From 766537035ea2f04c5aa3c59c15edc15f4ecd050f Mon Sep 17 00:00:00 2001
From: Igor Wiedler <igor@wiedler.ch>
Date: Sat, 9 Jul 2011 15:28:33 +0200
Subject: [ticket/10258] Change the DOCTYPE to HTML5

PHPBB3-10258
---
 phpBB/includes/functions_download.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 94bcb36698..30544a5bce 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -100,10 +100,11 @@ function send_avatar_to_browser($file, $browser)
 */
 function wrap_img_in_html($src, $title)
 {
-	echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd">';
+	echo '<!DOCTYPE html>';
 	echo '<html>';
 	echo '<head>';
-	echo '<meta http-equiv="content-type" content="text/html; charset=UTF-8" />';
+	echo '<meta charset="utf-8">';
+	echo '<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">';
 	echo '<title>' . $title . '</title>';
 	echo '</head>';
 	echo '<body>';
-- 
cgit v1.2.1


From 854c14f9f6ae78318e159e27724178579ff48dcc Mon Sep 17 00:00:00 2001
From: Igor Wiedler <igor@wiedler.ch>
Date: Sun, 10 Jul 2011 23:04:14 +0200
Subject: [ticket/10258] Remove X-UA-Compatible and imagetoolbar meta tags

These meta tags are IE specific and do not validate as HTML5.

PHPBB3-10258
---
 phpBB/includes/functions_download.php | 1 -
 1 file changed, 1 deletion(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 30544a5bce..91a09608c7 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -104,7 +104,6 @@ function wrap_img_in_html($src, $title)
 	echo '<html>';
 	echo '<head>';
 	echo '<meta charset="utf-8">';
-	echo '<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">';
 	echo '<title>' . $title . '</title>';
 	echo '</head>';
 	echo '<body>';
-- 
cgit v1.2.1


From 136a932303d7d7a427043d1834b6df40dc219b0e Mon Sep 17 00:00:00 2001
From: Igor Wiedler <igor@wiedler.ch>
Date: Tue, 12 Jul 2011 01:32:00 +0200
Subject: [ticket/10258] Remove the meta charset tag

The charset tag is useless, because if a charset content-type header is
present it takes precedence. And phpBB always sends such a header.

PHPBB3-10258
---
 phpBB/includes/functions_download.php | 1 -
 1 file changed, 1 deletion(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 91a09608c7..cbb79009ad 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -103,7 +103,6 @@ function wrap_img_in_html($src, $title)
 	echo '<!DOCTYPE html>';
 	echo '<html>';
 	echo '<head>';
-	echo '<meta charset="utf-8">';
 	echo '<title>' . $title . '</title>';
 	echo '</head>';
 	echo '<body>';
-- 
cgit v1.2.1


From 0bf6966c5228d446c4f0d3862619db0f619c7369 Mon Sep 17 00:00:00 2001
From: Igor Wiedler <igor@wiedler.ch>
Date: Wed, 13 Jul 2011 19:20:16 +0200
Subject: [feature/request-class] Add server(), header() and is_ajax() to
 request

Extend the request class with helpers for reading server vars (server())
and HTTP request headers (header()). Refactor the existing code base
to make use of these helpers, make $_SERVER a deactivated super global.

Also introduce an is_ajax() method, which checks the X-Requested-With
header for the value 'XMLHttpRequest', which is sent by JavaScript
libraries, such as jQuery.

PHPBB3-9716
---
 phpBB/includes/functions_download.php | 39 ++++++++++++++++-------------------
 1 file changed, 18 insertions(+), 21 deletions(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 94bcb36698..8780773dea 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -274,7 +274,9 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 */
 function header_filename($file)
 {
-	$user_agent = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : '';
+	global $request;
+
+	$user_agent = $request->header('User-Agent', '', true);
 
 	// There be dragons here.
 	// Not many follows the RFC...
@@ -292,14 +294,14 @@ function header_filename($file)
 */
 function download_allowed()
 {
-	global $config, $user, $db;
+	global $config, $user, $db, $request;
 
 	if (!$config['secure_downloads'])
 	{
 		return true;
 	}
 
-	$url = (!empty($_SERVER['HTTP_REFERER'])) ? trim($_SERVER['HTTP_REFERER']) : trim(getenv('HTTP_REFERER'));
+	$url = trim($request->header('Referer'));
 
 	if (!$url)
 	{
@@ -404,8 +406,10 @@ function download_allowed()
 */
 function set_modified_headers($stamp, $browser)
 {
+	global $request;
+
 	// let's see if we have to send the file at all
-	$last_load 	=  isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false;
+	$last_load 	=  $request->header('Modified-Since') ? strtotime(trim($request->header('Modified-Since'))) : false;
 	if ((strpos(strtolower($browser), 'msie 6.0') === false) && (strpos(strtolower($browser), 'msie 8.0') === false))
 	{
 		if ($last_load !== false && $last_load >= $stamp)
@@ -473,12 +477,12 @@ function phpbb_http_byte_range($filesize)
 	{
 		$request_array = phpbb_find_range_request();
 	}
-	
+
 	return (empty($request_array)) ? false : phpbb_parse_range_request($request_array, $filesize);
 }
 
 /**
-* Searches for HTTP range request in super globals.
+* Searches for HTTP range request in request headers.
 *
 * @return mixed		false if no request found
 *					array of strings containing the requested ranges otherwise
@@ -486,23 +490,16 @@ function phpbb_http_byte_range($filesize)
 */
 function phpbb_find_range_request()
 {
-	$globals = array(
-		array('_SERVER',	'HTTP_RANGE'),
-		array('_ENV',		'HTTP_RANGE'),
-	);
+	global $request;
 
-	foreach ($globals as $array)
-	{
-		$global	= $array[0];
-		$key	= $array[1];
+	$value = $request->header('Range');
 
-		// Make sure range request starts with "bytes="
-		if (isset($GLOBALS[$global][$key]) && strpos($GLOBALS[$global][$key], 'bytes=') === 0)
-		{
-			// Strip leading 'bytes='
-			// Multiple ranges can be separated by a comma
-			return explode(',', substr($GLOBALS[$global][$key], 6));
-		}
+	// Make sure range request starts with "bytes="
+	if (strpos($value, 'bytes=') === 0)
+	{
+		// Strip leading 'bytes='
+		// Multiple ranges can be separated by a comma
+		return explode(',', substr($value, 6));
 	}
 
 	return false;
-- 
cgit v1.2.1


From 681c4a478d6eff7dbcebadca04f4afa28da750a8 Mon Sep 17 00:00:00 2001
From: Igor Wiedler <igor@wiedler.ch>
Date: Fri, 29 Jul 2011 16:32:22 +0200
Subject: [ticket/10258] Add HTML5 meta charset tag

This allows knowing the charset when saving web pages to disk. Also, this is
supported by all browsers.

PHPBB3-10258
---
 phpBB/includes/functions_download.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index cbb79009ad..91a09608c7 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -103,6 +103,7 @@ function wrap_img_in_html($src, $title)
 	echo '<!DOCTYPE html>';
 	echo '<html>';
 	echo '<head>';
+	echo '<meta charset="utf-8">';
 	echo '<title>' . $title . '</title>';
 	echo '</head>';
 	echo '<body>';
-- 
cgit v1.2.1


From b4ae124084a65b027af105e06077b5cf9e7c3023 Mon Sep 17 00:00:00 2001
From: Igor Wiedler <igor@wiedler.ch>
Date: Thu, 18 Aug 2011 22:52:09 +0200
Subject: [feature/request-class] Do not html escape user agent in
 header_filename

PHPBB3-9716
---
 phpBB/includes/functions_download.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 3fa5a45a1c..bcb360cac7 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -276,7 +276,7 @@ function header_filename($file)
 {
 	global $request;
 
-	$user_agent = $request->header('User-Agent', '', true);
+	$user_agent = $request->header('User-Agent');
 
 	// There be dragons here.
 	// Not many follows the RFC...
-- 
cgit v1.2.1


From c5cef773c4811d2041c56a9c34da94a30f8190e1 Mon Sep 17 00:00:00 2001
From: Igor Wiedler <igor@wiedler.ch>
Date: Thu, 18 Aug 2011 23:38:39 +0200
Subject: [feature/request-class] Adjust code base to do html decoding manually

PHPBB3-9716
---
 phpBB/includes/functions_download.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index bcb360cac7..b4664d74cb 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -301,7 +301,7 @@ function download_allowed()
 		return true;
 	}
 
-	$url = trim($request->header('Referer'));
+	$url = htmlspecialchars_decode($request->header('Referer'));
 
 	if (!$url)
 	{
-- 
cgit v1.2.1


From 7a04c9048c110f0bd21ea3e9e869e17b408d640e Mon Sep 17 00:00:00 2001
From: Unknown <unknownbliss@phpbbdevelopers.net>
Date: Sat, 31 Dec 2011 13:32:52 +0000
Subject: [ticket/9916] Updating header license and removing Version $Id$

PHPBB3-9916
---
 phpBB/includes/functions_download.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index b4664d74cb..de25e390fa 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -3,7 +3,7 @@
 *
 * @package phpBB3
 * @copyright (c) 2005 phpBB Group
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
 *
 */
 
-- 
cgit v1.2.1


From ed1435d04093132b751e940937e7f4f4b0687031 Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Sat, 4 Aug 2012 14:48:07 +0100
Subject: [feature/attach-dl] Added function for incrementing download counter

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 1486113013..b01712357d 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -592,3 +592,24 @@ function phpbb_parse_range_request($request_array, $filesize)
 		);
 	}
 }
+
+/**
+* Increments the download count of all provided attachments
+*
+* @param dbal $db The database object
+* @param array|int $ids The attach_id of each attachment
+*
+* @return null
+*/
+function phpbb_increment_downloads($db, $ids)
+{
+	if (!is_array($ids))
+	{
+		$ids = array($ids);
+	}
+
+	$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
+		SET download_count = download_count + 1
+		WHERE ' . $db->sql_in_set('attach_id', $ids);
+	$db->sql_query($sql);
+}
-- 
cgit v1.2.1


From 16ec660e769360a8cd7063ea083487486051101f Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Sat, 4 Aug 2012 15:29:26 +0100
Subject: [feature/attach-dl] Added a function for checking allowed extensions

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index b01712357d..7d21147ab5 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -613,3 +613,26 @@ function phpbb_increment_downloads($db, $ids)
 		WHERE ' . $db->sql_in_set('attach_id', $ids);
 	$db->sql_query($sql);
 }
+
+/**
+* Checks every attachment to see if it has an allowed extension
+*
+* @param array $extensions As generated by phpbb_cache_service::obtain_attach_extensions
+* @param array &$attachments An array of attachments to check
+*
+* @return bool Whether any of the attachments had allowed extensions
+*/
+function phpbb_check_attach_extensions($extensions, &$attachments)
+{
+	$new_ary = array();
+	foreach ($attachments as $attach)
+	{
+		if (isset($extensions['_allowed_'][$attach['extension']]))
+		{
+			$new_ary[] = $attach;
+		}
+	}
+
+	$attachments = $new_ary;
+	return !empty($attachments);
+}
-- 
cgit v1.2.1


From bba348d68a3114c3c6cad6f1d92855084ce8fa64 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Tue, 7 Aug 2012 02:47:18 +0200
Subject: [feature/attach-dl] phpbb_check_attach_extensions: Get rid of
 pass-by-reference

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 7d21147ab5..74c8be5f7b 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -618,21 +618,20 @@ function phpbb_increment_downloads($db, $ids)
 * Checks every attachment to see if it has an allowed extension
 *
 * @param array $extensions As generated by phpbb_cache_service::obtain_attach_extensions
-* @param array &$attachments An array of attachments to check
+* @param array $attachments An array of attachment row to check
 *
-* @return bool Whether any of the attachments had allowed extensions
+* @return array Array of attachment rows with allowed extension
 */
-function phpbb_check_attach_extensions($extensions, &$attachments)
+function phpbb_filter_disallowed_extensions($extensions, $attachments)
 {
-	$new_ary = array();
-	foreach ($attachments as $attach)
+	$result = array();
+	foreach ($attachments as $row)
 	{
-		if (isset($extensions['_allowed_'][$attach['extension']]))
+		if (isset($extensions['_allowed_'][$row['extension']]))
 		{
-			$new_ary[] = $attach;
+			$result[] = $row;
 		}
 	}
 
-	$attachments = $new_ary;
-	return !empty($attachments);
+	return $result;
 }
-- 
cgit v1.2.1


From 89c102a744ba9ea3eafefd47fd375342bcf6bbe4 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Tue, 7 Aug 2012 02:48:49 +0200
Subject: [feature/attach-dl] phpbb_filter_disallowed_extensions: Preserve
 array keys.

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 74c8be5f7b..8453469e83 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -625,11 +625,11 @@ function phpbb_increment_downloads($db, $ids)
 function phpbb_filter_disallowed_extensions($extensions, $attachments)
 {
 	$result = array();
-	foreach ($attachments as $row)
+	foreach ($attachments as $key => $row)
 	{
 		if (isset($extensions['_allowed_'][$row['extension']]))
 		{
-			$result[] = $row;
+			$result[$key] = $row;
 		}
 	}
 
-- 
cgit v1.2.1


From 4b06a220af23dd8888a9e7501348170746663458 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Tue, 7 Aug 2012 13:51:07 +0200
Subject: [feature/attach-dl] Use extension_allowed() again.

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 22 ----------------------
 1 file changed, 22 deletions(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 8453469e83..b01712357d 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -613,25 +613,3 @@ function phpbb_increment_downloads($db, $ids)
 		WHERE ' . $db->sql_in_set('attach_id', $ids);
 	$db->sql_query($sql);
 }
-
-/**
-* Checks every attachment to see if it has an allowed extension
-*
-* @param array $extensions As generated by phpbb_cache_service::obtain_attach_extensions
-* @param array $attachments An array of attachment row to check
-*
-* @return array Array of attachment rows with allowed extension
-*/
-function phpbb_filter_disallowed_extensions($extensions, $attachments)
-{
-	$result = array();
-	foreach ($attachments as $key => $row)
-	{
-		if (isset($extensions['_allowed_'][$row['extension']]))
-		{
-			$result[$key] = $row;
-		}
-	}
-
-	return $result;
-}
-- 
cgit v1.2.1


From 7bd81cd0cd088ba13648f293fb738060f221a8de Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Fri, 10 Aug 2012 03:06:14 +0200
Subject: [feature/attach-dl] Move logic for passworded forums to a function.

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index b01712357d..4299ed47c5 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -613,3 +613,28 @@ function phpbb_increment_downloads($db, $ids)
 		WHERE ' . $db->sql_in_set('attach_id', $ids);
 	$db->sql_query($sql);
 }
+
+function phpbb_download_handle_passworded_forum($db, $auth, $topic_id)
+{
+	$sql = 'SELECT t.forum_id, f.forum_password, f.parent_id
+		FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
+		WHERE t.topic_id = " . (int) $topic_id . "
+			AND t.forum_id = f.forum_id";
+	$result = $db->sql_query_limit($sql, 1);
+	$row = $db->sql_fetchrow($result);
+	$db->sql_freeresult($result);
+
+	if ($auth->acl_get('u_download') && $auth->acl_get('f_download', $row['forum_id']))
+	{
+		if ($row && $row['forum_password'])
+		{
+			// Do something else ... ?
+			login_forum_box($row);
+		}
+	}
+	else
+	{
+		send_status_line(403, 'Forbidden');
+		trigger_error('SORRY_AUTH_VIEW_ATTACH');
+	}
+}
-- 
cgit v1.2.1


From e8830c3369dbd4b25a4798eeb3fe2c7834825c42 Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Tue, 14 Aug 2012 11:36:16 +0100
Subject: [feature/attach-dl] Added docblock for renamed
 download_check_forum_auth

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 4299ed47c5..22f217909c 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -614,7 +614,16 @@ function phpbb_increment_downloads($db, $ids)
 	$db->sql_query($sql);
 }
 
-function phpbb_download_handle_passworded_forum($db, $auth, $topic_id)
+/**
+* Checks that the user has permission to download attachments from the forum
+*
+* @param dbal $db The database object
+* @param phpbb_auth $auth The authentication object
+* @param int $topic_id The id of the topic that we are downloading from
+*
+* @return null
+*/
+function phpbb_download_check_forum_auth($db, $auth, $topic_id)
 {
 	$sql = 'SELECT t.forum_id, f.forum_password, f.parent_id
 		FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
-- 
cgit v1.2.1


From 20ecd046daf660a7cb5ae7079cea9a6ed26c9bab Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Tue, 14 Aug 2012 11:42:23 +0100
Subject: [feature/attach-dl] Moved filename cleaning into own function

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 22f217909c..f866c6bbfb 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -647,3 +647,24 @@ function phpbb_download_check_forum_auth($db, $auth, $topic_id)
 		trigger_error('SORRY_AUTH_VIEW_ATTACH');
 	}
 }
+
+/**
+* Cleans a filename of any characters that could potentially cause a problem on
+* a user's filesystem.
+*
+* @param string $filename The filename to clean
+*
+* @return string The cleaned filename
+*/
+function phpbb_download_clean_filename($filename)
+{
+	$bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|');
+
+	// rawurlencode to convert any potentially 'bad' characters that we missed
+	$filename = rawurlencode(str_replace($bad_chars, '_', $filename));
+
+	// Turn the %xx entities created by rawurlencode to _
+	$filename = preg_replace("/%(\w{2})/", '_', $filename);
+
+	return $filename;
+}
-- 
cgit v1.2.1


From b05f36b19759eae3d6e60558355698d457df5b31 Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Tue, 14 Aug 2012 12:03:59 +0100
Subject: [feature/attach-dl] Removed limit

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index f866c6bbfb..14d39806b9 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -629,7 +629,7 @@ function phpbb_download_check_forum_auth($db, $auth, $topic_id)
 		FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
 		WHERE t.topic_id = " . (int) $topic_id . "
 			AND t.forum_id = f.forum_id";
-	$result = $db->sql_query_limit($sql, 1);
+	$result = $db->sql_query($sql);
 	$row = $db->sql_fetchrow($result);
 	$db->sql_freeresult($result);
 
-- 
cgit v1.2.1


From b96c72c156b5fd207ef0b1d1b55df037df688976 Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Tue, 14 Aug 2012 12:47:10 +0100
Subject: [feature/attach-dl] Moved PM authentication handling into own
 function

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 51 +++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 14d39806b9..ac5e5ddd7e 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -648,6 +648,57 @@ function phpbb_download_check_forum_auth($db, $auth, $topic_id)
 	}
 }
 
+/**
+* Handles authentication when downloading attachments from PMs
+*
+* @param dbal $db The database object
+* @param phpbb_auth $auth The authentication object
+* @param int $user_id The user id
+* @param int $msg_id The id of the PM that we are downloading from
+*
+* @return null
+*/
+function phpbb_download_handle_pm_auth($db, $auth, $user_id, $msg_id)
+{
+	if (!$auth->acl_get('u_pm_download'))
+	{
+		send_status_line(403, 'Forbidden');
+		trigger_error('SORRY_AUTH_VIEW_ATTACH');
+	}
+
+	$allowed = phpbb_download_check_pm_auth($db, $user_id, $msg_id);
+
+	if (!$allowed)
+	{
+		send_status_line(403, 'Forbidden');
+		trigger_error('ERROR_NO_ATTACHMENT');
+	}
+}
+
+/**
+* Checks whether a user can download from a particular PM
+*
+* @param dbal $db The database object
+* @param int $user_id The user id
+* @param int $msg_id The id of the PM that we are downloading from
+*
+* @return bool Whether the user is allowed to download from that PM or not
+*/
+function phpbb_download_check_pm_auth($db, $user_id, $msg_id)
+{
+	// Check if the attachment is within the users scope...
+	$sql = 'SELECT user_id, author_id
+		FROM ' . PRIVMSGS_TO_TABLE . '
+		WHERE msg_id = ' . $msg_id . "
+			AND user_id = $user_id
+			OR author_id = $user_id";
+	$result = $db->sql_query_limit($sql, 1);
+	$allowed = $db->sql_fetchrow($result);
+	$db->sql_freeresult($result);
+
+	return $allowed;
+}
+
 /**
 * Cleans a filename of any characters that could potentially cause a problem on
 * a user's filesystem.
-- 
cgit v1.2.1


From 003f8b514bc1345b95859ced087f90fdf87b3b7a Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Tue, 14 Aug 2012 12:49:56 +0100
Subject: [feature/attach-dl] Renamed to phpbb_download_handle_forum_auth

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index ac5e5ddd7e..ed2f598429 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -615,7 +615,7 @@ function phpbb_increment_downloads($db, $ids)
 }
 
 /**
-* Checks that the user has permission to download attachments from the forum
+* Handles authentication when downloading attachments from a post or topic
 *
 * @param dbal $db The database object
 * @param phpbb_auth $auth The authentication object
@@ -623,7 +623,7 @@ function phpbb_increment_downloads($db, $ids)
 *
 * @return null
 */
-function phpbb_download_check_forum_auth($db, $auth, $topic_id)
+function phpbb_download_handle_forum_auth($db, $auth, $topic_id)
 {
 	$sql = 'SELECT t.forum_id, f.forum_password, f.parent_id
 		FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
-- 
cgit v1.2.1


From 9729fa9a3e6fbc559156ccd2b83b64b73e4b0194 Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Tue, 14 Aug 2012 14:43:36 +0100
Subject: [feature/attach-dl] Cast variables to int

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index ed2f598429..0be12aa617 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -689,9 +689,9 @@ function phpbb_download_check_pm_auth($db, $user_id, $msg_id)
 	// Check if the attachment is within the users scope...
 	$sql = 'SELECT user_id, author_id
 		FROM ' . PRIVMSGS_TO_TABLE . '
-		WHERE msg_id = ' . $msg_id . "
-			AND user_id = $user_id
-			OR author_id = $user_id";
+		WHERE msg_id = ' . (int) $msg_id . '
+			AND user_id = ' . (int) $user_id . '
+			OR author_id = ' . (int) $user_id;
 	$result = $db->sql_query_limit($sql, 1);
 	$allowed = $db->sql_fetchrow($result);
 	$db->sql_freeresult($result);
-- 
cgit v1.2.1


From 5827250a94e38d9b637ed8ae9e9c4a584223cc31 Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Wed, 15 Aug 2012 06:08:18 +0800
Subject: [feature/attach-dl] Fixed the logic in an sql statement

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 0be12aa617..182fce222b 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -690,8 +690,10 @@ function phpbb_download_check_pm_auth($db, $user_id, $msg_id)
 	$sql = 'SELECT user_id, author_id
 		FROM ' . PRIVMSGS_TO_TABLE . '
 		WHERE msg_id = ' . (int) $msg_id . '
-			AND user_id = ' . (int) $user_id . '
-			OR author_id = ' . (int) $user_id;
+			AND (
+				user_id = ' . (int) $user_id . '
+				OR author_id = ' . (int) $user_id . '
+			)';
 	$result = $db->sql_query_limit($sql, 1);
 	$allowed = $db->sql_fetchrow($result);
 	$db->sql_freeresult($result);
-- 
cgit v1.2.1


From 227ae48255f7bfb2dd4387c83df3af5320102615 Mon Sep 17 00:00:00 2001
From: Fyorl <gaelreth@gmail.com>
Date: Wed, 15 Aug 2012 06:10:53 +0800
Subject: [feature/attach-dl] Optimised an sql query

PHPBB3-11042
---
 phpBB/includes/functions_download.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'phpBB/includes/functions_download.php')

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 182fce222b..b6371dbecc 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -687,7 +687,7 @@ function phpbb_download_handle_pm_auth($db, $auth, $user_id, $msg_id)
 function phpbb_download_check_pm_auth($db, $user_id, $msg_id)
 {
 	// Check if the attachment is within the users scope...
-	$sql = 'SELECT user_id, author_id
+	$sql = 'SELECT msg_id
 		FROM ' . PRIVMSGS_TO_TABLE . '
 		WHERE msg_id = ' . (int) $msg_id . '
 			AND (
@@ -695,7 +695,7 @@ function phpbb_download_check_pm_auth($db, $user_id, $msg_id)
 				OR author_id = ' . (int) $user_id . '
 			)';
 	$result = $db->sql_query_limit($sql, 1);
-	$allowed = $db->sql_fetchrow($result);
+	$allowed = (bool) $db->sql_fetchfield('msg_id');
 	$db->sql_freeresult($result);
 
 	return $allowed;
-- 
cgit v1.2.1