diff options
| -rw-r--r-- | phpBB/docs/CHANGELOG.html | 1 | ||||
| -rw-r--r-- | phpBB/download/file.php | 28 | ||||
| -rw-r--r-- | phpBB/includes/functions_content.php | 1 | ||||
| -rw-r--r-- | phpBB/styles/prosilver/template/attachment.html | 4 |
4 files changed, 23 insertions, 11 deletions
diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 485c5bdb37..ef50e08453 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -122,6 +122,7 @@ <li>[Fix] Set connection encoding for MySQL versions 4.1.0 to 4.1.2. This may fix some conversion issues with special characters. (Bug #41805)</li> <li>[Fix] Deleting private message attachments could delete post attachments. (Bug #42815)</li> <li>[Fix] Do not suppress PHP notices/errors in language packs if DEBUG_EXTRA mode enabled. (Bug #41485)</li> + <li>[Fix] Flash files do not display anymore after update to flash player 10 (Bug #41315)</li> <li>[Change] Allow download of conflicting file for later reference in automatic updater</li> <li>[Change] Default difference view is now 'inline' instead of 'side by side'</li> <li>[Change] Added new option for merging differences to conflicting files in automatic updater</li> diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 309a136e3a..f71afb670e 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -465,24 +465,34 @@ function send_file_to_browser($attachment, $upload_dir, $category) // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. $is_ie8 = (strpos(strtolower($user->browser), 'msie 8.0') !== false); header('Content-Type: ' . $attachment['mimetype']); + if ($is_ie8) { header('X-Content-Type-Options: nosniff'); } - if (empty($user->browser) || (!$is_ie8 && (strpos(strtolower($user->browser), 'msie') !== false))) + + if ($category == ATTACHMENT_CATEGORY_FLASH && request_var('view', 0) === 1) { - header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); - if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) - { - header('expires: -1'); - } + // We use content-disposition: inline for flash files and view=1 to let it correctly play with flash player 10 - any other disposition will fail to play inline + header('Content-Disposition: inline'); } else { - header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); - if ($is_ie8 && (strpos($attachment['mimetype'], 'image') !== 0)) + if (empty($user->browser) || (!$is_ie8 && (strpos(strtolower($user->browser), 'msie') !== false))) { - header('X-Download-Options: noopen'); + header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); + if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) + { + header('expires: -1'); + } + } + else + { + header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); + if ($is_ie8 && (strpos($attachment['mimetype'], 'image') !== 0)) + { + header('X-Download-Options: noopen'); + } } } diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index 21c595053f..1859941c76 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -998,6 +998,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, 'S_FLASH_FILE' => true, 'WIDTH' => $width, 'HEIGHT' => $height, + 'U_VIEW_LINK' => $download_link . '&view=1', ); // Viewed/Heared File ... update the download count diff --git a/phpBB/styles/prosilver/template/attachment.html b/phpBB/styles/prosilver/template/attachment.html index 7472abaee6..cc5aacff2f 100644 --- a/phpBB/styles/prosilver/template/attachment.html +++ b/phpBB/styles/prosilver/template/attachment.html @@ -61,13 +61,13 @@ <!-- ELSEIF _file.S_FLASH_FILE --> <object classid="clsid:D27CDB6E-AE6D-11CF-96B8-444553540000" codebase="http://active.macromedia.com/flash2/cabs/swflash.cab#version=5,0,0,0" width="{_file.WIDTH}" height="{_file.HEIGHT}"> - <param name="movie" value="{_file.U_DOWNLOAD_LINK}" /> + <param name="movie" value="{_file.U_VIEW_LINK}" /> <param name="play" value="true" /> <param name="loop" value="true" /> <param name="quality" value="high" /> <param name="allowScriptAccess" value="never" /> <param name="allowNetworking" value="internal" /> - <embed src="{_file.U_DOWNLOAD_LINK}" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" width="{_file.WIDTH}" height="{_file.HEIGHT}" play="true" loop="true" quality="high" allowscriptaccess="never" allownetworking="internal"></embed> + <embed src="{_file.U_VIEW_LINK}" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" width="{_file.WIDTH}" height="{_file.HEIGHT}" play="true" loop="true" quality="high" allowscriptaccess="never" allownetworking="internal"></embed> </object> <!-- ELSEIF _file.S_QUICKTIME_FILE --> <object id="qtstream_{_file.ATTACH_ID}" classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" codebase="http://www.apple.com/qtactivex/qtplugin.cab#version=6,0,2,0" width="0" height="16"> |