69 lines
1.8 KiB
PHP
69 lines
1.8 KiB
PHP
<?php
|
|
|
|
$title = "Documents";
|
|
$description = "Read a document.";
|
|
|
|
if (isset($_GET["hash"])):
|
|
$sql = "SELECT
|
|
id,
|
|
member_id AS owner,
|
|
game_id,
|
|
basename,
|
|
title,
|
|
doc_is_public AS is_public
|
|
FROM submissions
|
|
WHERE hash = :hash
|
|
";
|
|
|
|
$stmt = $db["data"]->prepare($sql);
|
|
$stmt->execute([
|
|
"hash" => $_GET["hash"],
|
|
]);
|
|
|
|
$doc = $stmt->fetch(PDO::FETCH_OBJ);
|
|
|
|
$sql = "SELECT
|
|
member_id
|
|
FROM assignments
|
|
WHERE submission_id = :submission_id
|
|
";
|
|
|
|
$stmt = $db["data"]->prepare($sql);
|
|
$stmt->execute([
|
|
"submission_id" => $doc->id,
|
|
]);
|
|
|
|
$doc->readers = $stmt->fetchAll(PDO::FETCH_COLUMN);
|
|
|
|
$IS_OWNER = LOGGED_IN ? $_SESSION["account"]->id === $doc->owner : false;
|
|
$IS_READER = LOGGED_IN ? in_array($_SESSION["account"]->id, $doc->readers, true) : false;
|
|
|
|
if ($IS_OWNER || $IS_READER || IS_ADMIN || $doc->is_public) :
|
|
header('Content-Type: application/pdf');
|
|
header('Content-Disposition: inline; filename="' . slugify($doc->title) . '.pdf"');
|
|
|
|
echo file_get_contents(sprintf('%s/assets/docs/%s/%s', ABS_PATH, $doc->game_id, $doc->basename));
|
|
die;
|
|
endif;
|
|
|
|
else:
|
|
include "partials/head.php"; ?>
|
|
<body>
|
|
<?php include "partials/header.php"; ?>
|
|
<main id="main" class="flow">
|
|
<header>
|
|
<h1><?= $title ?></h1>
|
|
</header>
|
|
<?php if (!LOGGED_IN && isset($_GET['hash']) && !$doc->is_public): ?>
|
|
<p>You must log in to access this page.</p>
|
|
<?php
|
|
http_response_code(401);
|
|
include "partials/login-form.php";
|
|
?>
|
|
<?php elseif (!isset($_GET["hash"])): ?>
|
|
<p><a href='/docs/random' class='call-to-action'>Read a random document</a></p>
|
|
<?php endif; ?>
|
|
</main>
|
|
<?php include "partials/footer.php"; ?>
|
|
<?php
|
|
endif; ?>
|