| 5 core.php | hook_file_download( |
| 6 core.php | hook_file_download( |
| 7 system.api.php | hook_file_download($uri) |
| 8 system.api.php | hook_file_download($uri) |
Control access to private file downloads and specify HTTP headers.
This hook allows modules enforce permissions on file downloads when the private file download method is selected. Modules can also provide headers to specify information like the file's name or MIME type.
Parameters
$uri: The URI of the file.
Return value
If the user does not have permission to access the file, return -1. If the user has permission, return an array with the appropriate headers. If the file is not controlled by the current module, the return value should be NULL.
See also
Related topics
5 functions implement hook_file_download()
3 invocations of hook_file_download()
File
- modules/
system/ system.api.php, line 2831 - Hooks provided by Drupal core and the System module.
Code
function hook_file_download($uri) {
// Check if the file is controlled by the current module.
if (!file_prepare_directory($uri)) {
$uri = FALSE;
}
if (strpos(file_uri_target($uri), variable_get('user_picture_path', 'pictures') . '/picture-') === 0) {
if (!user_access('access user profiles')) {
// Access to the file is denied.
return -1;
}
else {
$info = image_get_info($uri);
return array('Content-Type' => $info['mime_type']);
}
}
}
Comments
Can someone explain what the
Can someone explain what the purpose of checking file_prepare_directory in the example implementation is?
Returned arrays are different in D6 and D7
Note, in D6, this function returns a simple array listing the headers as strings. In D7, it returns an associative array, with the header fields as keys and the header values as values.