Coding standards
Security in ResourceSpace
Developer reference
Database
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
Comment functions
Config functions
CSV export functions
Dash functions
Debug functions
Encryption functions
Facial recognition functions
File functions
General functions
Language functions
Log functions
Login functions
Message functions
Migration functions
Node functions
PDF functions
Plugin functions
Render functions
Reporting functions
Request functions
Research functions
Slideshow functions
Theme permission functions
User functions
Video functions
Database functions
Metadata functions
Resource functions
Search functions
Map functions
Job functions
Tab functions
Test functions

create_upload_link()

Description

Creates an upload link for a collection that can be shared

'usergroup' Usergroup id to share as (must be in $upload_link_usergroups array)
'expires' Expiration date in 'YYYY-MM-DD' format
'password' Optional password for share access
'emails' Optional array of email addresses to generate keys for

Parameters

ColumnTypeDefaultDescription
$collection int Collection ID
$shareoptions array - values to set

Return

string Share access key

Location

include/collections_functions.php lines 6471 to 6602

Definition

 
function create_upload_link($collection,$shareoptions)
    {
    global $upload_link_usergroups$lang$scramble_key$usergroup$userref;
    global $baseurl$applicationname;
    
    $stdshareopts = array("user","usergroup","expires");

    if (!in_array($shareoptions["usergroup"], $upload_link_usergroups) && $shareoptions["usergroup"] != $usergroup) {
        return $lang["error_invalid_usergroup"];
    }

    if(strtotime($shareoptions["expires"]) < time())
        {
        return $lang["error_invalid_date"];
        }
    // Generate as many new keys as required
    $newkeys = array();
    $numkeys = isset($shareoptions["emails"]) ? count($shareoptions["emails"]) : 1;
    for ($n=0;$n<$numkeys;$n++)
        {
        $newkeys[$n] = generate_share_key($collection);
        }
    
    // Create array to store sql insert data
    $setcolumns = array(
        "collection"    => $collection,
        "user"          => $userref,
        "upload"        => '1',
        "date"          => date("Y-m-d H:i",time()),
        );
    foreach($stdshareopts as $option)
        {
        if(isset($shareoptions[$option]))
            {
            $setcolumns[$option] = $shareoptions[$option];
            }
        }
    
    $newshares = array(); // Create array of new share details to return
    for($n=0;$n<$numkeys;$n++)
        {       
        $setcolumns["access_key"] = $newkeys[$n];
        if(isset($shareoptions["password"]) && $shareoptions["password"] != "")
            {
            // Only set if it has actually been set to a string
            $setcolumns["password_hash"] = hash('sha256'$newkeys[$n] . $shareoptions["password"] . $scramble_key);
            }

        if(isset($shareoptions["emails"][$n]))
            {
            if(!filter_var($shareoptions["emails"][$n], FILTER_VALIDATE_EMAIL))
                {
                $newshares[$n] = "";
                continue;
                }
            $setcolumns["email"] = $shareoptions["emails"][$n];
            }
        $insert_columns array_keys($setcolumns);
        $insert_values  array_values($setcolumns);


        $sql "INSERT INTO external_access_keys
                (" implode(",",$insert_columns) . ")
                VALUES  ("ps_param_insert(count($insert_values)) .")";
        ps_query($sqlps_param_fill($insert_values's'));

        $newshares[$n] = $newkeys[$n];

        if(isset($shareoptions["emails"][$n]))
            {
            // Send email
            $url=$baseurl "/?c=" $collection "&k=" $newkeys[$n];        
            $coldata get_collection($collectiontrue);
            $userdetails=get_user($userref); 
            $collection_name i18n_get_collection_name($coldata);
            $link="<a href='" $url "'>" $collection_name "</a>";
            $passwordtext = (isset($shareoptions["password"]) && $shareoptions["password"] != "") ? $lang["upload_share_email_password"] . " : '" $shareoptions["password"] . "'" "";
            $templatevars = array();    
            $templatevars['link']           = $link;  
            $templatevars['message']        = trim($shareoptions["message"]) != "" $shareoptions["message"] : "";        
            $templatevars['from_name']      = $userdetails["fullname"]=="" $userdetails["username"] : $userdetails["fullname"];
            $templatevars['applicationname']= $applicationname;
            $templatevars['passwordtext']   = $passwordtext;
            $expires = isset($shareoptions["expires"]) ? $shareoptions["expires"] : "";
            if($expires=="")
                {
                $templatevars['expires_date']=$lang["email_link_expires_never"];
                $templatevars['expires_days']=$lang["email_link_expires_never"];
                }
            else
                {
                $day_count=round((strtotime($expires)-strtotime('now'))/(60*60*24));
                $templatevars['expires_date']=$lang['email_link_expires_date'].nicedate($expires);
                $templatevars['expires_days']=$lang['email_link_expires_days'].$day_count;
                if($day_count>1)
                    {
                    $templatevars['expires_days'].=" ".$lang['expire_days'].".";
                    }
                else
                    {
                    $templatevars['expires_days'].=" ".$lang['expire_day'].".";
                    }
                }
            $subject $lang["upload_share_email_subject"] . $applicationname;

            $body $templatevars['from_name'] . " " $lang["upload_share_email_text"] . $applicationname;
            $body .= "<br/><br/>\n" . ($templatevars['message'] != "" $templatevars['message'] : "");
            $body .= "<br/><br/>\n" $templatevars['link'];
            if($passwordtext != "")
                {
                $body .= "<br/><br/>\n" $passwordtext;
                }
            $send_result=send_mail($shareoptions["emails"][$n],$subject,$body,$templatevars['from_name'],"","upload_share_email_template",$templatevars);
            if ($send_result!==true) {return $send_result;}
            }
        $lognotes = array();
        foreach($setcolumns as $column => $value)
            {
            if($column=="password_hash")
                {
                $lognotes[] = trim($value) != "" "password=TRUE" "";
                }
            else
                {
                $lognotes[] = $column "=" .  $value;
                }
            }
        collection_log($collection,LOG_CODE_COLLECTION_SHARED_UPLOAD,null,(isset($shareoptions["emails"][$n]) ? $shareoptions["emails"][$n] : "") . "(" implode(",",$lognotes) . ")");
        }

    return $newshares;    
    }

This article was last updated 17th November 2024 15:35 Europe/London time based on the source file dated 13th November 2024 15:50 Europe/London time.