diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2004-03-11 21:17:32 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2004-03-11 21:17:32 +0000 |
| commit | ba7008b387d1972736c638444cb6273c3d9ebeab (patch) | |
| tree | e8e9872a6e33b1ffd3cb48951f09353702120043 /phpBB | |
| parent | 7487bfce48dd90ea370c8a40e67a75b814f2eb37 (diff) | |
| download | forums-ba7008b387d1972736c638444cb6273c3d9ebeab.tar forums-ba7008b387d1972736c638444cb6273c3d9ebeab.tar.gz forums-ba7008b387d1972736c638444cb6273c3d9ebeab.tar.bz2 forums-ba7008b387d1972736c638444cb6273c3d9ebeab.tar.xz forums-ba7008b387d1972736c638444cb6273c3d9ebeab.zip | |
- re-enable drafts. ;)
- put extension checking into a small function...
git-svn-id: file:///svn/phpbb/trunk@4862 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/download.php | 5 | ||||
| -rw-r--r-- | phpBB/includes/functions_display.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions_posting.php | 16 | ||||
| -rw-r--r-- | phpBB/posting.php | 2 |
4 files changed, 18 insertions, 7 deletions
diff --git a/phpBB/download.php b/phpBB/download.php index 9d61032d15..19b0b1c5b8 100644 --- a/phpBB/download.php +++ b/phpBB/download.php @@ -69,11 +69,8 @@ else trigger_error('SORRY_AUTH_VIEW_ATTACH'); } -$extensions = array(); -obtain_attach_extensions($extensions); - // disallowed ? -if ((is_array($extensions['_allowed_'][$attachment['extension']]) && !in_array($row['forum_id'], $extensions['_allowed_'][$attachment['extension']])) || !isset($extensions['_allowed_'][$attachment['extension']])) +if (extension_allowed($row['forum_id'], $attachment['extension'])) { trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension'])); } diff --git a/phpBB/includes/functions_display.php b/phpBB/includes/functions_display.php index 2ba13d6939..30aa392286 100644 --- a/phpBB/includes/functions_display.php +++ b/phpBB/includes/functions_display.php @@ -411,7 +411,7 @@ function display_attachments($forum_id, $blockname, $attachment_data, &$update_c $denied = false; - if ((is_array($extensions['_allowed_'][$attachment['extension']]) && !in_array($forum_id, $extensions['_allowed_'][$attachment['extension']])) || !isset($extensions['_allowed_'][$attachment['extension']])) + if (extension_allowed($forum_id, $attachment['extension'])) { $denied = true; diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 4c5a3d4c69..f43a28b9d3 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -188,7 +188,7 @@ function upload_attachment($forum_id, $filename, $local = false, $local_storage obtain_attach_extensions($extensions); // Check Extension - if ((is_array($extensions['_allowed_'][$filedata['extension']]) && !in_array($forum_id, $extensions['_allowed_'][$filedata['extension']])) || !isset($extensions['_allowed_'][$filedata['extension']])) + if (extension_allowed($forum_id, $filedata['extension'])) { $filedata['error'][] = sprintf($user->lang['DISALLOWED_EXTENSION'], $filedata['extension']); $filedata['post_attach'] = false; @@ -503,6 +503,20 @@ function create_thumbnail($source, $new_file, $mimetype) return true; } +// Check if extension is allowed to be posted within forum X +function extension_allowed($forum_id, $extension) +{ + global $extensions; + + if (!isset($extensions) || !is_array($extensions)) + { + $extensions = array(); + obtain_attach_extensions($extensions); + } + + return (is_array($extensions['_allowed_'][$extension]) && !in_array($forum_id, $extensions['_allowed_'][$extension])) || !isset($extensions['_allowed_'][$extension]); +} + // // TODO // diff --git a/phpBB/posting.php b/phpBB/posting.php index 9752e3a768..7be7c457de 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -427,7 +427,7 @@ if ($save && $user->data['user_id'] != ANONYMOUS && $auth->acl_get('u_savedrafts $message = (isset($_POST['message'])) ? htmlspecialchars(trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message']))) : ''; $message = preg_replace('#&(\#[0-9]+;)#', '&\1', $message); - if (!$subject && !$message) + if ($subject && $message) { $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'user_id' => $user->data['user_id'], |