diff options
Diffstat (limited to 'phpBB/download/file.php')
| -rw-r--r-- | phpBB/download/file.php | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 97f4ff3c8a..5f45b88359 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -48,6 +48,7 @@ if (isset($_GET['avatar'])) require($phpbb_root_path . 'includes/cache.' . $phpEx); require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx); require($phpbb_root_path . 'includes/constants.' . $phpEx); + require($phpbb_root_path . 'includes/functions.' . $phpEx); $db = new $sql_db(); $cache = new cache(); @@ -76,7 +77,7 @@ if (isset($_GET['avatar'])) // '==' is not a bug - . as the first char is as bad as no dot at all if (strpos($filename, '.') == false) { - header('HTTP/1.0 403 Forbidden'); + send_status_line(403, 'Forbidden'); $exit = true; } @@ -90,7 +91,7 @@ if (isset($_GET['avatar'])) if (!$exit && !in_array($ext, array('png', 'gif', 'jpg', 'jpeg'))) { // no way such an avatar could exist. They are not following the rules, stop the show. - header("HTTP/1.0 403 Forbidden"); + send_status_line(403, 'Forbidden'); $exit = true; } @@ -100,7 +101,7 @@ if (isset($_GET['avatar'])) if (!$filename) { // no way such an avatar could exist. They are not following the rules, stop the show. - header("HTTP/1.0 403 Forbidden"); + send_status_line(403, 'Forbidden'); } else { @@ -198,7 +199,7 @@ else $row['forum_id'] = false; if (!$auth->acl_get('u_pm_download')) { - header('HTTP/1.0 403 Forbidden'); + send_status_line(403, 'Forbidden'); trigger_error('SORRY_AUTH_VIEW_ATTACH'); } @@ -221,7 +222,7 @@ else if (!$allowed) { - header('HTTP/1.0 403 Forbidden'); + send_status_line(403, 'Forbidden'); trigger_error('ERROR_NO_ATTACHMENT'); } } @@ -236,7 +237,7 @@ else if (!download_allowed()) { - header('HTTP/1.0 403 Forbidden'); + send_status_line(403, 'Forbidden'); trigger_error($user->lang['LINKAGE_FORBIDDEN']); } @@ -382,7 +383,7 @@ function send_avatar_to_browser($file, $browser) } else { - header('HTTP/1.0 404 Not Found'); + send_status_line(404, 'Not Found'); } } |