aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/download/file.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/download/file.php')
-rw-r--r--phpBB/download/file.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/phpBB/download/file.php b/phpBB/download/file.php
index 891352f00c..68a4afe03c 100644
--- a/phpBB/download/file.php
+++ b/phpBB/download/file.php
@@ -246,7 +246,7 @@ if (!download_allowed())
$download_mode = (int) $extensions[$attachment['extension']]['download_mode'];
// Fetching filename here to prevent sniffing of filename
-$sql = 'SELECT attach_id, is_orphan, in_message, post_msg_id, extension, physical_filename, real_filename, mimetype, filetime
+$sql = 'SELECT attach_id, is_orphan, in_message, post_msg_id, extension, physical_filename, real_filename, mimetype, filesize, filetime
FROM ' . ATTACHMENTS_TABLE . "
WHERE attach_id = $download_id";
$result = $db->sql_query_limit($sql, 1);
@@ -275,7 +275,7 @@ if ($thumbnail)
{
$attachment['physical_filename'] = 'thumb_' . $attachment['physical_filename'];
}
-else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHMENT_CATEGORY_IMAGE*/) && !$attachment['is_orphan'])
+else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHMENT_CATEGORY_IMAGE*/) && !$attachment['is_orphan'] && !phpbb_http_byte_range($attachment['filesize']))
{
// Update download count
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
generated by cgit v1.2.1 (git 2.21.0) at 2025-09-01 03:22:17 +0000