123 lines
3 KiB
PHP
123 lines
3 KiB
PHP
<?php
|
|
$sql = "SELECT
|
|
id,
|
|
member_id AS owner,
|
|
game_id,
|
|
basename,
|
|
title,
|
|
doc_is_public AS is_public
|
|
FROM submissions
|
|
WHERE hash = :hash
|
|
";
|
|
|
|
$stmt = $db["data"]->prepare($sql);
|
|
$stmt->execute([
|
|
"hash" => $_GET["hash"],
|
|
]);
|
|
|
|
$submission = $stmt->fetch(PDO::FETCH_OBJ);
|
|
|
|
if (!$submission):
|
|
|
|
$title = "Submission Not Found";
|
|
$description =
|
|
"We couldn't find a submission with that hash.";
|
|
http_response_code(404);
|
|
include "partials/head.php";
|
|
?>
|
|
<body>
|
|
<?php include "partials/header.php"; ?>
|
|
<main id="main" class="flow">
|
|
<header>
|
|
<h1><?= $title ?></h1>
|
|
</header>
|
|
<p>We couldn't find a submission with that hash.</p>
|
|
</main>
|
|
<?php include "partials/footer.php"; ?>
|
|
</body>
|
|
</html>
|
|
<?php die();
|
|
endif;
|
|
|
|
$sql = "SELECT
|
|
member_id
|
|
FROM assignments
|
|
WHERE submission_id = :submission_id
|
|
";
|
|
|
|
$stmt = $db["data"]->prepare($sql);
|
|
$stmt->execute([
|
|
"submission_id" => $submission->id,
|
|
]);
|
|
|
|
$submission->readers = $stmt->fetchAll(PDO::FETCH_COLUMN);
|
|
|
|
$IS_OWNER = LOGGED_IN ? $_SESSION["account"]->id === $submission->owner : false;
|
|
$IS_READER = LOGGED_IN
|
|
? in_array($_SESSION["account"]->id, $submission->readers, true)
|
|
: false;
|
|
|
|
if ($IS_OWNER || $IS_READER || IS_ADMIN || $submission->is_public):
|
|
$file = file_get_contents(
|
|
sprintf(
|
|
"%s/assets/docs/%s/%s",
|
|
ABS_PATH,
|
|
$submission->game_id,
|
|
$submission->basename
|
|
)
|
|
);
|
|
|
|
if ($file) {
|
|
header("Content-Type: application/pdf");
|
|
header(
|
|
'Content-Disposition: inline; filename="' .
|
|
slugify($submission->title) .
|
|
'.pdf"'
|
|
);
|
|
echo $file;
|
|
} else {
|
|
|
|
$title = "Internal Server Error";
|
|
$description =
|
|
"The server encountered an error when attempting to open the requested file.";
|
|
http_response_code(500);
|
|
include "partials/head.php";
|
|
?>
|
|
<body>
|
|
<?php include "partials/header.php"; ?>
|
|
<main id="main" class="flow">
|
|
<header>
|
|
<h1><?= $title ?></h1>
|
|
</header>
|
|
<p>The server encountered an error when attempting to open the requested file. Please try again later.</p>
|
|
</main>
|
|
<?php include "partials/footer.php"; ?>
|
|
</body>
|
|
</html>
|
|
<?php
|
|
die();
|
|
echo "error";
|
|
|
|
}
|
|
die();
|
|
elseif (!LOGGED_IN):
|
|
|
|
http_response_code(401);
|
|
$title = "Log In";
|
|
$description = "Log in to read this submission.";
|
|
include "partials/head.php";
|
|
?>
|
|
<body>
|
|
<?php include "partials/header.php"; ?>
|
|
<main id="main" class="flow">
|
|
<header>
|
|
<h1><?= $title ?></h1>
|
|
</header>
|
|
<p>You must log in to view this submission.</p>
|
|
<?php include "partials/login-form.php"; ?>
|
|
</main>
|
|
<?php include "partials/footer.php"; ?>
|
|
</body>
|
|
</html>
|
|
<?php die();
|
|
endif;
|