function hook_file_download

Same name and namespace in other branches
  1. 9 core/lib/Drupal/Core/File/file.api.php \hook_file_download()
  2. 8.9.x core/lib/Drupal/Core/File/file.api.php \hook_file_download()
  3. 10 core/lib/Drupal/Core/File/file.api.php \hook_file_download()
  4. 11.x core/lib/Drupal/Core/File/file.api.php \hook_file_download()

Control access to private file downloads and specify HTTP headers.

This hook allows modules enforce permissions on file downloads when the private file download method is selected. Modules can also provide headers to specify information like the file's name or MIME type.

Parameters

$uri: The URI of the file.

Return value

If the user does not have permission to access the file, return -1. If the user has permission, return an array with the appropriate headers. If the file is not controlled by the current module, the return value should be NULL.

See also

file_download()

Related topics

Hooks
Allow modules to interact with the Drupal core.
14 functions implement hook_file_download()

Note: the procedural functions in this list are found by pattern matching, so the list may include some functions that are not actually implementations of this hook.

ConfigHooks::fileDownload in core/modules/config/src/Hook/ConfigHooks.php
Implements hook_file_download().
EditorHooks::fileDownload in core/modules/editor/src/Hook/EditorHooks.php
Implements hook_file_download().
FileDownloadHook in core/modules/file/src/Hook/FileDownloadHook.php
Implements hook_file_download().
FileTestHooks::fileDownload in core/modules/file/tests/file_test/src/Hook/FileTestHooks.php
Implements hook_file_download().
file_file_download in modules/file/file.module
Implements hook_file_download().

... See full list

2 invocations of hook_file_download()
file_download_headers in includes/file.inc
Retrieves headers for a private file download.
image_file_download in modules/image/image.module
Implements hook_file_download().

File

modules/system/system.api.php, line 3006

Code

function hook_file_download($uri) {
    // Check if the file is controlled by the current module.
    if (!file_prepare_directory($uri)) {
        $uri = FALSE;
    }
    if (strpos(file_uri_target($uri), variable_get('user_picture_path', 'pictures') . '/picture-') === 0) {
        if (!user_access('access user profiles')) {
            // Access to the file is denied.
            return -1;
        }
        else {
            $info = image_get_info($uri);
            return array(
                'Content-Type' => $info['mime_type'],
            );
        }
    }
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.