Development Discussion Board

[bolverk]

Wki is not a source of objective data.

I generally would agree with that as I know at one time a wikipedia entry for Albert Einstein served up a pornographic image.
However, I am curious how many web-servers you "have touched" Do you have an actual number or estimate you are basing your conclusion on?
Is that number greater than two hundred and five million, seven hundred fourteen thousand, two hundred and fifty-three? If not I would have to say that I would trust Netcraft's statistics a little bit more than yours.

As the #2 most widely used web server platform, IIS (Microsoft) most definitely needs to be supported transparently in any phpBB implementation along with all *nix flavors. In other words, no feature or function of phpBB should work on *nix and not IIS and vice versa.

[igorw]

Security needs to be strongly considered here. The whole point of download/file.php is to ensure secure downloads, mainly protecting against IE mime sniffing and plugin (flash's cross domain and java GIFAR) attacks. Additionally it can enforce MIME types and it prevents potential LFI by keeping file names secret. These things need to be kept in mind, serving files directly is a security risk.

An easy way out of most of these issues would be to use a completely different TLD to serve all of the files, which would allow serving files directly. (related: CDN)

A good post on the subject: http://stackoverflow.com/questions/6025 ... 904#602904

[shoeib]

Hi and thanks for this first step towards direct link download in phpBB.

I have done the all the things that is written in the frist post. But when I click on a downlaod link in my forum it gives me a 403 forbidden access page!

What can be the problem?


Thnaks

[Meis2M]

any way to add an ability to multi upload attachments in topics or posts ?!

[bantu]

any way to add an ability to multi upload attachments in topics or posts ?!

What you want is neither related to this topic nor related to Resuming for attachments / HTTP range support.

Please create a new topic in 3.2 discussion or 3.2 RFC.

[Meis2M]

thank u i created in here
viewtopic.php?f=105&t=33645&start=0

[bantu]

If you have a busy forum and want PHP to be less involved when it comes to attachment downloads, I'd suggest to use something like X-Accel-Redirect (nginx) or x-sendfile (lighttpd). Both options probably do not support http range requests (ability to resume downloads), but it should still be possible to handle those with PHP as in viewtopic.php?f=84&t=33120. Because of the potential risk of exposing the physical filename in case the webserver doesn't support X-Accel-Redirect / x-sendfile, you will have to manually enable X-Accel-Redirect / x-sendfile. See http://tracker.phpbb.com/browse/PHPBB3-9790

[Oleg]

Is this an accepted RFC for 3.1?

This feels like a discussion topic with a patch attached. Perhaps it would be better off in the discussion forum, if it is undecided whether this feature would be (ever) implemented.

[bantu]

Moved.

[bantu]

If you have a busy forum and want PHP to be less involved when it comes to attachment downloads, I'd suggest to use something like X-Accel-Redirect (nginx) or x-sendfile (lighttpd). Both options probably do not support http range requests (ability to resume downloads), but it should still be possible to handle those with PHP as in viewtopic.php?f=84&t=33120. Because of the potential risk of exposing the physical filename in case the webserver doesn't support X-Accel-Redirect / x-sendfile, you will have to manually enable X-Accel-Redirect / x-sendfile. See http://tracker.phpbb.com/browse/PHPBB3-9790

Feel free to give this a try. https://github.com/bantu/phpbb3/compare ... icket/9790