diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2004-02-28 21:16:15 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2004-02-28 21:16:15 +0000 |
| commit | 52cc21864c570170067e8d81d1af1f8d1a2a0291 (patch) | |
| tree | efcfe680c390b4f581a1758292a639b2f3da74f0 /phpBB/download.php | |
| parent | 77dedf68a070197bdc4ace8809ab49b2df945847 (diff) | |
| download | forums-52cc21864c570170067e8d81d1af1f8d1a2a0291.tar forums-52cc21864c570170067e8d81d1af1f8d1a2a0291.tar.gz forums-52cc21864c570170067e8d81d1af1f8d1a2a0291.tar.bz2 forums-52cc21864c570170067e8d81d1af1f8d1a2a0291.tar.xz forums-52cc21864c570170067e8d81d1af1f8d1a2a0291.zip | |
splitted language files
git-svn-id: file:///svn/phpbb/trunk@4844 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/download.php')
| -rw-r--r-- | phpBB/download.php | 38 |
1 files changed, 20 insertions, 18 deletions
diff --git a/phpBB/download.php b/phpBB/download.php index 362c07fa80..7d441d166a 100644 --- a/phpBB/download.php +++ b/phpBB/download.php @@ -17,13 +17,14 @@ $phpEx = substr(strrchr(__FILE__, '.'), 1); include($phpbb_root_path . 'common.'.$phpEx); $download_id = request_var('id', 0); -// Thumbnails are not called from this file by default -$thumbnail = request_var('thumb', false); + +// Thumbnails are not handled by this file by default - but for modders this should be interesting. ;) +$thumbnail = request_var('t', false); // Start session management $user->start(); $auth->acl($user->data); -$user->setup(); +$user->setup('viewtopic'); if (!$download_id) { @@ -46,7 +47,7 @@ if (!($attachment = $db->sql_fetchrow($result))) } $db->sql_freeresult($result); -// Additional query, because of more than one attachment assigned to posts and private messages +// $sql = 'SELECT p.forum_id, f.forum_password, f.parent_id FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f WHERE p.post_id = ' . $attachment['post_id'] . ' @@ -177,6 +178,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) } // Now the tricky part... let's dance + // TODO: needs a little bit more testing... seems to break on some configurations (incomplete files) @ob_end_clean(); @ini_set('zlib.output_compression', 'Off'); header('Pragma: public'); @@ -212,13 +214,9 @@ function download_allowed() return true; } - $url = trim(getenv('HTTP_REFERER')); - if ($url == '') - { - $url = trim($_SERVER['HTTP_REFERER']); - } + $url = (getenv('HTTP_REFERER')) ? trim(getenv('HTTP_REFERER')) : trim($_SERVER['HTTP_REFERER']); - if ($url == '') + if (!$url) { return ($config['secure_allow_empty_referer']) ? true : false; } @@ -228,14 +226,14 @@ function download_allowed() $hostname = trim($url[0]); unset($url); - $allowed = ($config['secure_allow_deny']) ? FALSE : TRUE; + $allowed = ($config['secure_allow_deny']) ? false : true; $iplist = array(); $ip_ary = gethostbynamel($hostname); foreach ($ip_ary as $ip) { - if (!empty($ip)) + if ($ip) { $iplist[] = $ip; } @@ -256,13 +254,16 @@ function download_allowed() while ($row = $db->sql_fetchrow($result)) { - if (!empty($row['site_ip'])) + $site_ip = trim($row['site_ip']); + $site_hostname = trim($row['site_hostname']); + + if ($site_ip) { foreach ($iplist as $ip) { - if (preg_match('#^' . str_replace('*', '.*?', $row['site_ip']) . '$#i', $ip)) + if (preg_match('#^' . str_replace('*', '.*?', $site_ip) . '$#i', $ip)) { - if (!empty($row['ip_exclude'])) + if ($row['ip_exclude']) { $allowed = ($config['secure_allow_deny']) ? false : true; break 2; @@ -275,11 +276,11 @@ function download_allowed() } } - if (!empty($row['site_hostname'])) + if ($site_hostname) { - if (preg_match('#^' . str_replace('*', '.*?', $row['site_hostname']) . '$#i', $hostname)) + if (preg_match('#^' . str_replace('*', '.*?', $site_hostname) . '$#i', $hostname)) { - if (!empty($row['ip_exclude'])) + if ($row['ip_exclude']) { $allowed = ($config['secure_allow_deny']) ? false : true; break; @@ -291,6 +292,7 @@ function download_allowed() } } } + $db->sql_freeresult($result); } |