diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2007-05-17 13:23:13 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2007-05-17 13:23:13 +0000 |
| commit | fbd741606055ed75c0ff1bc2a110d880cad4cbd4 (patch) | |
| tree | 99955b09aec69e65b73bf7592bf7e4dc4651638f /phpBB/download.php | |
| parent | a2c81d763fa2e591bf3aa8f48ffeed4beb363975 (diff) | |
| download | forums-fbd741606055ed75c0ff1bc2a110d880cad4cbd4.tar forums-fbd741606055ed75c0ff1bc2a110d880cad4cbd4.tar.gz forums-fbd741606055ed75c0ff1bc2a110d880cad4cbd4.tar.bz2 forums-fbd741606055ed75c0ff1bc2a110d880cad4cbd4.tar.xz forums-fbd741606055ed75c0ff1bc2a110d880cad4cbd4.zip | |
#11074 - only process and check (as well as display) images if the category also matches. ;)
git-svn-id: file:///svn/phpbb/trunk@7616 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/download.php')
| -rw-r--r-- | phpBB/download.php | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/phpBB/download.php b/phpBB/download.php index ff4b1660cc..c1f28c080f 100644 --- a/phpBB/download.php +++ b/phpBB/download.php @@ -214,6 +214,16 @@ if (!$attachment) $attachment['physical_filename'] = basename($attachment['physical_filename']); $display_cat = $extensions[$attachment['extension']]['display_cat']; +if (($display_cat == ATTACHMENT_CATEGORY_IMAGE || $display_cat == ATTACHMENT_CATEGORY_THUMB) && !$user->optionget('viewimg')) +{ + $display_cat = ATTACHMENT_CATEGORY_NONE; +} + +if ($display_cat == ATTACHMENT_CATEGORY_FLASH && !$user->optionget('viewflash')) +{ + $display_cat = ATTACHMENT_CATEGORY_NONE; +} + if ($thumbnail) { $attachment['physical_filename'] = 'thumb_' . $attachment['physical_filename']; @@ -227,7 +237,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE || $display_cat == ATTACHMENT $db->sql_query($sql); } -if ($mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && strpos(strtolower($user->browser), 'msie') !== false) +if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && strpos(strtolower($user->browser), 'msie') !== false) { wrap_img_in_html(append_sid('./download.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']); } @@ -247,7 +257,7 @@ else } else { - send_file_to_browser($attachment, $config['upload_path'], $extensions[$attachment['extension']]['display_cat']); + send_file_to_browser($attachment, $config['upload_path'], $display_cat); exit; } } @@ -358,7 +368,7 @@ function send_file_to_browser($attachment, $upload_dir, $category) // Correct the mime type - we force application/octetstream for all files, except images // Please do not change this, it is a security precaution - if (strpos($attachment['mimetype'], 'image') !== 0) + if ($category != ATTACHMENT_CATEGORY_IMAGE || strpos($attachment['mimetype'], 'image') !== 0) { $attachment['mimetype'] = (strpos(strtolower($user->browser), 'msie') !== false || strpos(strtolower($user->browser), 'opera') !== false) ? 'application/octetstream' : 'application/octet-stream'; } |