aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/functions_download.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/functions_download.php')
-rw-r--r--phpBB/includes/functions_download.php71
1 files changed, 27 insertions, 44 deletions
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index c895f7b54b..916655e77c 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -1,9 +1,13 @@
<?php
/**
*
-* @package phpBB3
-* @copyright (c) 2005 phpBB Group
-* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
*
*/
@@ -41,28 +45,28 @@ function send_avatar_to_browser($file, $browser)
if ((@file_exists($file_path) && @is_readable($file_path)) && !headers_sent())
{
- header('Pragma: public');
+ header('Cache-Control: public');
$image_data = @getimagesize($file_path);
header('Content-Type: ' . image_type_to_mime_type($image_data[2]));
- if ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7))
+ if ((strpos(strtolower($browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7))
{
header('Content-Disposition: attachment; ' . header_filename($file));
if (strpos(strtolower($browser), 'msie 6.0') !== false)
{
- header('Expires: -1');
+ header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
}
else
{
- header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000));
+ header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT');
}
}
else
{
header('Content-Disposition: inline; ' . header_filename($file));
- header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000));
+ header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT');
}
$size = @filesize($file_path);
@@ -119,7 +123,7 @@ function wrap_img_in_html($src, $title)
*/
function send_file_to_browser($attachment, $upload_dir, $category)
{
- global $user, $db, $config, $phpbb_root_path;
+ global $user, $db, $phpbb_root_path, $request;
$filename = $phpbb_root_path . $upload_dir . '/' . $attachment['physical_filename'];
@@ -171,7 +175,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
}
// Now the tricky part... let's dance
- header('Pragma: public');
+ header('Cache-Control: public');
// Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer.
header('Content-Type: ' . $attachment['mimetype']);
@@ -181,7 +185,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
header('X-Content-Type-Options: nosniff');
}
- if ($category == ATTACHMENT_CATEGORY_FLASH && request_var('view', 0) === 1)
+ if ($category == ATTACHMENT_CATEGORY_FLASH && $request->variable('view', 0) === 1)
{
// We use content-disposition: inline for flash files and view=1 to let it correctly play with flash player 10 - any other disposition will fail to play inline
header('Content-Disposition: inline');
@@ -193,7 +197,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false))
{
- header('expires: -1');
+ header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
}
}
else
@@ -206,11 +210,6 @@ function send_file_to_browser($attachment, $upload_dir, $category)
}
}
- if ($size)
- {
- header("Content-Length: $size");
- }
-
// Close the db connection before sending the file etc.
file_gc(false);
@@ -234,6 +233,11 @@ function send_file_to_browser($attachment, $upload_dir, $category)
exit;
}
+ if ($size)
+ {
+ header("Content-Length: $size");
+ }
+
// Try to deliver in chunks
@set_time_limit(0);
@@ -416,8 +420,8 @@ function set_modified_headers($stamp, $browser)
{
send_status_line(304, 'Not Modified');
// seems that we need those too ... browsers
- header('Pragma: public');
- header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000));
+ header('Cache-Control: public');
+ header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT');
return true;
}
else
@@ -596,7 +600,7 @@ function phpbb_parse_range_request($request_array, $filesize)
/**
* Increments the download count of all provided attachments
*
-* @param \phpbb\db\driver\driver $db The database object
+* @param \phpbb\db\driver\driver_interface $db The database object
* @param array|int $ids The attach_id of each attachment
*
* @return null
@@ -617,7 +621,7 @@ function phpbb_increment_downloads($db, $ids)
/**
* Handles authentication when downloading attachments from a post or topic
*
-* @param \phpbb\db\driver\driver $db The database object
+* @param \phpbb\db\driver\driver_interface $db The database object
* @param \phpbb\auth\auth $auth The authentication object
* @param int $topic_id The id of the topic that we are downloading from
*
@@ -663,7 +667,7 @@ function phpbb_download_handle_forum_auth($db, $auth, $topic_id)
/**
* Handles authentication when downloading attachments from PMs
*
-* @param \phpbb\db\driver\driver $db The database object
+* @param \phpbb\db\driver\driver_interface $db The database object
* @param \phpbb\auth\auth $auth The authentication object
* @param int $user_id The user id
* @param int $msg_id The id of the PM that we are downloading from
@@ -690,7 +694,7 @@ function phpbb_download_handle_pm_auth($db, $auth, $user_id, $msg_id)
/**
* Checks whether a user can download from a particular PM
*
-* @param \phpbb\db\driver\driver $db The database object
+* @param \phpbb\db\driver\driver_interface $db The database object
* @param int $user_id The user id
* @param int $msg_id The id of the PM that we are downloading from
*
@@ -714,27 +718,6 @@ function phpbb_download_check_pm_auth($db, $user_id, $msg_id)
}
/**
-* Cleans a filename of any characters that could potentially cause a problem on
-* a user's filesystem.
-*
-* @param string $filename The filename to clean
-*
-* @return string The cleaned filename
-*/
-function phpbb_download_clean_filename($filename)
-{
- $bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|');
-
- // rawurlencode to convert any potentially 'bad' characters that we missed
- $filename = rawurlencode(str_replace($bad_chars, '_', $filename));
-
- // Turn the %xx entities created by rawurlencode to _
- $filename = preg_replace("/%(\w{2})/", '_', $filename);
-
- return $filename;
-}
-
-/**
* Check if the browser is internet explorer version 7+
*
* @param string $user_agent User agent HTTP header
generated by cgit v1.2.1 (git 2.21.0) at 2025-10-30 23:40:22 +0000