modules/url_access/url_access.module

<?php
// $Id: url_access.module,v 1.1.2.2 2008/06/11 19:08:38 deviantintegral Exp $

/**
 * @file
 * Enables the creation of pages protected by a unique path.
 */
 
/**
 * Implementation of hook_menu
 * Moved from hook_init as user_access isn't available if caching is enabled.
 */
function url_access_menu($may_cache) {
  if (!$may_cache) {
    global $user;

    // Node Administrators can always view nodes
    if(user_access('administer nodes')) return;

    // If we aren't on a node, return
    if (arg(0) != 'node') return;

    $nid= arg(1);
    if( ! is_numeric( $nid)) return;

    $node_info = db_fetch_array(db_query("SELECT n.uid, u.uuid FROM {url_access} u INNER JOIN {node} n ON n.nid=u.nid WHERE u.nid=%d", $nid));

    // Let the author have access
    if($user->uid == $node_info['uid']) return;

    // There's no UUID in the database, so there's nothing to block
    if (!$node_info['uuid']) return;

    $url = explode('/', trim(request_uri(), '/'));
    $url[0]= str_replace( '?q=', '', $url[0]);

    if($url[0] == 'protected') {
      $url_uuid = $url[1];
      if($url_uuid == $node_info['uuid']) {
        return;
      }
    }
    drupal_access_denied();
    exit;
  }
}

/**
 * Implementation of hook_nodeapi
 */
function url_access_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL) {
  switch ($op) {
    case 'delete':
      $query = "DELETE FROM {url_access} WHERE nid=%d;";
      db_query($query, $node->nid);
      break;
    case 'insert':
      if(!$node->url_access) break;
      $uuid = _url_access_uuid();
      path_set_alias('node/' . $node->nid, 'protected/' . $uuid);
      $query = "INSERT INTO {url_access} VALUES('%d', '%s');";
      db_query($query, $node->nid, $uuid);
      $url = 'protected/' . $uuid;
      drupal_set_message(t('Protected URL set to !url', array('!url' => l($url, $url))));
      break;
    case 'load':
      $query = "SELECT uuid FROM {url_access} WHERE nid=%d";
      $result = db_query($query, $node->nid);
      $uuid = db_result($result);
      $node->url_access = $uuid;
      break;
    case 'update':
      if($node->url_access) {
        $query = "SELECT uuid FROM {url_access} WHERE nid=%d";
        $result = db_query($query, $node->nid);
        $uuid = db_result($result);
        if (!$uuid) {
          url_access_nodeapi($node, 'insert', $a3, $a4);
        }
      }
      else {
        $query = "SELECT uuid FROM {url_access} WHERE nid=%d";
        $result = db_query($query, $node->nid);
        $uuid = db_result($result);
        if (!$uuid) break;
        
        $pid = db_result(db_query("SELECT pid FROM {url_alias} WHERE dst = '%s'", 'protected/' . $uuid));
        path_admin_delete($pid);
        url_access_nodeapi($node, 'delete', $a3, $a4);
      }
      break;
    case 'validate':
      break;
  }
}

/**
 * Implementation of hook_form_alter
 */
function url_access_form_alter($form_id, &$form) {
  // We're only modifying node forms, if the type field isn't set we don't need
  // to bother; otherwise, store it for later retrieval.
  if (isset($form['type'])) {
    $type = $form['type']['#value'];
  }
  elseif (isset($form['orig_type'])) {
    $type = $form['orig_type']['#value'];
  }
  else {
    return;
  }
  
  switch($form_id) {
    case $type . '_node_form':
      $form['url_access_set'] = array(
        '#type' => 'fieldset',
        '#title' => t('URL Access Restrictions'),
        '#collapsible' => TRUE,
        '#collapsed' => TRUE,
      );
      $form['url_access_set']['url_access'] = array(
        '#type' => 'checkbox',
        '#title' => t('Require unique URL for access'),
        '#description' => t('If enabled, only administrators and those with the correct URL
          will be able to view this node.'),
        '#default_value' => $form['#node']->url_access,
      );
      if ($form['#node']->url_access) {
        $url = 'protected/' . $form['#node']->url_access;
        $form['url_access_set']['url_access_path'] = array(
          '#value' => t('The URL Access Path for this node is !url.', array(
            '!url' => l($url, $url)
          )),
          '#prefix' => '<p>',
          '#suffix' => '</p>',
        );
      }
      break;
  }
}

/**
 * Return a UUID generated by the database.
 *
 * @return
 *   A string containing a 37 character UUID, including dashes.
 */
function _url_access_uuid() {
  $query = "SELECT UUID();";
  $result = db_query($query);
  $uuid = db_result($result);
  return $uuid;
}
1	<?php
2	// $Id: url_access.module,v 1.1.2.2 2008/06/11 19:08:38 deviantintegral Exp $
3
4	/**
5	* @file
6	* Enables the creation of pages protected by a unique path.
7	*/
8
9	/**
10	* Implementation of hook_menu
11	* Moved from hook_init as user_access isn't available if caching is enabled.
12	*/
13	function url_access_menu($may_cache) {
14	if (!$may_cache) {
15	global $user;
16
17	// Node Administrators can always view nodes
18	if(user_access('administer nodes')) return;
19
20	// If we aren't on a node, return
21	if (arg(0) != 'node') return;
22
23	$nid= arg(1);
24	if( ! is_numeric( $nid)) return;
25
26	$node_info = db_fetch_array(db_query("SELECT n.uid, u.uuid FROM {url_access} u INNER JOIN {node} n ON n.nid=u.nid WHERE u.nid=%d", $nid));
27
28	// Let the author have access
29	if($user->uid == $node_info['uid']) return;
30
31	// There's no UUID in the database, so there's nothing to block
32	if (!$node_info['uuid']) return;
33
34	$url = explode('/', trim(request_uri(), '/'));
35	$url[0]= str_replace( '?q=', '', $url[0]);
36
37	if($url[0] == 'protected') {
38	$url_uuid = $url[1];
39	if($url_uuid == $node_info['uuid']) {
40	return;
41	}
42	}
43	drupal_access_denied();
44	exit;
45	}
46	}
47
48	/**
49	* Implementation of hook_nodeapi
50	*/
51	function url_access_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL) {
52	switch ($op) {
53	case 'delete':
54	$query = "DELETE FROM {url_access} WHERE nid=%d;";
55	db_query($query, $node->nid);
56	break;
57	case 'insert':
58	if(!$node->url_access) break;
59	$uuid = _url_access_uuid();
60	path_set_alias('node/' . $node->nid, 'protected/' . $uuid);
61	$query = "INSERT INTO {url_access} VALUES('%d', '%s');";
62	db_query($query, $node->nid, $uuid);
63	$url = 'protected/' . $uuid;
64	drupal_set_message(t('Protected URL set to !url', array('!url' => l($url, $url))));
65	break;
66	case 'load':
67	$query = "SELECT uuid FROM {url_access} WHERE nid=%d";
68	$result = db_query($query, $node->nid);
69	$uuid = db_result($result);
70	$node->url_access = $uuid;
71	break;
72	case 'update':
73	if($node->url_access) {
74	$query = "SELECT uuid FROM {url_access} WHERE nid=%d";
75	$result = db_query($query, $node->nid);
76	$uuid = db_result($result);
77	if (!$uuid) {
78	url_access_nodeapi($node, 'insert', $a3, $a4);
79	}
80	}
81	else {
82	$query = "SELECT uuid FROM {url_access} WHERE nid=%d";
83	$result = db_query($query, $node->nid);
84	$uuid = db_result($result);
85	if (!$uuid) break;
86
87	$pid = db_result(db_query("SELECT pid FROM {url_alias} WHERE dst = '%s'", 'protected/' . $uuid));
88	path_admin_delete($pid);
89	url_access_nodeapi($node, 'delete', $a3, $a4);
90	}
91	break;
92	case 'validate':
93	break;
94	}
95	}
96
97	/**
98	* Implementation of hook_form_alter
99	*/
100	function url_access_form_alter($form_id, &$form) {
101	// We're only modifying node forms, if the type field isn't set we don't need
102	// to bother; otherwise, store it for later retrieval.
103	if (isset($form['type'])) {
104	$type = $form['type']['#value'];
105	}
106	elseif (isset($form['orig_type'])) {
107	$type = $form['orig_type']['#value'];
108	}
109	else {
110	return;
111	}
112
113	switch($form_id) {
114	case $type . '_node_form':
115	$form['url_access_set'] = array(
116	'#type' => 'fieldset',
117	'#title' => t('URL Access Restrictions'),
118	'#collapsible' => TRUE,
119	'#collapsed' => TRUE,
120	);
121	$form['url_access_set']['url_access'] = array(
122	'#type' => 'checkbox',
123	'#title' => t('Require unique URL for access'),
124	'#description' => t('If enabled, only administrators and those with the correct URL
125	will be able to view this node.'),
126	'#default_value' => $form['#node']->url_access,
127	);
128	if ($form['#node']->url_access) {
129	$url = 'protected/' . $form['#node']->url_access;
130	$form['url_access_set']['url_access_path'] = array(
131	'#value' => t('The URL Access Path for this node is !url.', array(
132	'!url' => l($url, $url)
133	)),
134	'#prefix' => '<p>',
135	'#suffix' => '</p>',
136	);
137	}
138	break;
139	}
140	}
141
142	/**
143	* Return a UUID generated by the database.
144	*
145	* @return
146	* A string containing a 37 character UUID, including dashes.
147	*/
148	function _url_access_uuid() {
149	$query = "SELECT UUID();";
150	$result = db_query($query);
151	$uuid = db_result($result);
152	return $uuid;
153	}