phpBB

Code Changes

File: includes/functions_download.php

  Unmodified   Added   Modified   Removed
Line 108Line 108
	echo '<html>';
echo '<head>';
echo '<meta charset="utf-8">';

	echo '<html>';
echo '<head>';
echo '<meta charset="utf-8">';

 
	echo '<meta http-equiv="X-UA-Compatible" content="IE=edge">';

	echo '<title>' . $title . '</title>';
echo '</head>';
echo '<body>';

	echo '<title>' . $title . '</title>';
echo '</head>';
echo '<body>';

Line 123Line 124
*/
function send_file_to_browser($attachment, $upload_dir, $category)
{

*/
function send_file_to_browser($attachment, $upload_dir, $category)
{

	global $user, $db, $config, $phpbb_root_path;

	global $user, $db, $config, $phpbb_dispatcher, $phpbb_root_path;


$filename = $phpbb_root_path . $upload_dir . '/' . $attachment['physical_filename'];



$filename = $phpbb_root_path . $upload_dir . '/' . $attachment['physical_filename'];


Line 147Line 148

// Now send the File Contents to the Browser
$size = @filesize($filename);


// Now send the File Contents to the Browser
$size = @filesize($filename);

 

/**
* Event to alter attachment before it is sent to browser.
*
* @event core.send_file_to_browser_before
* @var array attachment Attachment data
* @var string upload_dir Relative path of upload directory
* @var int category Attachment category
* @var string filename Path to file, including filename
* @var int size File size
* @since 3.1.11-RC1
*/
$vars = array(
'attachment',
'upload_dir',
'category',
'filename',
'size',
);
extract($phpbb_dispatcher->trigger_event('core.send_file_to_browser_before', compact($vars)));


// To correctly display further errors we need to make sure we are using the correct headers for both (unsetting content-length may not work)



// To correctly display further errors we need to make sure we are using the correct headers for both (unsetting content-length may not work)


Line 165Line 186
	}

// Make sure the database record for the filesize is correct

	}

// Make sure the database record for the filesize is correct

	if ($size > 0 && $size != $attachment['filesize'])

	if ($size > 0 && $size != $attachment['filesize'] && strpos($attachment['physical_filename'], 'thumb_') === false)

	{
// Update database record
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '

	{
// Update database record
$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '

Line 208Line 229
				header('X-Download-Options: noopen');
}
}

				header('X-Download-Options: noopen');
}
}

	}

if ($size)
{
header("Content-Length: $size");

 
	}

// Close the db connection before sending the file etc.

	}

// Close the db connection before sending the file etc.

Line 236Line 252
			// and always requires an absolute path.
header('X-Sendfile: ' . dirname(__FILE__) . "/../$upload_dir/{$attachment['physical_filename']}");
exit;

			// and always requires an absolute path.
header('X-Sendfile: ' . dirname(__FILE__) . "/../$upload_dir/{$attachment['physical_filename']}");
exit;

 
		}

if ($size)
{
header("Content-Length: $size");

		}

// Try to deliver in chunks

		}

// Try to deliver in chunks

Line 283Line 304

// There be dragons here.
// Not many follows the RFC...


// There be dragons here.
// Not many follows the RFC...

	if (strpos($user_agent, 'MSIE') !== false || strpos($user_agent, 'Safari') !== false || strpos($user_agent, 'Konqueror') !== false)

	if (strpos($user_agent, 'MSIE') !== false || strpos($user_agent, 'Konqueror') !== false)

	{
return "filename=" . rawurlencode($file);
}

	{
return "filename=" . rawurlencode($file);
}

Line 412Line 433
	global $request;

// let's see if we have to send the file at all

	global $request;

// let's see if we have to send the file at all

	$last_load 	=  $request->header('Modified-Since') ? strtotime(trim($request->header('Modified-Since'))) : false;

	$last_load 	=  $request->header('If-Modified-Since') ? strtotime(trim($request->header('If-Modified-Since'))) : false;


if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie_version($browser, 7))
{


if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie_version($browser, 7))
{

Line 676Line 697
*/
function phpbb_download_handle_pm_auth($db, $auth, $user_id, $msg_id)
{

*/
function phpbb_download_handle_pm_auth($db, $auth, $user_id, $msg_id)
{

 
	global $phpbb_dispatcher;


	if (!$auth->acl_get('u_pm_download'))
{
send_status_line(403, 'Forbidden');

	if (!$auth->acl_get('u_pm_download'))
{
send_status_line(403, 'Forbidden');

Line 683Line 706
	}

$allowed = phpbb_download_check_pm_auth($db, $user_id, $msg_id);

	}

$allowed = phpbb_download_check_pm_auth($db, $user_id, $msg_id);

 

/**
* Event to modify PM attachments download auth
*
* @event core.modify_pm_attach_download_auth
* @var bool allowed Whether the user is allowed to download from that PM or not
* @var int msg_id The id of the PM to download from
* @var int user_id The user id for auth check
* @since 3.1.11-RC1
*/
$vars = array('allowed', 'msg_id', 'user_id');
extract($phpbb_dispatcher->trigger_event('core.modify_pm_attach_download_auth', compact($vars)));


if (!$allowed)
{


if (!$allowed)
{