diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2013-06-07 00:15:28 +0200 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2013-06-07 00:15:28 +0200 |
| commit | 1d7c80b91210337845ae33267131bb82473b9a9f (patch) | |
| tree | e9a254aa34b872d99244d09e715a8b3371382ec7 /phpBB/includes/functions_posting.php | |
| parent | 8c4670eeb1264e2535021e400d2cf7e2c2028010 (diff) | |
| parent | b4b1704a9b2f2c6e7770f478e27c5c408772f3ff (diff) | |
| download | forums-1d7c80b91210337845ae33267131bb82473b9a9f.tar forums-1d7c80b91210337845ae33267131bb82473b9a9f.tar.gz forums-1d7c80b91210337845ae33267131bb82473b9a9f.tar.bz2 forums-1d7c80b91210337845ae33267131bb82473b9a9f.tar.xz forums-1d7c80b91210337845ae33267131bb82473b9a9f.zip | |
Merge branch 'develop' of https://github.com/phpbb/phpbb3 into ticket/11568-develop
* 'develop' of https://github.com/phpbb/phpbb3: (29 commits)
[ticket/11588] Also use version.phpbb.com in install_update.php.
[ticket/11587] Add functional tests for group teampage settings
[ticket/11538] Add admin as admins leader and moderator in memberlist_test
[ticket/11587] Pass legend and teampage settings to group_create()
[ticket/11586] Move $filedata['thumbnail'] to where it might be returned.
[ticket/11586] Combine $filedata['post_attach'] assign into a single statement.
[ticket/11586] Use a variable for $cat_id == ATTACHMENT_CATEGORY_IMAGE.
[ticket/11586] Combine administrator/moderator checks together.
[ticket/11583] Use a new lang key instead of giving the old one a new meaning.
[ticket/11122] Add dhruv to active authors
[ticket/11122] Remove Oleg and igorw from active authors
[ticket/10840] Add check_form_key to acp_groups.php
[ticket/11583] Allow FULLTEXT indexes on InnoDB when on MySQL 5.6.4 or higher.
[ticket/11409] Add success message after updating group position settings
[ticket/11549] Add functional test for ACP Extension Module with Template
[ticket/11570] Fix link and make the notice more conspiciuous
[ticket/11549] Do not set extension dir path for style in adm/index.php
[ticket/11570] Add link back to update process
[ticket/11569] Add type parameter and fix language variable
[ticket/11569] Add parameter to URL and remove comment
...
Conflicts:
tests/functional/common_groups_test.php
Diffstat (limited to 'phpBB/includes/functions_posting.php')
| -rw-r--r-- | phpBB/includes/functions_posting.php | 57 |
1 files changed, 25 insertions, 32 deletions
diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index baef7bcda5..b9b518ad32 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -403,14 +403,7 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage $upload->set_disallowed_content(explode('|', $config['mime_triggers'])); } - if (!$local) - { - $filedata['post_attach'] = ($upload->is_valid($form_name)) ? true : false; - } - else - { - $filedata['post_attach'] = true; - } + $filedata['post_attach'] = $local || $upload->is_valid($form_name); if (!$filedata['post_attach']) { @@ -429,30 +422,18 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage return $filedata; } - $cat_id = (isset($extensions[$file->get('extension')]['display_cat'])) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE; - - // Make sure the image category only holds valid images... - if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image()) - { - $file->remove(); - - // If this error occurs a user tried to exploit an IE Bug by renaming extensions - // Since the image category is displaying content inline we need to catch this. - trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']); - } - - // Do we have to create a thumbnail? - $filedata['thumbnail'] = ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail']) ? 1 : 0; - - // Check Image Size, if it is an image - if (!$auth->acl_get('a_') && !$auth->acl_get('m_', $forum_id) && $cat_id == ATTACHMENT_CATEGORY_IMAGE) - { - $file->upload->set_allowed_dimensions(0, 0, $config['img_max_width'], $config['img_max_height']); - } + // Whether the uploaded file is in the image category + $is_image = (isset($extensions[$file->get('extension')]['display_cat'])) ? $extensions[$file->get('extension')]['display_cat'] == ATTACHMENT_CATEGORY_IMAGE : false; - // Admins and mods are allowed to exceed the allowed filesize if (!$auth->acl_get('a_') && !$auth->acl_get('m_', $forum_id)) { + // Check Image Size, if it is an image + if ($is_image) + { + $file->upload->set_allowed_dimensions(0, 0, $config['img_max_width'], $config['img_max_height']); + } + + // Admins and mods are allowed to exceed the allowed filesize if (!empty($extensions[$file->get('extension')]['max_filesize'])) { $allowed_filesize = $extensions[$file->get('extension')]['max_filesize']; @@ -467,10 +448,12 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage $file->clean_filename('unique', $user->data['user_id'] . '_'); - // Are we uploading an image *and* this image being within the image category? Only then perform additional image checks. - $no_image = ($cat_id == ATTACHMENT_CATEGORY_IMAGE) ? false : true; + // Are we uploading an image *and* this image being within the image category? + // Only then perform additional image checks. + $file->move_file($config['upload_path'], false, !$is_image); - $file->move_file($config['upload_path'], false, $no_image); + // Do we have to create a thumbnail? + $filedata['thumbnail'] = ($is_image && $config['img_create_thumbnail']) ? 1 : 0; if (sizeof($file->error)) { @@ -481,6 +464,16 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage return $filedata; } + // Make sure the image category only holds valid images... + if ($is_image && !$file->is_image()) + { + $file->remove(); + + // If this error occurs a user tried to exploit an IE Bug by renaming extensions + // Since the image category is displaying content inline we need to catch this. + trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']); + } + $filedata['filesize'] = $file->get('filesize'); $filedata['mimetype'] = $file->get('mimetype'); $filedata['extension'] = $file->get('extension'); |