SimpleMachines /
SMF2.1
@@ -13,8 +13,9 @@ discard block |
||
| 13 | 13 | * @version 2.1 Beta 3 |
| 14 | 14 | */ |
| 15 | 15 | |
| 16 | -if (!defined('SMF')) |
|
| 16 | +if (!defined('SMF')) { |
|
| 17 | 17 | die('No direct access...'); |
| 18 | +} |
|
| 18 | 19 | |
| 19 | 20 | /** |
| 20 | 21 | * Shows an avatar based on $_GET['attach'] |
@@ -35,11 +36,11 @@ discard block |
||
| 35 | 36 | |
| 36 | 37 | if (!empty($modSettings['enableCompressedOutput']) && !headers_sent() && ob_get_length() == 0) |
| 37 | 38 | { |
| 38 | - if (@ini_get('zlib.output_compression') == '1' || @ini_get('output_handler') == 'ob_gzhandler') |
|
| 39 | - $modSettings['enableCompressedOutput'] = 0; |
|
| 40 | - |
|
| 41 | - else |
|
| 42 | - ob_start('ob_gzhandler'); |
|
| 39 | + if (@ini_get('zlib.output_compression') == '1' || @ini_get('output_handler') == 'ob_gzhandler') { |
|
| 40 | + $modSettings['enableCompressedOutput'] = 0; |
|
| 41 | + } else { |
|
| 42 | + ob_start('ob_gzhandler'); |
|
| 43 | + } |
|
| 43 | 44 | } |
| 44 | 45 | |
| 45 | 46 | if (empty($modSettings['enableCompressedOutput'])) |
@@ -71,8 +72,9 @@ discard block |
||
| 71 | 72 | } |
| 72 | 73 | |
| 73 | 74 | // Use cache when possible. |
| 74 | - if (($cache = cache_get_data('attachment_lookup_id-' . $attachId)) != null) |
|
| 75 | - list($file, $thumbFile) = $cache; |
|
| 75 | + if (($cache = cache_get_data('attachment_lookup_id-' . $attachId)) != null) { |
|
| 76 | + list($file, $thumbFile) = $cache; |
|
| 77 | + } |
|
| 76 | 78 | |
| 77 | 79 | // Get the info from the DB. |
| 78 | 80 | if (empty($file) || empty($thumbFile) && !empty($file['id_thumb'])) |
@@ -80,10 +82,9 @@ discard block |
||
| 80 | 82 | // Do we have a hook wanting to use our attachment system? We use $attachRequest to prevent accidental usage of $request. |
| 81 | 83 | $attachRequest = null; |
| 82 | 84 | call_integration_hook('integrate_download_request', array(&$attachRequest)); |
| 83 | - if (!is_null($attachRequest) && $smcFunc['db_is_resource']($attachRequest)) |
|
| 84 | - $request = $attachRequest; |
|
| 85 | - |
|
| 86 | - else |
|
| 85 | + if (!is_null($attachRequest) && $smcFunc['db_is_resource']($attachRequest)) { |
|
| 86 | + $request = $attachRequest; |
|
| 87 | + } else |
|
| 87 | 88 | { |
| 88 | 89 | // Make sure this attachment is on this board and load its info while we are at it. |
| 89 | 90 | $request = $smcFunc['db_query']('', ' |
@@ -176,13 +177,15 @@ discard block |
||
| 176 | 177 | } |
| 177 | 178 | |
| 178 | 179 | // Cache it. |
| 179 | - if (!empty($file) || !empty($thumbFile)) |
|
| 180 | - cache_put_data('attachment_lookup_id-' . $file['id_attach'], array($file, $thumbFile), mt_rand(850, 900)); |
|
| 180 | + if (!empty($file) || !empty($thumbFile)) { |
|
| 181 | + cache_put_data('attachment_lookup_id-' . $file['id_attach'], array($file, $thumbFile), mt_rand(850, 900)); |
|
| 182 | + } |
|
| 181 | 183 | } |
| 182 | 184 | |
| 183 | 185 | // Replace the normal file with its thumbnail if it has one! |
| 184 | - if (!empty($showThumb) && !empty($thumbFile)) |
|
| 185 | - $file = $thumbFile; |
|
| 186 | + if (!empty($showThumb) && !empty($thumbFile)) { |
|
| 187 | + $file = $thumbFile; |
|
| 188 | + } |
|
| 186 | 189 | |
| 187 | 190 | // No point in a nicer message, because this is supposed to be an attachment anyway... |
| 188 | 191 | if (!file_exists($file['filePath'])) |
@@ -232,8 +235,8 @@ discard block |
||
| 232 | 235 | } |
| 233 | 236 | |
| 234 | 237 | // Update the download counter (unless it's a thumbnail or resuming an incomplete download). |
| 235 | - if ($file['attachment_type'] != 3 && empty($showThumb) && $range === 0) |
|
| 236 | - $smcFunc['db_query']('attach_download_increase', ' |
|
| 238 | + if ($file['attachment_type'] != 3 && empty($showThumb) && $range === 0) { |
|
| 239 | + $smcFunc['db_query']('attach_download_increase', ' |
|
| 237 | 240 | UPDATE LOW_PRIORITY {db_prefix}attachments |
| 238 | 241 | SET downloads = downloads + 1 |
| 239 | 242 | WHERE id_attach = {int:id_attach}', |
@@ -241,12 +244,14 @@ discard block |
||
| 241 | 244 | 'id_attach' => $attachId, |
| 242 | 245 | ) |
| 243 | 246 | ); |
| 247 | + } |
|
| 244 | 248 | |
| 245 | 249 | // Send the attachment headers. |
| 246 | 250 | header('Pragma: '); |
| 247 | 251 | |
| 248 | - if (!isBrowser('gecko')) |
|
| 249 | - header('Content-Transfer-Encoding: binary'); |
|
| 252 | + if (!isBrowser('gecko')) { |
|
| 253 | + header('Content-Transfer-Encoding: binary'); |
|
| 254 | + } |
|
| 250 | 255 | |
| 251 | 256 | header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 525600 * 60) . ' GMT'); |
| 252 | 257 | header('Last-Modified: ' . gmdate('D, d M Y H:i:s', filemtime($file['filePath'])) . ' GMT'); |
@@ -255,18 +260,19 @@ discard block |
||
| 255 | 260 | header('ETag: ' . $eTag); |
| 256 | 261 | |
| 257 | 262 | // Make sure the mime type warrants an inline display. |
| 258 | - if (isset($_REQUEST['image']) && !empty($file['mime_type']) && strpos($file['mime_type'], 'image/') !== 0) |
|
| 259 | - unset($_REQUEST['image']); |
|
| 263 | + if (isset($_REQUEST['image']) && !empty($file['mime_type']) && strpos($file['mime_type'], 'image/') !== 0) { |
|
| 264 | + unset($_REQUEST['image']); |
|
| 265 | + } |
|
| 260 | 266 | |
| 261 | 267 | // Does this have a mime type? |
| 262 | - elseif (!empty($file['mime_type']) && (isset($_REQUEST['image']) || !in_array($file['fileext'], array('jpg', 'gif', 'jpeg', 'x-ms-bmp', 'png', 'psd', 'tiff', 'iff')))) |
|
| 263 | - header('Content-Type: ' . strtr($file['mime_type'], array('image/bmp' => 'image/x-ms-bmp'))); |
|
| 264 | - |
|
| 265 | - else |
|
| 268 | + elseif (!empty($file['mime_type']) && (isset($_REQUEST['image']) || !in_array($file['fileext'], array('jpg', 'gif', 'jpeg', 'x-ms-bmp', 'png', 'psd', 'tiff', 'iff')))) { |
|
| 269 | + header('Content-Type: ' . strtr($file['mime_type'], array('image/bmp' => 'image/x-ms-bmp'))); |
|
| 270 | + } else |
|
| 266 | 271 | { |
| 267 | 272 | header('Content-Type: ' . (isBrowser('ie') || isBrowser('opera') ? 'application/octetstream' : 'application/octet-stream')); |
| 268 | - if (isset($_REQUEST['image'])) |
|
| 269 | - unset($_REQUEST['image']); |
|
| 273 | + if (isset($_REQUEST['image'])) { |
|
| 274 | + unset($_REQUEST['image']); |
|
| 275 | + } |
|
| 270 | 276 | } |
| 271 | 277 | |
| 272 | 278 | // Convert the file to UTF-8, cuz most browsers dig that. |
@@ -274,24 +280,22 @@ discard block |
||
| 274 | 280 | $disposition = !isset($_REQUEST['image']) ? 'attachment' : 'inline'; |
| 275 | 281 | |
| 276 | 282 | // Different browsers like different standards... |
| 277 | - if (isBrowser('firefox')) |
|
| 278 | - header('Content-Disposition: ' . $disposition . '; filename*=UTF-8\'\'' . rawurlencode(preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name))); |
|
| 279 | - |
|
| 280 | - elseif (isBrowser('opera')) |
|
| 281 | - header('Content-Disposition: ' . $disposition . '; filename="' . preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name) . '"'); |
|
| 282 | - |
|
| 283 | - elseif (isBrowser('ie')) |
|
| 284 | - header('Content-Disposition: ' . $disposition . '; filename="' . urlencode(preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name)) . '"'); |
|
| 285 | - |
|
| 286 | - else |
|
| 287 | - header('Content-Disposition: ' . $disposition . '; filename="' . $utf8name . '"'); |
|
| 283 | + if (isBrowser('firefox')) { |
|
| 284 | + header('Content-Disposition: ' . $disposition . '; filename*=UTF-8\'\'' . rawurlencode(preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name))); |
|
| 285 | + } elseif (isBrowser('opera')) { |
|
| 286 | + header('Content-Disposition: ' . $disposition . '; filename="' . preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name) . '"'); |
|
| 287 | + } elseif (isBrowser('ie')) { |
|
| 288 | + header('Content-Disposition: ' . $disposition . '; filename="' . urlencode(preg_replace_callback('~&#(\d{3,8});~', 'fixchar__callback', $utf8name)) . '"'); |
|
| 289 | + } else { |
|
| 290 | + header('Content-Disposition: ' . $disposition . '; filename="' . $utf8name . '"'); |
|
| 291 | + } |
|
| 288 | 292 | |
| 289 | 293 | // If this has an "image extension" - but isn't actually an image - then ensure it isn't cached cause of silly IE. |
| 290 | - if (!isset($_REQUEST['image']) && in_array($file['fileext'], array('gif', 'jpg', 'bmp', 'png', 'jpeg', 'tiff'))) |
|
| 291 | - header('Cache-Control: no-cache'); |
|
| 292 | - |
|
| 293 | - else |
|
| 294 | - header('Cache-Control: max-age=' . (525600 * 60) . ', private'); |
|
| 294 | + if (!isset($_REQUEST['image']) && in_array($file['fileext'], array('gif', 'jpg', 'bmp', 'png', 'jpeg', 'tiff'))) { |
|
| 295 | + header('Cache-Control: no-cache'); |
|
| 296 | + } else { |
|
| 297 | + header('Cache-Control: max-age=' . (525600 * 60) . ', private'); |
|
| 298 | + } |
|
| 295 | 299 | |
| 296 | 300 | // Multipart and resuming support |
| 297 | 301 | if (isset($_SERVER['HTTP_RANGE'])) |
@@ -299,9 +303,9 @@ discard block |
||
| 299 | 303 | header("HTTP/1.1 206 Partial Content"); |
| 300 | 304 | header("Content-Length: $new_length"); |
| 301 | 305 | header("Content-Range: bytes $range-$range_end/$size"); |
| 306 | + } else { |
|
| 307 | + header("Content-Length: " . $size); |
|
| 302 | 308 | } |
| 303 | - else |
|
| 304 | - header("Content-Length: " . $size); |
|
| 305 | 309 | |
| 306 | 310 | |
| 307 | 311 | // Try to buy some time... |
@@ -310,8 +314,9 @@ discard block |
||
| 310 | 314 | // For multipart/resumable downloads, send the requested chunk(s) of the file |
| 311 | 315 | if (isset($_SERVER['HTTP_RANGE'])) |
| 312 | 316 | { |
| 313 | - while (@ob_get_level() > 0) |
|
| 314 | - @ob_end_clean(); |
|
| 317 | + while (@ob_get_level() > 0) { |
|
| 318 | + @ob_end_clean(); |
|
| 319 | + } |
|
| 315 | 320 | |
| 316 | 321 | // 40 kilobytes is a good-ish amount |
| 317 | 322 | $chunksize = 40 * 1024; |
@@ -335,8 +340,9 @@ discard block |
||
| 335 | 340 | elseif ($size > 4194304) |
| 336 | 341 | { |
| 337 | 342 | // Forcibly end any output buffering going on. |
| 338 | - while (@ob_get_level() > 0) |
|
| 339 | - @ob_end_clean(); |
|
| 343 | + while (@ob_get_level() > 0) { |
|
| 344 | + @ob_end_clean(); |
|
| 345 | + } |
|
| 340 | 346 | |
| 341 | 347 | $fp = fopen($file['filePath'], 'rb'); |
| 342 | 348 | while (!feof($fp)) |
@@ -348,8 +354,9 @@ discard block |
||
| 348 | 354 | } |
| 349 | 355 | |
| 350 | 356 | // On some of the less-bright hosts, readfile() is disabled. It's just a faster, more byte safe, version of what's in the if. |
| 351 | - elseif (@readfile($file['filePath']) === null) |
|
| 352 | - echo file_get_contents($file['filePath']); |
|
| 357 | + elseif (@readfile($file['filePath']) === null) { |
|
| 358 | + echo file_get_contents($file['filePath']); |
|
| 359 | + } |
|
| 353 | 360 | |
| 354 | 361 | die(); |
| 355 | 362 | } |
