
return $ret;
}
}
$ret['success'] = true;
$ret['data'] = $r[0];
return $ret;
}
function widget_album($args)
{
$owner_uid = get_app()->profile_uid;
$sql_extra = permissions_sql($owner_uid);
if (!perm_is_allowed($owner_uid, get_observer_hash(), 'view_storage')) {
return '';
}
if ($args['album']) {
$album = $args['album'];
}
if ($args['title']) {
$title = $args['title'];
}
/**
* This may return incorrect permissions if you have multiple directories of the same name.
* It is a limitation of the photo table using a name for a photo album instead of a folder hash
*/
if ($album) {
$x = q("select hash from attach where filename = '%s' and uid = %d limit 1", dbesc($album), intval($owner_uid));
if ($x) {
$y = attach_can_view_folder($owner_uid, get_observer_hash(), $x[0]['hash']);
if (!$y) {
return '';
}
}
}
$order = 'DESC';
$r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.scale, p.description, p.created FROM photo p INNER JOIN\n\t\t(SELECT resource_id, max(scale) scale FROM photo WHERE uid = %d AND album = '%s' AND scale <= 4 AND photo_usage IN ( %d, %d ) {$sql_extra} GROUP BY resource_id) ph \n\t\tON (p.resource_id = ph.resource_id AND p.scale = ph.scale)\n\t\tORDER BY created {$order} ", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE));
//edit album name
$album_edit = null;
$photos = array();
if ($r) {
$twist = 'rotright';
foreach ($r as $rr) {
if ($twist == 'rotright') {
$twist = 'rotleft';
} else {
$twist = 'rotright';
}
$ext = $phototypes[$rr['type']];
$imgalt_e = $rr['filename'];
$desc_e = $rr['description'];
$imagelink = z_root() . '/photos/' . get_app()->profile['channel_address'] . '/image/' . $rr['resource_id'];
$photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $imagelink, 'title' => t('View Photo'), 'src' => z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['scale'] . '.' . $ext, 'alt' => $imgalt_e, 'desc' => $desc_e, 'ext' => $ext, 'hash' => $rr['resource_id'], 'unknown' => t('Unknown'));
}
}
$tpl = get_markup_template('photo_album.tpl');
$o .= replace_macros($tpl, array('$photos' => $photos, '$album' => $title ? $title : $album, '$album_id' => rand(), '$album_edit' => array(t('Edit Album'), $album_edit), '$can_post' => false, '$upload' => array(t('Upload'), z_root() . '/photos/' . get_app()->profile['channel_address'] . '/upload/' . bin2hex($album)), '$order' => false, '$upload_form' => $upload_form, '$usage' => $usage_message));
return $o;
}