diff options
| -rw-r--r-- | phpBB/download.php | 16 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/functions_posting.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/functions_upload.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 1 |
5 files changed, 24 insertions, 7 deletions
diff --git a/phpBB/download.php b/phpBB/download.php index ff4b1660cc..c1f28c080f 100644 --- a/phpBB/download.php +++ b/phpBB/download.php @@ -214,6 +214,16 @@ if (!$attachment) $attachment['physical_filename'] = basename($attachment['physical_filename']); $display_cat = $extensions[$attachment['extension']]['display_cat']; +if (($display_cat == ATTACHMENT_CATEGORY_IMAGE || $display_cat == ATTACHMENT_CATEGORY_THUMB) && !$user->optionget('viewimg')) +{ + $display_cat = ATTACHMENT_CATEGORY_NONE; +} + +if ($display_cat == ATTACHMENT_CATEGORY_FLASH && !$user->optionget('viewflash')) +{ + $display_cat = ATTACHMENT_CATEGORY_NONE; +} + if ($thumbnail) { $attachment['physical_filename'] = 'thumb_' . $attachment['physical_filename']; @@ -227,7 +237,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE || $display_cat == ATTACHMENT $db->sql_query($sql); } -if ($mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && strpos(strtolower($user->browser), 'msie') !== false) +if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && strpos(strtolower($user->browser), 'msie') !== false) { wrap_img_in_html(append_sid('./download.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']); } @@ -247,7 +257,7 @@ else } else { - send_file_to_browser($attachment, $config['upload_path'], $extensions[$attachment['extension']]['display_cat']); + send_file_to_browser($attachment, $config['upload_path'], $display_cat); exit; } } @@ -358,7 +368,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) // Correct the mime type - we force application/octetstream for all files, except images // Please do not change this, it is a security precaution - if (strpos($attachment['mimetype'], 'image') !== 0) + if ($category != ATTACHMENT_CATEGORY_IMAGE || strpos($attachment['mimetype'], 'image') !== 0) { $attachment['mimetype'] = (strpos(strtolower($user->browser), 'msie') !== false || strpos(strtolower($user->browser), 'opera') !== false) ? 'application/octetstream' : 'application/octet-stream'; } diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 922c85d06d..4f4ecb5117 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2987,7 +2987,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, $display_cat = ATTACHMENT_CATEGORY_NONE; } - $download_link = append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id'] . '&mode=view'); + $download_link = append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id']); switch ($display_cat) { @@ -2995,6 +2995,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, case ATTACHMENT_CATEGORY_IMAGE: $l_downloaded_viewed = 'VIEWED_COUNT'; $inline_link = append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id']); + $download_link .= '&mode=view'; $block_array += array( 'S_IMAGE' => true, @@ -3008,6 +3009,7 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count, case ATTACHMENT_CATEGORY_THUMB: $l_downloaded_viewed = 'VIEWED_COUNT'; $thumbnail_link = append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id'] . '&t=1'); + $download_link = '&mode=view'; $block_array += array( 'S_THUMBNAIL' => true, diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 9fe27fdd1a..d75a548d1b 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -408,7 +408,11 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage } $file->clean_filename('unique', $user->data['user_id'] . '_'); - $file->move_file($config['upload_path']); + + // Are we uploading an image *and* this image being within the image category? Only then perform additional image checks. + $no_image = ($cat_id == ATTACHMENT_CATEGORY_IMAGE) ? false : true; + + $file->move_file($config['upload_path'], false, $no_image); if (sizeof($file->error)) { diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 93254a0d08..93b809f296 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -230,7 +230,7 @@ class filespec * @param octal $chmod Permission mask for chmodding the file after a successful move * @access public */ - function move_file($destination, $overwrite = false, $chmod = 0666) + function move_file($destination, $overwrite = false, $skip_image_check = false, $chmod = 0666) { global $user, $phpbb_root_path; @@ -315,7 +315,7 @@ class filespec // Try to get real filesize from destination folder $this->filesize = (@filesize($this->destination_file)) ? @filesize($this->destination_file) : $this->filesize; - if ($this->is_image()) + if ($this->is_image() && !$skip_image_check) { $this->width = $this->height = 0; diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 3da49026c9..a53577d68d 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -1853,6 +1853,7 @@ function avatar_get_dimensions($avatar, $avatar_type, &$error, $current_x = 0, $ $avatar = $phpbb_root_path . $config['avatar_gallery_path'] . '/' . $avatar ; break; } + // Make sure getimagesize works... if (($image_data = @getimagesize($avatar)) === false) { |