diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2016-11-27 20:49:19 +0100 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2016-11-27 20:49:19 +0100 |
| commit | a3faf1fefc884c55d870b5fbd0d7b19371907e6c (patch) | |
| tree | 60ec45f67081f763a93268104cbd319d10630695 | |
| parent | 642bfe9a3946a4074e4c3ed59c670b1a16e180d1 (diff) | |
| parent | ad4fe1799f2be148ab300cfe76abae45d6b1a24a (diff) | |
| download | forums-a3faf1fefc884c55d870b5fbd0d7b19371907e6c.tar forums-a3faf1fefc884c55d870b5fbd0d7b19371907e6c.tar.gz forums-a3faf1fefc884c55d870b5fbd0d7b19371907e6c.tar.bz2 forums-a3faf1fefc884c55d870b5fbd0d7b19371907e6c.tar.xz forums-a3faf1fefc884c55d870b5fbd0d7b19371907e6c.zip | |
Merge pull request #4503 from rxu/ticket/14853
[ticket/14853] Add core event to allow modifying PM attachments download auth
| -rw-r--r-- | phpBB/includes/functions_download.php | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php index c571de579e..86c60c31ff 100644 --- a/phpBB/includes/functions_download.php +++ b/phpBB/includes/functions_download.php @@ -677,6 +677,8 @@ function phpbb_download_handle_forum_auth($db, $auth, $topic_id) */ function phpbb_download_handle_pm_auth($db, $auth, $user_id, $msg_id) { + global $phpbb_dispatcher; + if (!$auth->acl_get('u_pm_download')) { send_status_line(403, 'Forbidden'); @@ -685,6 +687,18 @@ function phpbb_download_handle_pm_auth($db, $auth, $user_id, $msg_id) $allowed = phpbb_download_check_pm_auth($db, $user_id, $msg_id); + /** + * Event to modify PM attachments download auth + * + * @event core.modify_pm_attach_download_auth + * @var bool allowed Whether the user is allowed to download from that PM or not + * @var int msg_id The id of the PM to download from + * @var int user_id The user id for auth check + * @since 3.1.11-RC1 + */ + $vars = array('allowed', 'msg_id', 'user_id'); + extract($phpbb_dispatcher->trigger_event('core.modify_pm_attach_download_auth', compact($vars))); + if (!$allowed) { send_status_line(403, 'Forbidden'); |