diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2003-11-23 22:25:46 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2003-11-23 22:25:46 +0000 |
| commit | 5f35bc9bc1c062bdab2d01678c464a41759488bb (patch) | |
| tree | 462c46a0fa13ea55da4a36a3703cc80e76e53fe7 /phpBB/download.php | |
| parent | 37edf4148ce11d03c45caafe7fc694b4b063cf38 (diff) | |
| download | forums-5f35bc9bc1c062bdab2d01678c464a41759488bb.tar forums-5f35bc9bc1c062bdab2d01678c464a41759488bb.tar.gz forums-5f35bc9bc1c062bdab2d01678c464a41759488bb.tar.bz2 forums-5f35bc9bc1c062bdab2d01678c464a41759488bb.tar.xz forums-5f35bc9bc1c062bdab2d01678c464a41759488bb.zip | |
my attempt to break things...
git-svn-id: file:///svn/phpbb/trunk@4682 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/download.php')
| -rw-r--r-- | phpBB/download.php | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/phpBB/download.php b/phpBB/download.php index ad82f0534c..362c07fa80 100644 --- a/phpBB/download.php +++ b/phpBB/download.php @@ -77,6 +77,11 @@ if (!in_array($attachment['extension'], $extensions['_allowed_'])) trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension'])); } +if (!download_allowed()) +{ + trigger_error($user->lang['LINKAGE_FORBIDDEN']); +} + $download_mode = (int) $extensions[$attachment['extension']]['download_mode']; if ($thumbnail) @@ -197,6 +202,101 @@ function send_file_to_browser($attachment, $upload_dir, $category) flush(); exit; } + +function download_allowed() +{ + global $config, $user, $db; + + if (!$config['secure_downloads']) + { + return true; + } + + $url = trim(getenv('HTTP_REFERER')); + if ($url == '') + { + $url = trim($_SERVER['HTTP_REFERER']); + } + + if ($url == '') + { + return ($config['secure_allow_empty_referer']) ? true : false; + } + + // Split URL into domain and script part + $url = explode('?', str_replace(array('http://', 'https://'), array('', ''), $url)); + $hostname = trim($url[0]); + unset($url); + + $allowed = ($config['secure_allow_deny']) ? FALSE : TRUE; + $iplist = array(); + + $ip_ary = gethostbynamel($hostname); + + foreach ($ip_ary as $ip) + { + if (!empty($ip)) + { + $iplist[] = $ip; + } + } + + // Check for own server... + if (preg_match('#^.*?' . $config['server_name'] . '.*?$#i', $hostname)) + { + $allowed = true; + } + + // Get IP's and Hostnames + if (!$allowed) + { + $sql = 'SELECT site_ip, site_hostname, ip_exclude + FROM ' . SITELIST_TABLE; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + if (!empty($row['site_ip'])) + { + foreach ($iplist as $ip) + { + if (preg_match('#^' . str_replace('*', '.*?', $row['site_ip']) . '$#i', $ip)) + { + if (!empty($row['ip_exclude'])) + { + $allowed = ($config['secure_allow_deny']) ? false : true; + break 2; + } + else + { + $allowed = ($config['secure_allow_deny']) ? true : false; + } + } + } + } + + if (!empty($row['site_hostname'])) + { + if (preg_match('#^' . str_replace('*', '.*?', $row['site_hostname']) . '$#i', $hostname)) + { + if (!empty($row['ip_exclude'])) + { + $allowed = ($config['secure_allow_deny']) ? false : true; + break; + } + else + { + $allowed = ($config['secure_allow_deny']) ? true : false; + } + } + } + } + $db->sql_freeresult($result); + } + + return $allowed; +} + // // FUNCTIONS // --------- |