Primary data field to determine downloadable content - media.media table and meal_file_id. If this exists, content can be downloaded.

If "price" field is not empty and greater than 0, then the item must be purchased. Purchase information is found in the media.purchased table. Data tables with fields used are below media.meda - meal_file_id (reference media.files table - file_id field) -price (if not empty or 0 then ensure it has been purchased. If empty then treat as free item) - user_id (if user_id equal global/server session id, then user logged in is owner and can download whether meal file exists or not media.files - file_id media.purchased - user_id (user_ id from server session/global user_id) - expiration_date (must fall after current server date) users.user - user_id (used in determining whether logged in user is admin or not.) - user_type_id (if equals 3 then user is an admin and can download whether meal file exists or not)

Code to determine whether an item can be downloaded by a user: function get_permissions() { /** Set the defaults */ $user_is_admin = false; $something_to_download = false; $permissions['download'] = false; $permissions['edit'] = false; $permissions['view'] = false; if (isset($GLOBALS['user_id'])) $user_is_admin = $this->db->GetOne("SELECT TRUE FROM usr.users WHERE user_type_id = 3 AND user_id = ?", array($GLOBALS['user_id'])); /** Get the object info */

switch($this->object_type_id) { case "1": //Media $object = $this->db->GetRow( "SELECT media_id as object_id, price, media_status_id as status_id, user_id, meal_file_id FROM media.media WHERE media_id = ?", array($this->object_id) ); if (empty($object)) { throw new exception("Invalid media item", 400); } if (isset($GLOBALS['user_id']) && $GLOBALS['user_id'] > 0) { //Check to see if they bought this media item $object['purchased'] = $this->db->GetOne( "SELECT TRUE FROM media.purchased WHERE media_id = ? AND user_id = ? AND expiration_date > ?", array($this->object_id, $GLOBALS['user_id'], 'now()') ); } else { $object['purchased'] = false; } if ($object['meal_file_id'] > 0) $something_to_download = true; break; default: throw new exception("Unsupported object_type_id", 400); break; } /** Now is time to override the defaults. At this point, I should have 4 boolean values, and everything should take care of itself - $object['price'] - $object['purchased'] - $object['status_id'] - $object['user_id'] */ // Is the user an admin or the owner? if ($user_is_admin || (isset($GLOBALS['user_id']) && $GLOBALS['user_id'] == $object['user_id'])) { $permissions['download'] = true;

$permissions['edit'] $permissions['view']

= true; = true;

} else { // Do some media_status_id toggles switch($object['status_id']) { case 2: $permissions['view'] = true; break; case 3: $sql = "SELECT 1 FROM module.media_to_module mtm JOIN module.community_to_module ctm ON ctm.module_id = mtm.module_id JOIN community.communities cc ON ctm.community_id = cc.community_id WHERE media_id = {$this->object_id} AND cc.community_id IN (SELECT community_id FROM community.membership WHERE user_id = {$GLOBALS['user_id']})"; $db_return = $this->db->GetOne($sql); echo $this->db->ErrorMsg(); arrays::pa($db_return); if($db_return) $permissions['download'] = true; break; } //Maybe it is free? if (empty($object['price'])) { $permissions['view'] = true; $permissions['download'] = true; } //Have they purchased it? if ($object['purchased']) { $permissions['view'] = true; $permissions['download'] = true; } } // Flip this back to false if there is nothing to download. Easier than building the download logic in the other conditions. if ($something_to_download == false) $permissions['download'] = false; return $permissions; }