+<?php

+/***************************************************************************

+ * download.php

+ * -------------------

+ * begin : Thu, Apr 10, 2003

+ * copyright : (C) 2003 The phpBB Group

+ * email : support@phpbb.com

+ *

+ * $Id$

+ *

+ ***************************************************************************/

+

+/***************************************************************************

+ *

+ * This program is free software; you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation; either version 2 of the License, or

+ * (at your option) any later version.

+ *

+ ***************************************************************************/

+

+

+if ( defined('IN_PHPBB') )

+{

+ die('Hacking attempt');

+ exit;

+}

+

+define('IN_PHPBB', true);

+$phpbb_root_path = './';

+include($phpbb_root_path . 'extension.inc');

+include($phpbb_root_path . 'common.'.$phpEx);

+

+//

+// Delete the / * to uncomment the block, and edit the values (read the comments) to

+// enable additional security to your board (preventing third site linkage)

+//

+/*

+define('ALLOWED_DENIED', 0);

+define('DENIED_ALLOWED', 1);

+

+//

+// From this line on you are able to edit the stuff

+//

+

+// Possible Values:

+// ALLOWED_DENIED <- First allow the listed sites, and then deny all others

+// DENIED_ALLOWED <- First deny the listed sites, and then allow all others

+$allow_deny_order = ALLOWED_DENIED;

+

+//

+// Allowed Syntax:

+// Full Domain Name -> www.opentools.de

+// Partial Domain Names -> opentools.de

+//

+$sites = array(

+ $config['server_name'], // This is your domain

+ 'phpbb.com'

+);

+

+// This is the message displayed, if someone links to this site...

+$lang['Denied_Message'] = 'You are not authorized to view, download or link to this Site.';

+

+// End of editable area

+

+//

+// Parse the order and evaluate the array

+//

+

+$site = explode('?', $HTTP_SERVER_VARS['HTTP_REFERER']);

+$url = trim($site[0]);

+//$url = $HTTP_HOST;

+

+if ($url != '')

+{

+ $allowed = ($allow_deny_order == ALLOWED_DENIED) ? FALSE : TRUE;

+

+ for ($i = 0; $i < count($sites); $i++)

+ {

+ if (strstr($url, $sites[$i]))

+ {

+ $allowed = ($allow_deny_order == ALLOWED_DENIED) ? TRUE : FALSE;

+ break;

+ }

+ }

+}

+else

+{

+ $allowed = TRUE;

+}

+

+if ($allowed == FALSE)

+{

+ trigger_error($lang['Denied_Message']);

+}

+

+// Delete the following line, to uncomment this block

+*/

+

+$download_id = (isset($_REQUEST['id'])) ? intval($_REQUEST['id']) : -1;

+$thumbnail = (isset($_REQUEST['thumb'])) ? intval($_REQUEST['thumb']) : false;

+

+function send_file_to_browser($real_filename, $mimetype, $physical_filename, $upload_dir, $attach_id)

+{

+ global $_SERVER, $HTTP_USER_AGENT, $HTTP_SERVER_VARS, $user, $db, $config;

+

+ if ($config['upload_dir'] == '')

+ {

+ $filename = $physical_filename;

+ }

+ else

+ {

+ $filename = $config['upload_dir'] . '/' . $physical_filename;

+ }

+

+ $gotit = FALSE;

+

+ if (!intval($config['allow_ftp_upload']))

+ {

+ if (@!file_exists($filename))

+ {

+ trigger_error($user->lang['ERROR_NO_ATTACHMENT'] . "<br /><br />" . sprintf($user->lang['FILE_NOT_FOUND_404'], $filename));

+ }

+ else

+ {

+ $gotit = TRUE;

+ }

+ }

+

+ // Determine the Browser the User is using, because of some nasty incompatibilities.

+ // borrowed from phpMyAdmin. :)

+ if (!empty($_SERVER['HTTP_USER_AGENT']))

+ {

+ $HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];

+ }

+ else if (!empty($HTTP_SERVER_VARS['HTTP_USER_AGENT']))

+ {

+ $HTTP_USER_AGENT = $HTTP_SERVER_VARS['HTTP_USER_AGENT'];

+ }

+ else if (!isset($HTTP_USER_AGENT))

+ {

+ $HTTP_USER_AGENT = '';

+ }

+

+ if (ereg('Opera(/| )([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))

+ {

+ $browser_version = $log_version[2];

+ $browser_agent = 'opera';

+ }

+ else if (ereg('MSIE ([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))

+ {

+ $browser_version = $log_version[1];

+ $browser_agent = 'ie';

+ }

+ else if (ereg('OmniWeb/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))

+ {

+ $browser_version = $log_version[1];

+ $browser_agent = 'omniweb';

+ }

+ else if (ereg('Netscape([0-9]{1})', $HTTP_USER_AGENT, $log_version))

+ {

+ $browser_version = $log_version[1];

+ $browser_agent = 'netscape';

+ }

+ else if (ereg('Mozilla/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))

+ {

+ $browser_version = $log_version[1];

+ $browser_agent = 'mozilla';

+ }

+ else if (ereg('Konqueror/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version))

+ {

+ $browser_version = $log_version[1];

+ $browser_agent = 'konqueror';

+ }

+ else

+ {

+ $browser_version = 0;

+ $browser_agent = 'other';

+ }

+

+ // Correct the Mime Type, if it's an octetstream

+ if ( ($mimetype == 'application/octet-stream') || ($mimetype == 'application/octetstream') )

+ {

+ if ( ($browser_agent == 'ie') || ($browser_agent == 'opera') )

+ {

+ $mimetype = 'application/octetstream';

+ }

+ else

+ {

+ $mimetype = 'application/octet-stream';

+ }

+ }

+

+ // Now the tricky part... let's dance

+ @ob_end_clean();

+ @ini_set('zlib.output_compression', 'Off');

+ header('Pragma: public');

+ header('Content-Transfer-Encoding: none');

+

+ // Send out the Headers

+ if ($browser_agent == 'ie')

+ {

+ header('Content-Type: ' . $mimetype);

+ header('Content-Disposition: inline; filename="' . $real_filename . '"');

+ }

+ else

+ {

+ header('Content-Type: ' . $mimetype . '; name="' . $real_filename . '"');

+ header('Content-Disposition: attachment; filename=' . $real_filename);

+ }

+

+ // Now send the File Contents to the Browser

+ if ($gotit)

+ {

+ $size = @filesize($filename);

+ if ($size)

+ {

+ header("Content-length: $size");

+ }

+ readfile($filename);

+ }

+/* else if ((!$gotit) && (intval($config['allow_ftp_upload'])))

+ {

+ $conn_id = attach_init_ftp();

+

+ $tmp_path = ( !@ini_get('safe_mode') ) ? '/tmp' : $config['upload_dir'] . '/tmp';

+ $tmp_filename = @tempnam($tmp_path, 't0000');

+

+ @unlink($tmp_filename);

+

+ $mode = FTP_BINARY;

+ if ( (preg_match("/text/i", $mimetype)) || (preg_match("/html/i", $mimetype)) )

+ {

+ $mode = FTP_ASCII;

+ }

+

+ $result = @ftp_get($conn_id, $tmp_filename, $filename, $mode);

+

+ if (!$result)

+ {

+ trigger_error($user->lang['ERROR_NO_ATTACHMENT'] . "<br /><br />" . sprintf($user->lang['FILE_NOT_FOUND_404'], $filename));

+ }

+

+ @ftp_quit($conn_id);

+

+ $size = @filesize($tmp_filename);

+ if ($size)

+ {

+ header("Content-length: $size");

+ }

+ readfile($tmp_filename);

+ @unlink($tmp_filename);

+ }*/

+ else

+ {

+ trigger_error($user->lang['ERROR_NO_ATTACHMENT'] . "<br /><br />" . sprintf($user->lang['FILE_NOT_FOUND_404'], $filename));

+ }

+

+ exit;

+}

+

+// Start session management

+$user->start();

+$user->setup();

+$auth->acl($user->data);

+

+if ($download_id == -1)

+{

+ trigger_error('NO_ATTACHMENT_SELECTED');

+}

+

+if (!$config['allow_attachments'])

+{

+ trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');

+}

+

+$sql = 'SELECT *

+ FROM ' . ATTACHMENTS_DESC_TABLE . '

+ WHERE attach_id = ' . intval($download_id);

+$result = $db->sql_query($sql);

+

+if (!$attachment = $db->sql_fetchrow($result))

+{

+ trigger_error('ERROR_NO_ATTACHMENT');

+}

+

+// get forum_id for attachment authorization or private message authorization

+$authorised = FALSE;

+

+// Additional query, because of more than one attachment assigned to posts and private messages

+$sql = "SELECT a.*, p.forum_id

+ FROM " . ATTACHMENTS_TABLE . " a, " . POSTS_TABLE . " p

+ WHERE a.attach_id = " . $attachment['attach_id'] . "

+ AND (a.post_id = p.post_id OR a.post_id = 0)";

+$result = $db->sql_query($sql);

+

+$auth_pages = $db->sql_fetchrowset($result);

+

+for ($i = 0; $i < count($auth_pages) && $authorised == FALSE; $i++)

+{

+ if (intval($auth_pages[$i]['post_id']) != 0)

+ {

+ $forum_id = $auth_pages[$i]['forum_id'];

+

+ if ($auth->acl_get('f_download', $forum_id))

+ {

+ $authorised = TRUE;

+ }

+ }

+ else

+ {

+ if ( (intval($config['allow_pm_attach'])) && ( ($user->data['user_id'] == $auth_pages[$i]['user_id_2']) || ($user->data['user_id'] == $auth_pages[$i]['user_id_1'])) )

+ {

+ $authorised = TRUE;

+ }

+ }

+}

+

+if (!$authorised)

+{

+ trigger_error('SORRY_AUTH_VIEW_ATTACH');

+}

+

+$extensions = array();

+obtain_attach_extensions($extensions);

+

+// disallowed ?

+if ( (!in_array($attachment['extension'], $extensions['_allowed_'])) )

+{

+ trigger_error(sprintf($lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));

+}

+

+$download_mode = intval($extensions[$attachment['extension']]['download_mode']);

+

+if ($thumbnail)

+{

+ $attachment['physical_filename'] = 'thumbs/t_' . $attachment['physical_filename'];

+}

+

+// Update download count

+if (!$thumbnail)

+{

+ $sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . '

+ SET download_count = download_count + 1

+ WHERE attach_id = ' . $attachment['attach_id'];

+ $db->sql_query($sql);

+}

+

+// Determine the 'presenting'-method

+if ($download_mode == PHYSICAL_LINK)

+{

+ if (intval($config['allow_ftp_upload']) && $config['upload_dir'] == '')

+ {

+ trigger_error('Physical Download not possible with the current Attachment Setting');

+ }

+

+ redirect($config['upload_dir'] . '/' . $attachment['physical_filename']);

+}

+else

+{

+ if (intval($config['allow_ftp_upload']))

+ {

+ // We do not need a download path, we are not downloading physically

+ send_file_to_browser($attachment['real_filename'], $attachment['mimetype'], $attachment['physical_filename'] , '', $attachment['attach_id']);

+ exit();

+ }

+ else

+ {

+ send_file_to_browser($attachment['real_filename'], $attachment['mimetype'], $attachment['physical_filename'], $config['upload_dir'], $attachment['attach_id']);

+ exit();

+ }

+}

+

+?> \ No newline at end of file

+ $extensions['_allowed_'][] = $extension;

+ if ($user_sig != '' && $auth->acl_get('f_sigs', $forum_id))

+ 'topic_approved' => (($post_data['enable_moderate']) && !$auth->acl_get('f_ignorequeue', $post_data['forum_id'])) ? 0 : 1,

+ 'post_approved' => ($post_data['enable_moderate'] && !$auth->acl_get('f_ignorequeue', $post_data['forum_id'])) ? 0 : 1,

+ if ( $num_attachments < $config['max_attachments'] ) //|| $auth->acl_gets('m_', 'a_', $forum_id) )

+ if ( $num_attachments < $config['max_attachments'] ) //|| $auth->acl_gets('m_', 'a_', $forum_id) )

+ if (!empty($poll_data['poll_option_text']) && (($auth->acl_get('f_poll', $forum_id) && !$poll_data['poll_last_vote']) || $auth->acl_get('m_edit', $forum_id)))

+ function merge_from_include($filename)

+ {

+ $handle = 'include_' . $this->include_counter++;

+

+ $this->filename[$handle] = $filename;

+ $this->files[$handle] = $this->make_filename($filename);

+

+ if (!file_exists($this->files[$handle]))

+ {

+ trigger_error("Template->pparse(): Couldn't load template file for handle $handle", E_USER_ERROR);

+ }

+

+ $content = implode('', @file($this->files[$handle]));

+

+ return ($content);

+ }

+

+ // Pull out all merging includes, to let them parse with the code

+ preg_match_all('#<!-- MERGE_INCLUDE(.*?)-->#s', $code, $matches);

+ $merge_blocks = $matches[1];

+ foreach($merge_blocks as $filename)

+ {

+ $code = preg_replace('#<!-- MERGE_INCLUDE ' . preg_quote(trim($filename)) . ' -->#s', $this->merge_from_include(trim($filename)), $code);

+ }

+

+ 'EXTENSION_DISABLED_AFTER_POSTING' => 'The Extension \'%s\' has been deactivated by an board admin, therefore this Attachment is not displayed.', // used in Posts and PM's, replace %s with extension

+ 'DESCRIPTION' => 'Description',

+ 'DOWNLOAD' => 'Download',

+ 'FILESIZE' => 'Filesize',

+ 'FILE_NOT_FOUND_404' => '<b>404 File Not Found:</b> The File <i>%s</i> does not exist.',

+ 'm_lock' => $auth->acl_get('m_lock', $forum_id),

+ 'm_edit' => $auth->acl_get('m_edit', $forum_id),

+ 'm_delete' => $auth->acl_get('m_delete', $forum_id),

+ 'f_attach' => $auth->acl_get('f_attach', $forum_id),

+ 'f_news' => $auth->acl_get('f_news', $forum_id),

+ 'f_announce' => $auth->acl_get('f_announce', $forum_id),

+ 'f_sticky' => $auth->acl_get('f_sticky', $forum_id),

+ 'f_ignoreflood' => $auth->acl_get('f_ignoreflood', $forum_id),

+ 'f_sigs' => $auth->acl_get('f_sigs', $forum_id),

+ 'f_save' => $auth->acl_get('f_save', $forum_id)

+if ( (!$auth->acl_get('f_' . $mode, $forum_id)) && ($forum_postable) )

+ if ( ( ($mode == 'post') || ( ($mode == 'edit') && ($post_id == $topic_first_post_id) && (empty($poll_last_vote)) )) && ( ($auth->acl_get('f_poll', $forum_id)) || ($auth->acl_get('m_edit', $forum_id)) ))

+<br /><br />

+<!-- BEGIN attachment -->

+<hr /><br />

+ <!-- IF postrow.attachment.IS_DENIED -->

+ <span class="postbody">[{postrow.attachment.L_DENIED}]</span><br /><br />

+ <!-- ENDIF -->

+ <!-- IF postrow.attachment.IS_STREAM -->

+ <span class="postbody">{postrow.attachment.COMMENT}</span><br />

+ <object id="wmp" classid="CLSID:22d6f312-b0f6-11d0-94ab-0080c74c7e95" codebase="http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab#Version=6,0,0,0" standby="Loading Microsoft Windows Media Player components..." type="application/x-oleobject">

+ <param name="FileName" value="{postrow.attachment.U_DOWNLOAD_LINK}">

+ <param name="ShowControls" value="1">

+ <param name="ShowDisplay" value="0">

+ <param name="ShowStatusBar" value="1">

+ <param name="AutoSize" value="1">

+ <param name="AutoStart" value="0">

+ <param name="Visible" value="1">

+ <param name="AnimationStart" value="0">

+ <param name="Loop" value="0">

+ <embed type="application/x-mplayer2" pluginspage="http://www.microsoft.com/windows95/downloads/contents/wurecommended/s_wufeatured/mediaplayer/default.asp" src="{postrow.attachment.U_DOWNLOAD_LINK}" name=MediaPlayer2 showcontrols=1 showdisplay=0 showstatusbar=1 autosize=1 autostart=0 visible=1 animationatstart=0 loop=0></embed>

+ </object>

+ <br /><span class="gensmall">{postrow.attachment.DOWNLOAD_NAME} - {postrow.attachment.L_DOWNLOAD_COUNT}</span><br /><br />

+ <!-- ELSEIF postrow.attachment.IS_IMAGE -->

+ <span class="postbody">{postrow.attachment.COMMENT}<br />

+ <img src="{postrow.attachment.U_DOWNLOAD_LINK}" alt="{postrow.attachment.DOWNLOAD_NAME}" /></span>

+ <br /><span class="gensmall">{postrow.attachment.DOWNLOAD_NAME} - {postrow.attachment.L_DOWNLOAD_COUNT}</span><br /><br />

+ <!-- ELSEIF postrow.attachment.IS_THUMBNAIL -->

+ <span class="postbody">{postrow.attachment.COMMENT}<br />

+ <a href="{postrow.attachment.U_DOWNLOAD_LINK}" target="_blank"><img src="{postrow.attachment.IMG_THUMB_SRC}" alt="{postrow.attachment.DOWNLOAD_NAME}" border="0" /></a></span>

+ <br /><span class="gensmall">{postrow.attachment.DOWNLOAD_NAME} - {postrow.attachment.L_DOWNLOAD_COUNT}</span><br /><br />

+ <!-- ELSE -->

+ <span class="postbody">{postrow.attachment.COMMENT}</span><br />

+ <span class="postbody">{postrow.attachment.UPLOAD_IMG}

+ <a href="{postrow.attachment.U_DOWNLOAD_LINK}" target="_blank">{postrow.attachment.DOWNLOAD_NAME}</a> - {postrow.attachment.FILESIZE} {postrow.attachment.SIZE_VAR}<br /></span>

+ <span class="gensmall">{postrow.attachment.L_DOWNLOAD_COUNT}</span><br /><br />

+ <!-- ENDIF -->

+

+ {postrow.attachment.HELLO}

+<!-- END attachment -->

+ <td><span class="postbody">{postrow.MESSAGE}<!-- IF postrow.S_HAS_ATTACHMENTS --></span><!-- MERGE_INCLUDE viewtopic_attach_body.html --><span class="postbody"><!-- ENDIF -->{postrow.SIGNATURE}</span><span class="gensmall">{postrow.EDITED_MESSAGE}</span></td>

+$sql = "SELECT t.topic_id, t.forum_id AS real_forum_id, t.topic_title, t.topic_attachment, t.topic_status, " . (($auth->acl_get('m_approve')) ? 't.topic_replies_real AS topic_replies' : 't.topic_replies') . ", t.topic_time, t.topic_type, t.poll_start, t.poll_length, t.poll_title, f.forum_name, f.forum_desc, f.forum_parents, f.parent_id, f.left_id, f.right_id, f.forum_status, f.forum_id, f.forum_style" . $extra_fields . "

+// Fill extension informations, if this topic has attachments

+$extensions = array();

+

+if ($topic_attachment)

+{

+ obtain_attach_extensions($extensions);

+}

+$user_cache = $attachments = $attach_list = array();

+// Pull attachment data

+if ( ($config['allow_attachments']) && ($topic_attachment) && ($auth->acl_get('f_download', $forum_id)) )

+{

+ $sql = "SELECT a.post_id, p.topic_id, d.*

+ FROM " . ATTACHMENTS_TABLE . " a, " . ATTACHMENTS_DESC_TABLE . " d, " . POSTS_TABLE . " p

+ WHERE p.topic_id = " . $topic_id . "

+ AND p.post_id = a.post_id

+ AND a.attach_id = d.attach_id

+ AND p.post_attachment = 1

+ ORDER BY d.filetime " . ((!$config['display_order']) ? "ASC" : "DESC") . ", a.post_id ASC";

+ $result = $db->sql_query($sql);

+

+ if ($row = $db->sql_fetchrow($result))

+ {

+ do

+ {

+ $attachments[$row['post_id']][] = $row;

+ }

+ while ($row = $db->sql_fetchrow($result));

+ }

+ $db->sql_freeresult($result);

+}

+

+ if ( ($row['post_attachment']) && ($config['allow_attachments']) && ($auth->acl_get('f_download', $forum_id)) )

+ $attach_list[] = $row['post_id'];

+ 'S_POST_REPORTED' => ($row['post_reported'] && $auth->acl_get('m_', $forum_id)) ? TRUE : FALSE,

+ 'S_HAS_ATTACHMENTS' => ($row['post_attachment']) ? TRUE : FALSE,

+

+ // Process Attachments for this post

+ if (sizeof($attachments[$row['post_id']]) && $row['post_attachment'])

+ {

+ foreach($attachments[$row['post_id']] as $attachment)

+ {

+ // Some basics...

+ $attachment['extension'] = strtolower(trim($attachment['extension']));

+ $filename = $config['upload_dir'] . '/' . $attachment['physical_filename'];

+ $thumbnail_filename = $config['upload_dir'] . '/thumbs/t_' . $attachment['physical_filename'];

+

+ $upload_image = '';

+

+ if ( ($user->img('icon_attach', '') != '') && (trim($extensions[$attachment['extension']]['upload_icon']) == '') )

+ {

+ $upload_image = $user->img('icon_attach', '');

+ }

+ else if (trim($extensions[$attachment['extension']]['upload_icon']) != '')

+ {

+ $upload_image = '<img src="' . trim($extensions[$attachment['extension']]['upload_icon']) . '" alt="" border="0" />';

+ }

+

+ $filesize = $attachment['filesize'];

+ $size_lang = ($filesize >= 1048576) ? $user->lang['MB'] : ( ($filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );

+ if ($filesize >= 1048576)

+ {

+ $filesize = (round((round($filesize / 1048576 * 100) / 100), 2));

+ }

+ else if ($filesize >= 1024)

+ {

+ $filesize = (round((round($filesize / 1024 * 100) / 100), 2));

+ }

+

+ $display_name = $attachment['real_filename'];

+ $comment = stripslashes(trim(nl2br($attachment['comment'])));

+

+ $denied = false;

+ $update_count = false;

+

+ // Admin is allowed to view forbidden Attachments, but the error-message is displayed too to inform the Admin

+ if ( (!in_array($attachment['extension'], $extensions['_allowed_'])) )

+ {

+ $denied = true;

+

+ $template->assign_block_vars('postrow.attachment', array(

+ 'IS_DENIED' => true,

+ 'L_DENIED' => sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']))

+ );

+ }

+

+ if (!$denied)

+ {

+ // define category

+ $image = FALSE;

+ $stream = FALSE;

+// $swf = FALSE;

+ $thumbnail = FALSE;

+ $link = FALSE;

+

+ $l_downloaded_viewed = '';

+ $download_link = '';

+ $additional_array = array();

+

+ switch (intval($extensions[$attachment['extension']]['display_cat']))

+ {

+ case STREAM_CAT:

+ $stream = TRUE;

+ break;

+/* case SWF_CAT:

+ $swf = TRUE;

+ break;*/

+ case IMAGE_CAT:

+ if (intval($config['img_display_inlined']))

+ {

+ if ( (intval($config['img_link_width']) != 0) || (intval($config['img_link_height']) != 0) )

+ {

+ list($width, $height) = image_getdimension($filename);

+

+ $image = (($width == 0) && ($height == 0)) ? true : ((($width <= intval($config['img_link_width'])) && ($height <= intval($config['img_link_height']))) ? true : false);

+ }

+ }

+ else

+ {

+ $image = TRUE;

+ }

+

+ if ($attachment['thumbnail'])

+ {

+ $thumbnail = TRUE;

+ $image = FALSE;

+ }

+ break;

+ }

+

+

+ if ( (!$image) && (!$stream) /*&& (!$swf)*/ && (!$thumbnail) )

+ {

+ $link = TRUE;

+ }

+

+ if ($image)

+ {

+ // Images

+ // NOTE: If you want to use the download.php everytime an image is displayed inlined, replace the

+ // Section between BEGIN and END with (Without the // of course):

+ // $img_source = $phpbb_root_path . 'download.' . $phpEx . $SID . '&amp;id=' . $attachment['attach_id'];

+ // $download_link = TRUE;

+ //

+ // BEGIN

+ if ((intval($config['ftp_upload'])) && (trim($config['upload_dir']) == ''))

+ {

+ $img_source = $phpbb_root_path . 'download.' . $phpEx . $SID . '&amp;id=' . $attachment['attach_id'];

+ $download_link = TRUE;

+ }

+ else

+ {

+ $img_source = $filename;

+ $download_link = FALSE;

+ }

+ // END

+

+ $l_downloaded_viewed = $user->lang['VIEWED'];

+ $download_link = $img_source;

+

+ // Directly Viewed Image ... update the download count

+ if (!$download_link)

+ {

+ $update_count = true;

+ }

+ }

+

+ if ($thumbnail)

+ {

+ // Images, but display Thumbnail

+ // NOTE: If you want to use the download.php everytime an thumnmail is displayed inlined, replace the

+ // Section between BEGIN and END with (Without the // of course):

+ // $thumb_source = $phpbb_root_path . 'download.' . $phpEx . $SID . '&amp;id=' . $attachment['attach_id'] . '&amp;thumb=1';

+ //

+ // BEGIN

+ if ( (intval($config['allow_ftp_upload'])) && (trim($config['upload_dir']) == '') )

+ {

+ $thumb_source = $phpbb_root_path . 'download.' . $phpEx . $SID . '&amp;id=' . $attachment['attach_id'] . '&thumb=1';

+ }

+ else

+ {

+ $thumb_source = $thumbnail_filename;

+ }

+ // END

+

+ $l_downloaded_viewed = $user->lang['VIEWED'];

+ $download_link = $phpbb_root_path . 'download.' . $phpEx . $SID . '&amp;id=' . $attachment['attach_id'];

+

+ $additional_array = array(

+ 'IMG_THUMB_SRC' => $thumb_source

+ );

+ }

+

+ if ($stream)

+ {

+ // Streams

+ $l_downloaded_viewed = $user->lang['VIEWED'];

+ $download_link = $filename;

+// $download_link = $phpbb_root_path . 'download.' . $phpEx . $SID . '&amp;id=' . $attachment['attach_id'];

+

+ // Viewed/Heared File ... update the download count (download.php is not called here)

+ $update_count = true;

+ }

+/*

+ if ($swf)

+ {

+ // Macromedia Flash Files

+ list($width, $height) = swf_getdimension($filename);

+

+ $l_downloaded_viewed = $user->lang['VIEWED'];

+ $download_link = $filename;

+

+ $additional_array = array(

+ 'WIDTH' => $width,

+ 'HEIGHT' => $height

+ );

+

+ // Viewed/Heared File ... update the download count (download.php is not called here)

+ $update_count = true;

+ }

+*/

+ if ($link)

+ {

+ $l_downloaded_viewed = $user->lang['DOWNLOADED'];

+ $download_link = $phpbb_root_path . 'download.' . $phpEx . $SID . '&amp;id=' . $attachment['attach_id'];

+ }

+

+ if ($image || $thumbnail || $stream || $thumbnail || $link)

+ {

+ $template_array = array_merge($additional_array, array(

+// 'IS_FLASH' => ($swf) ? true : false,

+ 'IS_STREAM' => ($stream) ? true : false,

+ 'IS_THUMBNAIL' => ($thumbnail) ? true : false,

+ 'IS_IMAGE' => ($image) ? true : false,

+ 'U_DOWNLOAD_LINK' => $download_link,

+ 'UPLOAD_IMG' => $upload_image,

+ 'DOWNLOAD_NAME' => $display_name,

+ 'FILESIZE' => $filesize,

+ 'SIZE_VAR' => $size_lang,

+ 'COMMENT' => $comment,

+ 'L_DOWNLOADED_VIEWED' => $l_downloaded_viewed,

+ 'L_DOWNLOAD_COUNT' => sprintf($user->lang['DOWNLOAD_NUMBER'], $attachment['download_count']))

+ );

+

+ $template->assign_block_vars('postrow.attachment', $template_array);

+ }

+

+ if ($update_count)

+ {

+ $sql = 'UPDATE ' . ATTACHMENTS_DESC_TABLE . '

+ SET download_count = download_count + 1

+ WHERE attach_id = ' . $attachment['attach_id'];

+ $db->sql_query($sql);

+ }

+ }

+ }

+ }

+// No attachments exist, but post table thinks they do

+// so go ahead and reset post_attach flags

+if ( (sizeof($attach_list)) && (count($attachments) == 0) )

+ echo "DELETE THOSE STUFF";

+/*

+ $sql = "UPDATE " . POSTS_TABLE . "

+ SET post_attachment = 0

+ WHERE post_id IN (" . implode(', ', $attach_list) . ")";

+ $db->sql_query($sql);

+*/

+ // We need to update the topic indicator too if the

+ // complete topic is now without an attachment