Révision 134c7813
Ajouté par Mathieu Schiano Di Schiabica il y a environ 8 ans
| drupal7/modules/file/file.module | ||
|---|---|---|
| 529 | 529 |
// publicly accessible, with no download restrictions; for security |
| 530 | 530 |
// reasons all other schemes must go through the file_download_access() |
| 531 | 531 |
// check. |
| 532 |
if (in_array(file_uri_scheme($file->uri), variable_get('file_public_schema', array('public'))) || file_download_access($file->uri)) {
|
|
| 533 |
$fid = $file->fid;
|
|
| 532 |
if (!in_array(file_uri_scheme($file->uri), variable_get('file_public_schema', array('public'))) && !file_download_access($file->uri)) {
|
|
| 533 |
$force_default = TRUE;
|
|
| 534 | 534 |
} |
| 535 |
// If the current user doesn't have access, don't let the file be |
|
| 536 |
// changed. |
|
| 537 |
else {
|
|
| 535 |
// Temporary files that belong to other users should never be allowed. |
|
| 536 |
// Since file ownership can't be determined for anonymous users, they |
|
| 537 |
// are not allowed to reuse temporary files at all. |
|
| 538 |
elseif ($file->status != FILE_STATUS_PERMANENT && (!$GLOBALS['user']->uid || $file->uid != $GLOBALS['user']->uid)) {
|
|
| 538 | 539 |
$force_default = TRUE; |
| 539 | 540 |
} |
| 541 |
// If all checks pass, allow the file to be changed. |
|
| 542 |
else {
|
|
| 543 |
$fid = $file->fid; |
|
| 544 |
} |
|
| 540 | 545 |
} |
| 541 | 546 |
} |
| 542 | 547 |
} |
Formats disponibles : Unified diff
Update to 7.43