Check if user is allowed to upload files

Support > Elxis 2008 developers guide

(1/1)

datahell:
Elxis 2008 has editable ACL checks if a user is allowed to upload files.
Here is a sample check you should use in a third party extension.

--- Code: (php) ---<?php
//get user usertype
if ( $my->usertype == '' ) {
$usertype = eUTF::utf8_strtolower($acl->get_group_name('29'));
} else {
$usertype = eUTF::utf8_strtolower($my->usertype);
}

$canUploadImages = $acl->acl_check( 'action', 'upload', 'users', $usertype, 'files', 'images' ); //allowed to upload images
$canUploadAvatars =$acl->acl_check( 'action', 'upload', 'users', $usertype, 'files', 'avatars' ); //allowed to upload avatar images
$canUploadFiles =$acl->acl_check( 'action', 'upload', 'users', $usertype, 'files', 'all' ); //allowed to upload any file
?>
--- End code ---

Notice
In Elxis core components we add the user's id as a prefix in uploaded file names (ie 62_myfile.zip). This way we can track down the files origin and we can filter afterwards the files a user can see/edit/use/delete. For instance a user can upload multiple avatars and afterwards select one to use. He can also change his avatar anytime. But he is only allowed to use his own avatars not the other people's uploaded avatars. We propose you to use the same mechanism in your extensions for Elxis CMS.

Navigation

[0] Message Index

Go to full version