diff options
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_language.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions_display.php | 16 | ||||
| -rw-r--r-- | phpBB/includes/session.php | 4 |
3 files changed, 14 insertions, 8 deletions
diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php index f010657fe4..29aabe240f 100644 --- a/phpBB/includes/acp/acp_language.php +++ b/phpBB/includes/acp/acp_language.php @@ -779,7 +779,7 @@ class acp_language include_once($phpbb_root_path . 'includes/functions_compress.' . $phpEx); - if ($use_method == 'zip') + if ($use_method == '.zip') { $compress = new compress_zip('w', $phpbb_root_path . 'store/lang_' . $row['lang_iso'] . $use_method); } diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 05ab4afcbb..10de128e31 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -789,12 +789,13 @@ function display_attachments($forum_id, $blockname, &$attachment_data, &$update_ } } + $download_link = (!$force_physical && $attachment['attach_id']) ? append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id'] . '&f=' . $forum_id) : $filename; + switch ($display_cat) { // Images case ATTACHMENT_CATEGORY_IMAGE: $l_downloaded_viewed = $user->lang['VIEWED']; - $download_link = $filename; $block_array += array( 'S_IMAGE' => true, @@ -806,17 +807,24 @@ function display_attachments($forum_id, $blockname, &$attachment_data, &$update_ // Images, but display Thumbnail case ATTACHMENT_CATEGORY_THUMB: $l_downloaded_viewed = $user->lang['VIEWED']; - $download_link = (!$force_physical && $attachment['attach_id']) ? append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id']) : $filename; + $thumbnail_link = (!$force_physical && $attachment['attach_id']) ? append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id'] . '&t=1&f=' . $forum_id) : $thumbnail_filename; $block_array += array( 'S_THUMBNAIL' => true, - 'THUMB_IMAGE' => $thumbnail_filename, + 'THUMB_IMAGE' => $thumbnail_link, ); break; // Windows Media Streams case ATTACHMENT_CATEGORY_WM: $l_downloaded_viewed = $user->lang['VIEWED']; + + // The download link is slightly different, because somehow phpBB is not able to get the correct results if called + // within the wmp object (cookies are not present). + // $download_link = (!$force_physical && $attachment['attach_id']) ? generate_board_url() . append_sid("/download.$phpEx", 'id=' . $attachment['attach_id'] . '&f=' . $forum_id, false, $user->session_id) : $filename; + + // Giving the filename directly because within the wm object all variables are in local context making it impossible + // to validate against a valid session (all params can differ) $download_link = $filename; $block_array += array( @@ -830,7 +838,6 @@ function display_attachments($forum_id, $blockname, &$attachment_data, &$update_ // Real Media Streams case ATTACHMENT_CATEGORY_RM: $l_downloaded_viewed = $user->lang['VIEWED']; - $download_link = $filename; $block_array += array( 'S_RM_FILE' => true, @@ -861,7 +868,6 @@ function display_attachments($forum_id, $blockname, &$attachment_data, &$update_ */ default: $l_downloaded_viewed = $user->lang['DOWNLOADED']; - $download_link = (!$force_physical && $attachment['attach_id']) ? append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . $attachment['attach_id']) : $filename; $block_array += array( 'S_FILE' => true, diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 3b1e43e052..7514d070e5 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -131,7 +131,7 @@ class session * @todo Introduce further user types, bot, guest * @todo Change user_type (as above) to a bitfield? user_type & USER_FOUNDER for example */ - function session_begin($update_session_page = true) + function session_begin($update_session_page = true, $loose_validation = false) { global $phpEx, $SID, $_SID, $db, $config, $phpbb_root_path; @@ -207,7 +207,7 @@ class session // Validate IP length according to admin ... enforces an IP // check on bots if admin requires this // $quadcheck = ($config['ip_check_bot'] && $this->data['user_type'] & USER_BOT) ? 4 : $config['ip_check']; - + $s_ip = implode('.', array_slice(explode('.', $this->data['session_ip']), 0, $config['ip_check'])); $u_ip = implode('.', array_slice(explode('.', $this->ip), 0, $config['ip_check'])); |