diff options
| -rw-r--r-- | phpBB/download.php | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/phpBB/download.php b/phpBB/download.php index ccc23b94b8..6f4dc329f7 100644 --- a/phpBB/download.php +++ b/phpBB/download.php @@ -232,8 +232,8 @@ function send_file_to_browser($attachment, $upload_dir, $category) } // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. - header('Content-Type: ' . $attachment['mimetype'] . '; name="' . $attachment['real_filename'] . '"'); - header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; filename="' . $attachment['real_filename'] . '"'); + header('Content-Type: ' . $attachment['mimetype']); + header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename($attachment['real_filename'])); if ($size) { @@ -247,6 +247,23 @@ function send_file_to_browser($attachment, $upload_dir, $category) exit; } +/* +* Get a browser friendly UTF-8 encoded filename +*/ +function header_filename($file) +{ + // There be dragons here... + // IE follows no RFC, follow the RFC for extended filename for the rest + if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false) + { + return "filename=" . rawurlencode($file); + } + else + { + return "filename*=UTF-8''" . rawurlencode($file); + } +} + /** * Check if downloading item is allowed */ |