Coding standards
Security in ResourceSpace
Developer reference
Database
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
Comment functions
Config functions
CSV export functions
Dash functions
Debug functions
Encryption functions
Facial recognition functions
File functions
General functions
Language functions
Log functions
Login functions
Message functions
Migration functions
Node functions
PDF functions
Plugin functions
Render functions
Reporting functions
Request functions
Research functions
Slideshow functions
Theme permission functions
User functions
Video functions
Database functions
Metadata functions
Resource functions
Search functions
Map functions
Job functions
Tab functions
Test functions

generate_collection_access_key()

Description

Generate an external access key to allow external people to view the resources in this collection.

this which is carried forward to email_collection())

Parameters

ColumnTypeDefaultDescription
$collection integer Collection ref -or- collection data structure
$feedback integer 0
$email string ""
$access integer -1
$expires string ""
$group string ""
$sharepwd string ""
$sub_fcs array array List of sub-featured collections IDs (collection_email.php page has logic to determine

Return

string The generated key used for external sharing

Location

include/collections_functions.php lines 2315 to 2440

Definition

 
function generate_collection_access_key($collection,$feedback=0,$email="",$access=-1,$expires="",$group=""$sharepwd="", array $sub_fcs = array())
    {
    global $userref$usergroup$scramble_key;

    // Default to sharing with the permission of the current usergroup if not specified OR no access to alternative group selection.
    if($group == "" || !checkperm("x"))
        {
        $group $usergroup;
        }

    if(!is_array($collection))
        {
        $collection get_collection($collection);
        }

    if(!empty($collection) && $collection["type"] == COLLECTION_TYPE_FEATURED && !isset($collection["has_resources"]))
        {
        $collection_resources get_collection_resources($collection["ref"]);
        $collection["has_resources"] = (is_array($collection_resources) && !empty($collection_resources) ? 0);
        }
    $is_featured_collection_category is_featured_collection_category($collection);

    // We build a collection list to allow featured collections children that are externally shared as part of a parent,
    // to all be shared with the same parameters (e.g key, access, group). When the collection is not COLLECTION_TYPE_FEATURED
    // this will hold just that collection
    $collections = array($collection["ref"]);
    if($is_featured_collection_category)
        {
        $collections = (!empty($sub_fcs) ? $sub_fcs get_featured_collection_categ_sub_fcs($collection));
        }

    // Generate the key based on the original collection. For featured collection category, all sub featured collections
    // will share the same key
    $k generate_share_key($collection["ref"]);

    if($expires != '')
        {
        $expires date_format(date_create($expires), 'Y-m-d') . ' 23:59:59';
        }

    $main_collection $collection// keep record of this info as we need it at the end to record the successful generation of a key for a featured collection category
    $created_sub_fc_access_key false;
    foreach($collections as $collection)
        {
        $r get_collection_resources($collection);
        $shareable_resources array_filter($r, function($resource_ref) { return can_share_resource($resource_ref); });
        foreach($shareable_resources as $resource_ref)
            {
            $sql '';
            $params = [];
            if($expires == '')
                {
                $sql 'NULL, ';
                }
            else
                {
                $sql '?, ';
                $params[] = 's'$params[] = $expires;
                }
            if(!($sharepwd != "" && $sharepwd != "(unchanged)"))
                {
                $sql .= 'NULL';
                }
            else
                {
                $sql .= '?';
                $params[] = 's'$params[] = hash("sha256"$k $sharepwd $scramble_key);
                }
            ps_query("INSERT INTO external_access_keys(resource, access_key, collection, `user`, usergroup, request_feedback, email, `date`, access, expires, password_hash) VALUES (?, ?, ?, ?, ?, ?, ?, NOW(), ?, {$sql})",
            array_merge(
            [
            'i'$resource_ref,
            's'$k,
            'i'$collection,
            'i'$userref,
            'i'$group,
            's'$feedback,
            's'$email,
            'i'$access
            ], $params)
            );
            $created_sub_fc_access_key true;
            }
        }

    if($is_featured_collection_category && $created_sub_fc_access_key)
        {
        $sql '';
        $params = [];
        if($expires == '')
            {
            $sql 'NULL, ';
            }
        else
            {
            $sql '?, ';
            $params[] = 's'$params[] = $expires;
            }
        if(!($sharepwd != "" && $sharepwd != "(unchanged)"))
            {
            $sql .= 'NULL';
            }
        else
            {
            $sql .= '?';
            $params[] = 's'$params[] = hash("sha256"$k $sharepwd $scramble_key);
            }
        // add for FC category. No resource. This is a dummy record so we can have a way to edit the external share done 
        // at the featured collection category level
        ps_query("INSERT INTO external_access_keys(resource, access_key, collection, `user`, usergroup, request_feedback, email, `date`, access, expires, password_hash) VALUES (NULL, ?, ?, ?, ?, ?, ?, NOW(), ?, {$sql})",
            array_merge(
            [
            's'$k,
            'i'$main_collection["ref"],
            'i'$userref,
            'i'$group,
            's'$feedback,
            's'$email,
            'i'$access
            ], $params)
        );

        }

    return $k;
    }

This article was last updated 17th November 2024 15:35 Europe/London time based on the source file dated 13th November 2024 15:50 Europe/London time.