Révision ca0757b9
Ajouté par Assos Assos il y a plus de 9 ans
drupal7/sites/all/modules/media/media.media.inc | ||
---|---|---|
40 | 40 |
} |
41 | 41 |
|
42 | 42 |
/** |
43 |
* Implements hook_query_media_browser_alter(). |
|
43 |
* Implements hook_query_TAG_alter(). |
|
44 |
* |
|
45 |
* @todo: Potentially move this into media.module in a future version of Media. |
|
44 | 46 |
*/ |
45 | 47 |
function media_query_media_browser_alter($query) { |
46 | 48 |
// Ensure that the query is against the file_managed table. |
47 | 49 |
$tables = $query->getTables(); |
50 |
|
|
48 | 51 |
if (empty($tables['file_managed'])) { |
49 | 52 |
throw new Exception(t('Media browser being queried without the file_managed table.')); |
50 | 53 |
} |
54 |
|
|
51 | 55 |
$alias = $tables['file_managed']['alias']; |
52 | 56 |
|
53 |
$params = drupal_get_query_parameters(); |
|
54 | 57 |
// How do we validate these? I don't know. |
55 | 58 |
// I think PDO should protect them, but I'm not 100% certain. |
56 |
array_walk_recursive($params, 'media_recursive_check_plain'); |
|
57 |
|
|
58 |
$types = !empty($params['types']) ? $params['types'] : NULL; |
|
59 |
$url_include_patterns = !empty($params['url_include_patterns']) ? $params['url_include_patterns'] : NULL; |
|
60 |
$url_exclude_patterns = !empty($params['url_exclude_patterns']) ? $params['url_exclude_patterns'] : NULL; |
|
61 |
$allowed_schemes = !empty($params['schemes']) ? array_filter($params['schemes']) : array(); |
|
62 |
$extensions = !empty($params['file_extensions']) ? array_filter(explode(' ', $params['file_extensions'])) : array(); |
|
63 |
|
|
64 |
$or_condition = db_or(); |
|
65 |
|
|
66 |
if (!empty($allowed_schemes)) { |
|
67 |
// Include local files with the allowed extensions and types. |
|
68 |
$local_wrappers = array_intersect_key(media_get_local_stream_wrappers(), $allowed_schemes); |
|
69 |
if (!empty($extensions) && !empty($local_wrappers)) { |
|
70 |
// Extension filtering. |
|
71 |
$local_condition = db_or(); |
|
72 |
foreach (array_keys($local_wrappers) as $scheme) { |
|
59 |
$params = media_get_browser_params(); |
|
60 |
|
|
61 |
// Gather any file restrictions. |
|
62 |
$types = !empty($params['types']) ? $params['types'] : array(); |
|
63 |
$schemes = !empty($params['schemes']) ? $params['schemes'] : array(); |
|
64 |
$extensions = !empty($params['file_extensions']) ? explode(' ', $params['file_extensions']) : array(); |
|
65 |
|
|
66 |
$or = db_or(); |
|
67 |
|
|
68 |
// Filter out files with restricted types. |
|
69 |
if (!empty($types)) { |
|
70 |
$query->condition($alias . '.type', $types, 'IN'); |
|
71 |
} |
|
72 |
|
|
73 |
// Filter out files with restricted schemes. |
|
74 |
if (!empty($schemes)) { |
|
75 |
$local_or = db_or(); |
|
76 |
$local_and = db_and(); |
|
77 |
|
|
78 |
// Gather all of the local stream wrappers. |
|
79 |
$local_stream_wrappers = media_get_local_stream_wrappers(); |
|
80 |
|
|
81 |
foreach ($schemes as $scheme) { |
|
82 |
// Only local files have extensions. |
|
83 |
// Filter out files with restricted extensions. |
|
84 |
if (!empty($extensions) && isset($local_stream_wrappers[$scheme])) { |
|
85 |
$mimetypes = array(); |
|
73 | 86 |
foreach ($extensions as $extension) { |
74 |
$local_condition->condition($alias . '.uri', db_like($scheme . '://') . '%' . db_like('.' . $extension), 'LIKE'); |
|
87 |
$mimetype = media_get_extension_mimetype($extension); |
|
88 |
if ($mimetype) { |
|
89 |
$mimetypes[] = $mimetype; |
|
90 |
} |
|
75 | 91 |
} |
92 |
$local_and->condition($alias . '.uri', db_like($scheme . '://') . '%', 'LIKE'); |
|
93 |
if (count($mimetypes)) { |
|
94 |
$local_and->condition($alias . '.filemime', $mimetypes, 'IN'); |
|
95 |
} |
|
96 |
$local_or->condition($local_and); |
|
97 |
$local_and = db_and(); |
|
76 | 98 |
} |
77 |
$or_condition->condition($local_condition); |
|
78 |
} |
|
79 |
if (!empty($types) && !empty($local_wrappers)) { |
|
80 |
// Type filtering. |
|
81 |
$local_condition = db_or(); |
|
82 |
foreach (array_keys($local_wrappers) as $scheme) { |
|
83 |
$local_condition->condition($alias . '.type', $types, 'IN'); |
|
84 |
} |
|
85 |
$or_condition->condition($local_condition); |
|
86 |
} |
|
87 |
|
|
88 |
// Include remote files with the allowed file types. |
|
89 |
// We cant filter extensions here, because remote file filenames usually |
|
90 |
// are a url or a parameter of a query. |
|
91 |
$remote_wrappers = array_intersect_key(media_get_remote_stream_wrappers(), $allowed_schemes); |
|
92 |
if (!empty($types) && !empty($remote_wrappers)) { |
|
93 |
$remote_condition = db_and(); |
|
94 |
$wrapper_condition = db_or(); |
|
95 |
foreach (array_keys($remote_wrappers) as $scheme) { |
|
96 |
$wrapper_condition->condition($alias . '.uri', db_like($scheme . '://') . '%', 'LIKE'); |
|
97 |
} |
|
98 |
$remote_condition->condition($wrapper_condition); |
|
99 |
$remote_condition->condition($alias . '.type', $types, 'IN'); |
|
100 |
$or_condition->condition($remote_condition); |
|
101 |
} |
|
102 |
} |
|
103 |
else { |
|
104 |
if (!empty($types)) { |
|
105 |
$query->condition($alias . '.type', $types, 'IN'); |
|
106 |
} |
|
107 |
if (!empty($extensions)) { |
|
108 |
foreach ($extensions as $extension) { |
|
109 |
$or_condition->condition($alias . '.uri', db_like('.' . $extension), 'LIKE'); |
|
99 |
else { |
|
100 |
$local_or->condition($alias . '.uri', db_like($scheme . '://') . '%', 'LIKE'); |
|
110 | 101 |
} |
111 | 102 |
} |
112 |
} |
|
113 | 103 |
|
114 |
if ($or_condition->count()) { |
|
115 |
$query->condition($or_condition); |
|
104 |
$or->condition($local_or); |
|
116 | 105 |
} |
117 | 106 |
|
118 |
if ($url_include_patterns) { |
|
119 |
$query->condition($alias . '.uri', '%' . db_like($url_include_patterns) . '%', 'LIKE'); |
|
120 |
// Insert stream related restrictions here. |
|
121 |
} |
|
122 |
if ($url_exclude_patterns) { |
|
123 |
$query->condition($alias . '.uri', '%' . db_like($url_exclude_patterns) . '%', 'NOT LIKE'); |
|
124 |
} |
|
125 |
|
|
126 |
if (!user_access('administer files')) { |
|
127 |
$query->condition($alias . '.uri', db_like('private://') . '%', 'NOT LIKE'); |
|
128 |
} |
|
129 |
|
|
130 |
// @todo This is possibly redundant since it's already filtered in the view. |
|
131 |
$query->condition($alias . '.status', FILE_STATUS_PERMANENT); |
|
132 |
|
|
133 |
foreach (array_keys(file_entity_get_hidden_stream_wrappers()) as $name) { |
|
134 |
$query->condition($alias . '.uri', db_like($name . '://') . '%', 'NOT LIKE'); |
|
107 |
if ($or->count()) { |
|
108 |
$query->condition($or); |
|
135 | 109 |
} |
136 | 110 |
} |
Formats disponibles : Unified diff
Weekly update of contrib modules