bigform/inc/bigform_securiser_doc.php

<?php
if (!defined('_ECRIRE_INC_VERSION')){
	return;
}


function bigform_securiser_doc($Tid_doc){
	$rep = sous_repertoire(_DIR_IMG, 'PROTECTED');
	$content = <<<rewrite
# Deny all requests from Apache 2.4+.
<IfModule mod_authz_core.c>
	Require all denied
</IfModule>
# Deny all requests from Apache 2.0-2.2.
<IfModule !mod_authz_core.c>
	Deny from all
</IfModule>
rewrite;

	if (!verifier_htaccess($rep . "/.htaccess")) {
		ecrire_fichier($rep . "/.htaccess", $content);
	}

	foreach ($Tid_doc as $id) {
		if (intval($id)) {
			$r = sql_fetsel('extension, fichier','spip_documents','id_document='.intval($id));
			$fichier = $r['fichier'];
			$ext = $r['extension'];
			sous_repertoire(_DIR_IMG . 'PROTECTED', $ext);
			if ($fichier) {
				$source = _DIR_IMG . "/" . $fichier;
				if (file_exists($source)) {
					$d = deplacer_fichier_upload($source, _DIR_IMG . 'PROTECTED/' . $fichier, true);
					if ($d) {
						sql_updateq('spip_documents',['protected' => 'oui'], 'id_document='.$id);
					}
				}
			}
		}
	}
}