aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndreas Fischer <bantu@phpbb.com>2012-08-26 18:56:09 +0200
committerAndreas Fischer <bantu@phpbb.com>2012-08-26 18:56:09 +0200
commitd0ce637251da211b2e969f7a173d3bde97b0894b (patch)
treefcb6c80b5b1c7c21d212bd5f51b7eb93d71cc092
parent18039cfa6af73d6582145023b6a3e67788d7a948 (diff)
parente1a4aa3ea255874660d31e13c0b4cadc8993ef4f (diff)
downloadforums-d0ce637251da211b2e969f7a173d3bde97b0894b.tar
forums-d0ce637251da211b2e969f7a173d3bde97b0894b.tar.gz
forums-d0ce637251da211b2e969f7a173d3bde97b0894b.tar.bz2
forums-d0ce637251da211b2e969f7a173d3bde97b0894b.tar.xz
forums-d0ce637251da211b2e969f7a173d3bde97b0894b.zip
Merge remote-tracking branch 'Fyorl/feature/attach-dl' into develop
* Fyorl/feature/attach-dl: (75 commits) [feature/attach-dl] Removed the use of some abbreviations [feature/attach-dl] Changed $files_added checks [feature/attach-dl] Renamed $post_id to $post_msg_id [feature/attach-dl] Fixed a comment [feature/attach-dl] Optimised an sql query [feature/attach-dl] Fixed the logic in an sql statement [feature/attch-dl] $forum_id cast to int [feature/attach-dl] Fixed $file_added to $files_added [feature/attach-dl] Moved definition of $archive_name [feature/attach-dl] Swapped the order of an if statement [feature/attach-dl] Cast variables to int [feature/attach-dl] Added $archive_path [feature/attach-dl] Used COMMA_SEPARATOR instead of actual comma [feature/attach-dl] Renamed $count to $files_added [feature/attach-dl] Removed sprintf() use [feature/attach-dl] Removed need for array_keys() [feature/attach-dl] Added multiple attachment downloads to PMs [feature/attach-dl] Removed reliance on current($row) [feature/attach-dl] Renamed to phpbb_download_handle_forum_auth [feature/attach-dl] Moved PM authentication handling into own function ...
Diffstat
-rw-r--r--phpBB/download/file.php340
-rw-r--r--phpBB/includes/functions_display.php35
-rw-r--r--phpBB/includes/functions_download.php129
-rw-r--r--phpBB/includes/ucp/ucp_pm_viewmessage.php7
-rw-r--r--phpBB/language/en/common.php2
-rw-r--r--phpBB/styles/prosilver/template/ucp_pm_viewmessage.html24
-rw-r--r--phpBB/styles/prosilver/template/viewtopic_body.html25
-rw-r--r--phpBB/styles/prosilver/theme/content.css23
-rw-r--r--phpBB/viewtopic.php17
9 files changed, 463 insertions, 139 deletions
diff --git a/phpBB/download/file.php b/phpBB/download/file.php
index c01b0789de..b56d729a7b 100644
--- a/phpBB/download/file.php
+++ b/phpBB/download/file.php
@@ -134,6 +134,9 @@ include($phpbb_root_path . 'common.' . $phpEx);
require($phpbb_root_path . 'includes/functions_download' . '.' . $phpEx);
$download_id = request_var('id', 0);
+$topic_id = $request->variable('topic_id', 0);
+$post_msg_id = $request->variable('post_msg_id', 0);
+$archive = $request->variable('archive', '.tar');
$mode = request_var('mode', '');
$thumbnail = request_var('t', false);
@@ -142,195 +145,268 @@ $user->session_begin(false);
$auth->acl($user->data);
$user->setup('viewtopic');
-if (!$download_id)
+if (!$config['allow_attachments'] && !$config['allow_pm_attach'])
{
send_status_line(404, 'Not Found');
- trigger_error('NO_ATTACHMENT_SELECTED');
+ trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');
}
-if (!$config['allow_attachments'] && !$config['allow_pm_attach'])
+if ($download_id)
+{
+ // Attachment id (only 1 attachment)
+ $sql_where = "attach_id = $download_id";
+}
+else if ($post_msg_id)
+{
+ // Post id or private message id (multiple attachments)
+ $sql_where = "post_msg_id = $post_msg_id AND is_orphan = 0";
+}
+else if ($topic_id)
+{
+ // Topic id (multiple attachments)
+ $sql_where = "topic_id = $topic_id AND is_orphan = 0";
+}
+else
{
send_status_line(404, 'Not Found');
- trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');
+ trigger_error('NO_ATTACHMENT_SELECTED');
}
-$sql = 'SELECT attach_id, in_message, post_msg_id, extension, is_orphan, poster_id, filetime
+$sql = 'SELECT attach_id, post_msg_id, topic_id, in_message, is_orphan, physical_filename, real_filename, extension, mimetype, filesize, filetime
FROM ' . ATTACHMENTS_TABLE . "
- WHERE attach_id = $download_id";
-$result = $db->sql_query_limit($sql, 1);
-$attachment = $db->sql_fetchrow($result);
+ WHERE $sql_where";
+$result = $db->sql_query($sql);
+
+$attachments = $attachment_ids = array();
+while ($row = $db->sql_fetchrow($result))
+{
+ $attachment_id = (int) $row['attach_id'];
+
+ $row['physical_filename'] = utf8_basename($row['physical_filename']);
+
+ $attachment_ids[$attachment_id] = $attachment_id;
+ $attachments[$attachment_id] = $row;
+}
$db->sql_freeresult($result);
-if (!$attachment)
+// Make $attachment the first of the attachments we fetched.
+$attachment = current($attachments);
+
+if (empty($attachments))
{
send_status_line(404, 'Not Found');
trigger_error('ERROR_NO_ATTACHMENT');
}
-
-if ((!$attachment['in_message'] && !$config['allow_attachments']) || ($attachment['in_message'] && !$config['allow_pm_attach']))
+else if (!download_allowed())
{
- send_status_line(404, 'Not Found');
- trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');
+ send_status_line(403, 'Forbidden');
+ trigger_error($user->lang['LINKAGE_FORBIDDEN']);
}
-
-$row = array();
-
-if ($attachment['is_orphan'])
+else if ($download_id)
{
- // We allow admins having attachment permissions to see orphan attachments...
- $own_attachment = ($auth->acl_get('a_attach') || $attachment['poster_id'] == $user->data['user_id']) ? true : false;
+ // sizeof($attachments) == 1
- if (!$own_attachment || ($attachment['in_message'] && !$auth->acl_get('u_pm_download')) || (!$attachment['in_message'] && !$auth->acl_get('u_download')))
+ if (!$attachment['in_message'] && !$config['allow_attachments'] || $attachment['in_message'] && !$config['allow_pm_attach'])
{
send_status_line(404, 'Not Found');
- trigger_error('ERROR_NO_ATTACHMENT');
+ trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');
}
- // Obtain all extensions...
- $extensions = $cache->obtain_attach_extensions(true);
-}
-else
-{
- if (!$attachment['in_message'])
+ if ($attachment['is_orphan'])
{
- //
- $sql = 'SELECT p.forum_id, f.forum_password, f.parent_id
- FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f
- WHERE p.post_id = ' . $attachment['post_msg_id'] . '
- AND p.forum_id = f.forum_id';
- $result = $db->sql_query_limit($sql, 1);
- $row = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
-
- $f_download = $auth->acl_get('f_download', $row['forum_id']);
-
- if ($auth->acl_get('u_download') && $f_download)
- {
- if ($row && $row['forum_password'])
- {
- // Do something else ... ?
- login_forum_box($row);
- }
- }
- else
+ // We allow admins having attachment permissions to see orphan attachments...
+ $own_attachment = ($auth->acl_get('a_attach') || $attachment['poster_id'] == $user->data['user_id']) ? true : false;
+
+ if (!$own_attachment || ($attachment['in_message'] && !$auth->acl_get('u_pm_download')) || (!$attachment['in_message'] && !$auth->acl_get('u_download')))
{
- send_status_line(403, 'Forbidden');
- trigger_error('SORRY_AUTH_VIEW_ATTACH');
+ send_status_line(404, 'Not Found');
+ trigger_error('ERROR_NO_ATTACHMENT');
}
+
+ // Obtain all extensions...
+ $extensions = $cache->obtain_attach_extensions(true);
}
else
{
- $row['forum_id'] = false;
- if (!$auth->acl_get('u_pm_download'))
+ if (!$attachment['in_message'])
{
- send_status_line(403, 'Forbidden');
- trigger_error('SORRY_AUTH_VIEW_ATTACH');
+ phpbb_download_handle_forum_auth($db, $auth, $attachment['topic_id']);
}
+ else
+ {
+ // Attachment is in a private message.
+ $row['forum_id'] = false;
+ phpbb_download_handle_pm_auth($db, $auth, $user->data['user_id'], $attachment['post_msg_id']);
+ }
+
+ $extensions = array();
+ if (!extension_allowed($row['forum_id'], $attachment['extension'], $extensions))
+ {
+ send_status_line(404, 'Forbidden');
+ trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));
+ }
+ }
+
+ $download_mode = (int) $extensions[$attachment['extension']]['download_mode'];
+ $display_cat = $extensions[$attachment['extension']]['display_cat'];
+
+ if (($display_cat == ATTACHMENT_CATEGORY_IMAGE || $display_cat == ATTACHMENT_CATEGORY_THUMB) && !$user->optionget('viewimg'))
+ {
+ $display_cat = ATTACHMENT_CATEGORY_NONE;
+ }
+
+ if ($display_cat == ATTACHMENT_CATEGORY_FLASH && !$user->optionget('viewflash'))
+ {
+ $display_cat = ATTACHMENT_CATEGORY_NONE;
+ }
- // Check if the attachment is within the users scope...
- $sql = 'SELECT user_id, author_id
- FROM ' . PRIVMSGS_TO_TABLE . '
- WHERE msg_id = ' . $attachment['post_msg_id'];
- $result = $db->sql_query($sql);
+ if ($thumbnail)
+ {
+ $attachment['physical_filename'] = 'thumb_' . $attachment['physical_filename'];
+ }
+ else if ($display_cat == ATTACHMENT_CATEGORY_NONE && !$attachment['is_orphan'] && !phpbb_http_byte_range($attachment['filesize']))
+ {
+ // Update download count
+ phpbb_increment_downloads($db, $attachment['attach_id']);
+ }
- $allowed = false;
- while ($user_row = $db->sql_fetchrow($result))
+ if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && ((strpos(strtolower($user->browser), 'msie') !== false) && (strpos(strtolower($user->browser), 'msie 8.0') === false)))
+ {
+ wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']);
+ file_gc();
+ }
+ else
+ {
+ // Determine the 'presenting'-method
+ if ($download_mode == PHYSICAL_LINK)
{
- if ($user->data['user_id'] == $user_row['user_id'] || $user->data['user_id'] == $user_row['author_id'])
+ // This presenting method should no longer be used
+ if (!@is_dir($phpbb_root_path . $config['upload_path']))
{
- $allowed = true;
- break;
+ send_status_line(500, 'Internal Server Error');
+ trigger_error($user->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']);
}
- }
- $db->sql_freeresult($result);
- if (!$allowed)
+ redirect($phpbb_root_path . $config['upload_path'] . '/' . $attachment['physical_filename']);
+ file_gc();
+ }
+ else
{
- send_status_line(403, 'Forbidden');
- trigger_error('ERROR_NO_ATTACHMENT');
+ send_file_to_browser($attachment, $config['upload_path'], $display_cat);
+ file_gc();
}
}
+}
+else
+{
+ // sizeof($attachments) >= 1
+ if ($attachment['in_message'])
+ {
+ phpbb_download_handle_pm_auth($db, $auth, $user->data['user_id'], $attachment['post_msg_id']);
+ }
+ else
+ {
+ phpbb_download_handle_forum_auth($db, $auth, $attachment['topic_id']);
+ }
- // disallowed?
- $extensions = array();
- if (!extension_allowed($row['forum_id'], $attachment['extension'], $extensions))
+ if (!class_exists('compress'))
{
- send_status_line(404, 'Forbidden');
- trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));
+ require $phpbb_root_path . 'includes/functions_compress.' . $phpEx;
}
-}
-if (!download_allowed())
-{
- send_status_line(403, 'Forbidden');
- trigger_error($user->lang['LINKAGE_FORBIDDEN']);
-}
+ if (!in_array($archive, compress::methods()))
+ {
+ $archive = '.tar';
+ }
-$download_mode = (int) $extensions[$attachment['extension']]['download_mode'];
+ if ($post_msg_id)
+ {
+ if ($attachment['in_message'])
+ {
+ $sql = 'SELECT message_subject AS attach_subject
+ FROM ' . PRIVMSGS_TABLE . "
+ WHERE msg_id = $post_msg_id";
+ }
+ else
+ {
+ $sql = 'SELECT post_subject AS attach_subject, forum_id
+ FROM ' . POSTS_TABLE . "
+ WHERE post_id = $post_msg_id";
+ }
+ }
+ else
+ {
+ $sql = 'SELECT topic_title AS attach_subject, forum_id
+ FROM ' . TOPICS_TABLE . "
+ WHERE topic_id = $topic_id";
+ }
-// Fetching filename here to prevent sniffing of filename
-$sql = 'SELECT attach_id, is_orphan, in_message, post_msg_id, extension, physical_filename, real_filename, mimetype, filesize, filetime
- FROM ' . ATTACHMENTS_TABLE . "
- WHERE attach_id = $download_id";
-$result = $db->sql_query_limit($sql, 1);
-$attachment = $db->sql_fetchrow($result);
-$db->sql_freeresult($result);
+ $result = $db->sql_query($sql);
+ $row = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
-if (!$attachment)
-{
- send_status_line(404, 'Not Found');
- trigger_error('ERROR_NO_ATTACHMENT');
-}
+ if (empty($row))
+ {
+ send_status_line(404, 'Not Found');
+ trigger_error('ERROR_NO_ATTACHMENT');
+ }
-$attachment['physical_filename'] = utf8_basename($attachment['physical_filename']);
-$display_cat = $extensions[$attachment['extension']]['display_cat'];
+ $clean_name = phpbb_download_clean_filename($row['attach_subject']);
+ $suffix = '_' . (($post_msg_id) ? $post_msg_id : $topic_id) . '_' . $clean_name;
+ $archive_name = 'attachments' . $suffix;
-if (($display_cat == ATTACHMENT_CATEGORY_IMAGE || $display_cat == ATTACHMENT_CATEGORY_THUMB) && !$user->optionget('viewimg'))
-{
- $display_cat = ATTACHMENT_CATEGORY_NONE;
-}
+ $store_name = 'att_' . time() . '_' . unique_id();
+ $archive_path = "{$phpbb_root_path}store/{$store_name}{$archive}";
-if ($display_cat == ATTACHMENT_CATEGORY_FLASH && !$user->optionget('viewflash'))
-{
- $display_cat = ATTACHMENT_CATEGORY_NONE;
-}
+ if ($archive === '.zip')
+ {
+ $compress = new compress_zip('w', $archive_path);
+ }
+ else
+ {
+ $compress = new compress_tar('w', $archive_path, $archive);
+ }
-if ($thumbnail)
-{
- $attachment['physical_filename'] = 'thumb_' . $attachment['physical_filename'];
-}
-else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHMENT_CATEGORY_IMAGE*/) && !$attachment['is_orphan'] && !phpbb_http_byte_range($attachment['filesize']))
-{
- // Update download count
- $sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
- SET download_count = download_count + 1
- WHERE attach_id = ' . $attachment['attach_id'];
- $db->sql_query($sql);
-}
+ $extensions = array();
+ $files_added = 0;
+ $forum_id = ($attachment['in_message']) ? false : (int) $row['forum_id'];
+ $disallowed = array();
-if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && ((strpos(strtolower($user->browser), 'msie') !== false) && (strpos(strtolower($user->browser), 'msie 8.0') === false)))
-{
- wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']);
- file_gc();
-}
-else
-{
- // Determine the 'presenting'-method
- if ($download_mode == PHYSICAL_LINK)
+ foreach ($attachments as $attach)
{
- // This presenting method should no longer be used
- if (!@is_dir($phpbb_root_path . $config['upload_path']))
+ if (!extension_allowed($forum_id, $attach['extension'], $extensions))
+ {
+ $disallowed[$attach['extension']] = $attach['extension'];
+ continue;
+ }
+
+ $prefix = '';
+ if ($topic_id)
{
- send_status_line(500, 'Internal Server Error');
- trigger_error($user->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']);
+ $prefix = $attach['post_msg_id'] . '_';
}
- redirect($phpbb_root_path . $config['upload_path'] . '/' . $attachment['physical_filename']);
- file_gc();
+ $compress->add_custom_file("{$phpbb_root_path}files/{$attach['physical_filename']}", "{$prefix}{$attach['real_filename']}");
+ $files_added++;
}
- else
+
+ $compress->close();
+
+ if ($files_added)
{
- send_file_to_browser($attachment, $config['upload_path'], $display_cat);
- file_gc();
+ phpbb_increment_downloads($db, $attachment_ids);
+ $compress->download($store_name, $archive_name);
+ }
+
+ unlink($archive_path);
+
+ if (!$files_added)
+ {
+ // None of the attachments had a valid extension
+ $disallowed = implode($user->lang['COMMA_SEPARATOR'], $disallowed);
+ send_status_line(404, 'Forbidden');
+ trigger_error($user->lang('EXTENSION_DISABLED_AFTER_POSTING', $disallowed));
}
+
+ file_gc();
}
diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php
index 66e8459c18..881c95907b 100644
--- a/phpBB/includes/functions_display.php
+++ b/phpBB/includes/functions_display.php
@@ -1387,3 +1387,38 @@ function get_user_avatar($avatar, $avatar_type, $avatar_width, $avatar_height, $
$avatar_img .= $avatar;
return '<img src="' . (str_replace(' ', '%20', $avatar_img)) . '" width="' . $avatar_width . '" height="' . $avatar_height . '" alt="' . ((!empty($user->lang[$alt])) ? $user->lang[$alt] : $alt) . '" />';
}
+
+/**
+* Generate a list of archive types available for compressing attachments
+*
+* @param string $param_key Either topic_id or post_id
+* @param string $param_val The value of the topic or post id
+* @param string $phpbb_root_path The root path of the phpBB installation
+* @param string $phpEx The PHP extension
+*
+* @return array Array containing the link and the type of compression
+*/
+function phpbb_gen_download_links($param_key, $param_val, $phpbb_root_path, $phpEx)
+{
+ if (!class_exists('compress'))
+ {
+ require $phpbb_root_path . 'includes/functions_compress.' . $phpEx;
+ }
+
+ $methods = compress::methods();
+ $links = array();
+
+ foreach ($methods as $method)
+ {
+ $type = array_pop(explode('.', $method));
+ $params = array('archive' => $method);
+ $params[$param_key] = $param_val;
+
+ $links[] = array(
+ 'LINK' => append_sid("{$phpbb_root_path}download/file.$phpEx", $params),
+ 'TYPE' => $type,
+ );
+ }
+
+ return $links;
+}
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 1486113013..b6371dbecc 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -592,3 +592,132 @@ function phpbb_parse_range_request($request_array, $filesize)
);
}
}
+
+/**
+* Increments the download count of all provided attachments
+*
+* @param dbal $db The database object
+* @param array|int $ids The attach_id of each attachment
+*
+* @return null
+*/
+function phpbb_increment_downloads($db, $ids)
+{
+ if (!is_array($ids))
+ {
+ $ids = array($ids);
+ }
+
+ $sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
+ SET download_count = download_count + 1
+ WHERE ' . $db->sql_in_set('attach_id', $ids);
+ $db->sql_query($sql);
+}
+
+/**
+* Handles authentication when downloading attachments from a post or topic
+*
+* @param dbal $db The database object
+* @param phpbb_auth $auth The authentication object
+* @param int $topic_id The id of the topic that we are downloading from
+*
+* @return null
+*/
+function phpbb_download_handle_forum_auth($db, $auth, $topic_id)
+{
+ $sql = 'SELECT t.forum_id, f.forum_password, f.parent_id
+ FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
+ WHERE t.topic_id = " . (int) $topic_id . "
+ AND t.forum_id = f.forum_id";
+ $result = $db->sql_query($sql);
+ $row = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
+
+ if ($auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']))
+ {
+ if ($row && $row['forum_password'])
+ {
+ // Do something else ... ?
+ login_forum_box($row);
+ }
+ }
+ else
+ {
+ send_status_line(403, 'Forbidden');
+ trigger_error('SORRY_AUTH_VIEW_ATTACH');
+ }
+}
+
+/**
+* Handles authentication when downloading attachments from PMs
+*
+* @param dbal $db The database object
+* @param phpbb_auth $auth The authentication object
+* @param int $user_id The user id
+* @param int $msg_id The id of the PM that we are downloading from
+*
+* @return null
+*/
+function phpbb_download_handle_pm_auth($db, $auth, $user_id, $msg_id)
+{
+ if (!$auth->acl_get('u_pm_download'))
+ {
+ send_status_line(403, 'Forbidden');
+ trigger_error('SORRY_AUTH_VIEW_ATTACH');
+ }
+
+ $allowed = phpbb_download_check_pm_auth($db, $user_id, $msg_id);
+
+ if (!$allowed)
+ {
+ send_status_line(403, 'Forbidden');
+ trigger_error('ERROR_NO_ATTACHMENT');
+ }
+}
+
+/**
+* Checks whether a user can download from a particular PM
+*
+* @param dbal $db The database object
+* @param int $user_id The user id
+* @param int $msg_id The id of the PM that we are downloading from
+*
+* @return bool Whether the user is allowed to download from that PM or not
+*/
+function phpbb_download_check_pm_auth($db, $user_id, $msg_id)
+{
+ // Check if the attachment is within the users scope...
+ $sql = 'SELECT msg_id
+ FROM ' . PRIVMSGS_TO_TABLE . '
+ WHERE msg_id = ' . (int) $msg_id . '
+ AND (
+ user_id = ' . (int) $user_id . '
+ OR author_id = ' . (int) $user_id . '
+ )';
+ $result = $db->sql_query_limit($sql, 1);
+ $allowed = (bool) $db->sql_fetchfield('msg_id');
+ $db->sql_freeresult($result);
+
+ return $allowed;
+}
+
+/**
+* Cleans a filename of any characters that could potentially cause a problem on
+* a user's filesystem.
+*
+* @param string $filename The filename to clean
+*
+* @return string The cleaned filename
+*/
+function phpbb_download_clean_filename($filename)
+{
+ $bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|');
+
+ // rawurlencode to convert any potentially 'bad' characters that we missed
+ $filename = rawurlencode(str_replace($bad_chars, '_', $filename));
+
+ // Turn the %xx entities created by rawurlencode to _
+ $filename = preg_replace("/%(\w{2})/", '_', $filename);
+
+ return $filename;
+}
diff --git a/phpBB/includes/ucp/ucp_pm_viewmessage.php b/phpBB/includes/ucp/ucp_pm_viewmessage.php
index 569232d878..c85b05f144 100644
--- a/phpBB/includes/ucp/ucp_pm_viewmessage.php
+++ b/phpBB/includes/ucp/ucp_pm_viewmessage.php
@@ -257,6 +257,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
'U_PM_ACTION' => $url . '&amp;mode=compose&amp;f=' . $folder_id . '&amp;p=' . $message_row['msg_id'],
'S_HAS_ATTACHMENTS' => (sizeof($attachments)) ? true : false,
+ 'S_HAS_MULTIPLE_ATTACHMENTS' => (sizeof($attachments) > 1),
'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'],
'S_AUTHOR_DELETED' => ($author_id == ANONYMOUS) ? true : false,
'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)),
@@ -301,6 +302,12 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
// Display not already displayed Attachments for this post, we already parsed them. ;)
if (isset($attachments) && sizeof($attachments))
{
+ $methods = phpbb_gen_download_links('post_msg_id', $msg_id, $phpbb_root_path, $phpEx);
+ foreach ($methods as $method)
+ {
+ $template->assign_block_vars('dl_method', $method);
+ }
+
foreach ($attachments as $attachment)
{
$template->assign_block_vars('attachment', array(
diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php
index 33d39c3e99..e6022e3b79 100644
--- a/phpBB/language/en/common.php
+++ b/phpBB/language/en/common.php
@@ -161,6 +161,8 @@ $lang = array_merge($lang, array(
'DISPLAY_MESSAGES' => 'Display messages from previous',
'DISPLAY_POSTS' => 'Display posts from previous',
'DISPLAY_TOPICS' => 'Display topics from previous',
+ 'DOWNLOAD_ALL' => 'Download all',
+ 'DOWNLOAD_ALL_ATTACHMENTS' => 'Download all attachments',
'DOWNLOADED' => 'Downloaded',
'DOWNLOADING_FILE' => 'Downloading file',
'DOWNLOAD_COUNTS' => array(
diff --git a/phpBB/styles/prosilver/template/ucp_pm_viewmessage.html b/phpBB/styles/prosilver/template/ucp_pm_viewmessage.html
index 2e7a7c4ac9..b022bcd979 100644
--- a/phpBB/styles/prosilver/template/ucp_pm_viewmessage.html
+++ b/phpBB/styles/prosilver/template/ucp_pm_viewmessage.html
@@ -41,12 +41,24 @@
<div class="content">{MESSAGE}</div>
<!-- IF S_HAS_ATTACHMENTS -->
- <dl class="attachbox">
- <dt>{L_ATTACHMENTS}</dt>
- <!-- BEGIN attachment -->
- <dd>{attachment.DISPLAY_ATTACHMENT}</dd>
- <!-- END attachment -->
- </dl>
+ <dl class="attachbox">
+ <dt>
+ {L_ATTACHMENTS}
+ <!-- IF S_HAS_MULTIPLE_ATTACHMENTS -->
+ <div class="dl_links">
+ <strong>{L_DOWNLOAD_ALL}:</strong>
+ <ul>
+ <!-- BEGIN dl_method -->
+ <li>[ <a href="{dl_method.LINK}">{dl_method.TYPE}</a> ]</li>
+ <!-- END dl_method -->
+ </ul>
+ </div>
+ <!-- ENDIF -->
+ </dt>
+ <!-- BEGIN attachment -->
+ <dd>{attachment.DISPLAY_ATTACHMENT}</dd>
+ <!-- END attachment -->
+ </dl>
<!-- ENDIF -->
<!-- IF S_DISPLAY_NOTICE -->
diff --git a/phpBB/styles/prosilver/template/viewtopic_body.html b/phpBB/styles/prosilver/template/viewtopic_body.html
index cfbf0969d9..4534dc5bcc 100644
--- a/phpBB/styles/prosilver/template/viewtopic_body.html
+++ b/phpBB/styles/prosilver/template/viewtopic_body.html
@@ -157,7 +157,19 @@
<!-- IF postrow.S_HAS_ATTACHMENTS -->
<dl class="attachbox">
- <dt>{L_ATTACHMENTS}</dt>
+ <dt>
+ {L_ATTACHMENTS}
+ <!-- IF postrow.S_MULTIPLE_ATTACHMENTS -->
+ <div class="dl_links">
+ <strong>{L_DOWNLOAD_ALL}:</strong>
+ <ul>
+ <!-- BEGIN dl_method -->
+ <li>[ <a href="{postrow.dl_method.LINK}">{postrow.dl_method.TYPE}</a> ]</li>
+ <!-- END dl_method -->
+ </ul>
+ </div>
+ <!-- ENDIF -->
+ </dt>
<!-- BEGIN attachment -->
<dd>{postrow.attachment.DISPLAY_ATTACHMENT}</dd>
<!-- END attachment -->
@@ -256,6 +268,17 @@
<!-- ENDIF -->
</div>
+ <!-- IF S_HAS_ATTACHMENTS -->
+ <div class="dl_links">
+ <strong>{L_DOWNLOAD_ALL_ATTACHMENTS}:</strong>
+ <ul>
+ <!-- BEGIN dl_method -->
+ <li>[ <a href="{dl_method.LINK}">{dl_method.TYPE}</a> ]</li>
+ <!-- END dl_method -->
+ </ul>
+ </div>
+ <!-- ENDIF -->
+
<!-- IF .pagination or TOTAL_POSTS -->
<div class="pagination">
{TOTAL_POSTS} &bull;
diff --git a/phpBB/styles/prosilver/theme/content.css b/phpBB/styles/prosilver/theme/content.css
index 60903911dd..b6012f8a63 100644
--- a/phpBB/styles/prosilver/theme/content.css
+++ b/phpBB/styles/prosilver/theme/content.css
@@ -702,3 +702,26 @@ dl.pmlist dd {
margin-left: 61% !important;
margin-bottom: 2px;
}
+
+.topic-actions div.dl_links {
+ padding: 10px 0 0 10px;
+}
+
+div.dl_links {
+ display: inline-block;
+ text-transform: none;
+}
+
+.dl_links strong {
+ font-weight: bold;
+}
+
+.dl_links ul {
+ list-style-type: none;
+ margin: 0;
+ display: inline-block;
+}
+
+.dl_links li {
+ display: inline-block;
+}
diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php
index 3dd7d8a863..3fde5b5e03 100644
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@@ -1352,6 +1352,16 @@ if (sizeof($attach_list))
}
}
+$template->assign_vars(array(
+ 'S_HAS_ATTACHMENTS' => !empty($attachments),
+));
+
+$methods = phpbb_gen_download_links('topic_id', $topic_id, $phpbb_root_path, $phpEx);
+foreach ($methods as $method)
+{
+ $template->assign_block_vars('dl_method', $method);
+}
+
// Instantiate BBCode if need be
if ($bbcode_bitfield !== '')
{
@@ -1594,6 +1604,7 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i)
'POSTER_ID' => $poster_id,
'S_HAS_ATTACHMENTS' => (!empty($attachments[$row['post_id']])) ? true : false,
+ 'S_MULTIPLE_ATTACHMENTS' => !empty($attachments[$row['post_id']]) && sizeof($attachments[$row['post_id']]) > 1,
'S_POST_UNAPPROVED' => ($row['post_approved']) ? false : true,
'S_POST_REPORTED' => ($row['post_reported'] && $auth->acl_get('m_report', $forum_id)) ? true : false,
'S_DISPLAY_NOTICE' => $display_notice && $row['post_attachment'],
@@ -1647,6 +1658,12 @@ for ($i = 0, $end = sizeof($post_list); $i < $end; ++$i)
'DISPLAY_ATTACHMENT' => $attachment)
);
}
+
+ $methods = phpbb_gen_download_links('post_msg_id', $row['post_id'], $phpbb_root_path, $phpEx);
+ foreach ($methods as $method)
+ {
+ $template->assign_block_vars('postrow.dl_method', $method);
+ }
}
$prev_post_id = $row['post_id'];
generated by cgit v1.2.1 (git 2.21.0) at 2025-10-10 04:45:02 +0000