diff options
Diffstat (limited to 'phpBB/includes/functions_download.php')
| -rw-r--r-- | phpBB/includes/functions_download.php | 39 |
1 files changed, 9 insertions, 30 deletions
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php index 7a7efd5b34..fbeae50f55 100644 --- a/phpBB/includes/functions_download.php +++ b/phpBB/includes/functions_download.php @@ -45,28 +45,28 @@ function send_avatar_to_browser($file, $browser) if ((@file_exists($file_path) && @is_readable($file_path)) && !headers_sent()) { - header('Pragma: public'); + header('Cache-Control: public'); $image_data = @getimagesize($file_path); header('Content-Type: ' . image_type_to_mime_type($image_data[2])); - if ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7)) + if ((strpos(strtolower($browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7)) { header('Content-Disposition: attachment; ' . header_filename($file)); if (strpos(strtolower($browser), 'msie 6.0') !== false) { - header('Expires: -1'); + header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT'); } else { - header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000)); + header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT'); } } else { header('Content-Disposition: inline; ' . header_filename($file)); - header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000)); + header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT'); } $size = @filesize($file_path); @@ -175,7 +175,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } // Now the tricky part... let's dance - header('Pragma: public'); + header('Cache-Control: public'); // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. header('Content-Type: ' . $attachment['mimetype']); @@ -197,7 +197,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) { - header('expires: -1'); + header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT'); } } else @@ -420,8 +420,8 @@ function set_modified_headers($stamp, $browser) { send_status_line(304, 'Not Modified'); // seems that we need those too ... browsers - header('Pragma: public'); - header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000)); + header('Cache-Control: public'); + header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT'); return true; } else @@ -718,27 +718,6 @@ function phpbb_download_check_pm_auth($db, $user_id, $msg_id) } /** -* Cleans a filename of any characters that could potentially cause a problem on -* a user's filesystem. -* -* @param string $filename The filename to clean -* -* @return string The cleaned filename -*/ -function phpbb_download_clean_filename($filename) -{ - $bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|'); - - // rawurlencode to convert any potentially 'bad' characters that we missed - $filename = rawurlencode(str_replace($bad_chars, '_', $filename)); - - // Turn the %xx entities created by rawurlencode to _ - $filename = preg_replace("/%(\w{2})/", '_', $filename); - - return $filename; -} - -/** * Check if the browser is internet explorer version 7+ * * @param string $user_agent User agent HTTP header |