Fixed MANTIS-4673 (Issues with permissions for calendar attachments / Comcode...

            $filter = $this->get_filter();

            // Read row

            $rows = $GLOBALS['SITE_DB']->query_select('calendar_events e LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_types t ON t.id=e.e_type', array('*'), array('e.id' => $id), '', 1);

            $rows = $GLOBALS['SITE_DB']->query_select('calendar_events e LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'calendar_types t ON t.id=e.e_type', array('e.*', 't.t_title', 't.t_logo'), array('e.id' => $id), '', 1);

            if (!array_key_exists(0, $rows)) {

                warn_exit(do_lang_tempcode('MISSING_RESOURCE', 'event'));

            }

/**

 * Find if the specified member has access to view the specified attachment.

 *

 * @param  MEMBER $member The member being checked whether to have the access

 * @param  MEMBER $member_id The member being checked whether to have the access

 * @param  AUTO_LINK $id The ID code for the attachment being checked

 * @param  ?object $connection The database connection to use (null: site DB)

 * @return boolean Whether the member has attachment access

 */

function has_attachment_access($member, $id, $connection = null)

function has_attachment_access($member_id, $id, $connection = null)

{

    if (is_null($connection)) {

        $connection = $GLOBALS['SITE_DB'];

    }

    if ($GLOBALS['FORUM_DRIVER']->is_super_admin($member)) {

    if ($GLOBALS['FORUM_DRIVER']->is_super_admin($member_id)) {

        return true;

    }

            require_code('hooks/systems/attachments/' . filter_naughty_harsh($type));

            $object = object_factory('Hook_attachments_' . filter_naughty_harsh($type));

            if ($object->run($ref_id, $connection)) {

            if ($object->run($ref_id, $connection, $member_id)) {

                return true;

            }

        }

class Hook_attachments_author

{

    /**

     * Run function for attachment hooks. They see if permission to an attachment of an ID relating to this content is present for the current member.

     * Run function for attachment hooks. They see if permission to an attachment of an ID relating to this content is present for a member.

     *

     * @param  ID_TEXT $id The ID

     * @param  object $connection The database connection to check on

     * @param  MEMBER $member_id The member to check for

     * @return boolean Whether there is permission

     */

    public function run($id, $connection)

    public function run($id, $connection, $member_id)

    {

        return true;

    }

class Hook_attachments_calendar

{

    /**

     * Run function for attachment hooks. They see if permission to an attachment of an ID relating to this content is present for the current member.

     * Run function for attachment hooks. They see if permission to an attachment of an ID relating to this content is present for a member.

     *

     * @param  ID_TEXT $id The ID

     * @param  object $connection The database connection to check on

     * @param  MEMBER $member_id The member to check for

     * @return boolean Whether there is permission

     */

    public function run($id, $connection)

    public function run($id, $connection, $member_id)

    {

        if (addon_installed('content_privacy')) {

            require_code('content_privacy');

            return false;

        }

        if (!has_category_access(get_member(), 'calendar', strval($info[0]['e_type']))) {

            return false;

        }

        if (addon_installed('content_privacy')) {

            require_code('content_privacy');

            if (!has_privacy_access('event', strval($id))) {

                return false;

            }

        }

        if ($info[0]['e_submitter'] == get_member()) {

        if ($info[0]['e_submitter'] == $member_id) {

            return true;

        }

        return false;

        return has_category_access($member_id, 'calendar', strval($info[0]['e_type']));

    }

}

class Hook_attachments_catalogue_entry

{

    /**

     * Run function for attachment hooks. They see if permission to an attachment of an ID relating to this content is present for the current member.

     * Run function for attachment hooks. They see if permission to an attachment of an ID relating to this content is present for a member.

     *

     * @param  ID_TEXT $id The ID

     * @param  object $connection The database connection to check on

     * @param  MEMBER $member_id The member to check for

     * @return boolean Whether there is permission

     */

    public function run($id, $connection)

    public function run($id, $connection, $member_id)

    {

        if (addon_installed('content_privacy')) {

            require_code('content_privacy');

            return false;

        }

        if (!has_category_access(get_member(), 'catalogues_catalogue', $info[0]['c_name'])) {

        if (!has_category_access($member_id, 'catalogues_catalogue', $info[0]['c_name'])) {

            return false;

        }

        return ((get_value('disable_cat_cat_perms') === '1') || (has_category_access(get_member(), 'catalogues_category', strval($info[0]['cc_id']))));

        return ((get_value('disable_cat_cat_perms') === '1') || (has_category_access($member_id, 'catalogues_category', strval($info[0]['cc_id']))));

    }

}