-
Notifications
You must be signed in to change notification settings - Fork 2
/
protected_pages.module
86 lines (72 loc) · 2.41 KB
/
protected_pages.module
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
<?php
/**
* @file
* This module allows you to protect any page of the website by secure password.
*
* You can enter urls of pages to protect and set password per page.
*
* Admin (uid = 1) or user with bypass protection permission can view page.
*/
use Drupal\Component\Utility\Html;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Drupal\Core\Url;
/**
* Implements hook_mail().
*/
function protected_pages_mail($key, &$message, $params) {
switch ($key) {
// Send a simple message from the contact form.
case 'protected_pages_details_mail':
$tokens = ['[protected-page-url]', '[site-name]'];
$replcements = [
$params['protected_page_url'],
\Drupal::config('system.site')->get('name'),
];
$body = str_replace($tokens, $replcements, $params['body']);
$subject = $params['subject'];
$message['subject'] = Html::escape($subject);
$message['body'][] = Html::escape($body);
break;
}
}
/**
* Implements hook_file_download().
*/
function protected_pages_file_download($uri) {
$account = \Drupal::currentUser();
if ($account->hasPermission('bypass pages password protection')) {
return;
}
$target = file_uri_target($uri);
$file_path = '/system/files/' . $target;
$fields = ['pid'];
$conditions = [];
$conditions['general'][] = [
'field' => 'path',
'value' => $file_path,
'operator' => '=',
];
$protected_pages_storage = \Drupal::service('protected_pages.storage');
$pid = $protected_pages_storage->loadProtectedPage($fields, $conditions, TRUE);
if (isset($_SESSION['_protected_page']['passwords'][$pid]['expire_time'])) {
if (time() >= $_SESSION['_protected_page']['passwords'][$pid]['expire_time']) {
unset($_SESSION['_protected_page']['passwords'][$pid]['request_time']);
unset($_SESSION['_protected_page']['passwords'][$pid]['expire_time']);
}
}
if (isset($_SESSION['_protected_page']['passwords'][$pid]['request_time'])) {
return NULL;
}
if ($pid) {
$destination_path_array = \Drupal::destination()->getAsArray();
$destination_path_array['destination'] = $destination_path_array['destination'] . '/' . $target;
$destination_path_array['protected_page'] = $pid;
$response = new RedirectResponse(Url::fromUri('internal:/protected-page', ['query' => $destination_path_array])
->toString());
$response->send();
return;
}
else {
return NULL;
}
}