aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/functions_download.php
diff options
context:
space:
mode:
authorrxu <rxu@mail.ru>2016-11-04 18:42:49 +0700
committerrxu <rxu@mail.ru>2016-11-04 18:42:49 +0700
commitad4fe1799f2be148ab300cfe76abae45d6b1a24a (patch)
tree40848cf830ae63a2927973c2e447d2621ac39645 /phpBB/includes/functions_download.php
parent85898d3d2c7b5ce61a0f92299e06ceade000c4a8 (diff)
downloadforums-ad4fe1799f2be148ab300cfe76abae45d6b1a24a.tar
forums-ad4fe1799f2be148ab300cfe76abae45d6b1a24a.tar.gz
forums-ad4fe1799f2be148ab300cfe76abae45d6b1a24a.tar.bz2
forums-ad4fe1799f2be148ab300cfe76abae45d6b1a24a.tar.xz
forums-ad4fe1799f2be148ab300cfe76abae45d6b1a24a.zip
[ticket/14853] Add core event to allow modifying PM attachments download auth
PHPBB3-14853
Diffstat (limited to 'phpBB/includes/functions_download.php')
-rw-r--r--phpBB/includes/functions_download.php14
1 files changed, 14 insertions, 0 deletions
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index c571de579e..86c60c31ff 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -677,6 +677,8 @@ function phpbb_download_handle_forum_auth($db, $auth, $topic_id)
*/
function phpbb_download_handle_pm_auth($db, $auth, $user_id, $msg_id)
{
+ global $phpbb_dispatcher;
+
if (!$auth->acl_get('u_pm_download'))
{
send_status_line(403, 'Forbidden');
@@ -685,6 +687,18 @@ function phpbb_download_handle_pm_auth($db, $auth, $user_id, $msg_id)
$allowed = phpbb_download_check_pm_auth($db, $user_id, $msg_id);
+ /**
+ * Event to modify PM attachments download auth
+ *
+ * @event core.modify_pm_attach_download_auth
+ * @var bool allowed Whether the user is allowed to download from that PM or not
+ * @var int msg_id The id of the PM to download from
+ * @var int user_id The user id for auth check
+ * @since 3.1.11-RC1
+ */
+ $vars = array('allowed', 'msg_id', 'user_id');
+ extract($phpbb_dispatcher->trigger_event('core.modify_pm_attach_download_auth', compact($vars)));
+
if (!$allowed)
{
send_status_line(403, 'Forbidden');