$attachment['physical_filename'] = 'thumb_' . $attachment['physical_filename'];
} else {
// Update download count
$sql = 'UPDATE ' . FORUMS_ATTACHMENTS_TABLE . '
SET download_count = download_count + 1
WHERE attach_id = ' . $attachment['attach_id'];
$_CLASS['core_db']->sql_query($sql);
}
// Determine the 'presenting'-method
if ($download_mode == PHYSICAL_LINK) {
if (!@is_dir($config['upload_path'])) {
trigger_error($_CLASS['core_user']->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']);
}
redirect($config['upload_path'] . '/' . $attachment['physical_filename']);
} else {
send_file_to_browser($attachment, $config['upload_path'], $extensions[$attachment['extension']]['display_cat']);
exit;
}
// ---------
// FUNCTIONS
//
function send_file_to_browser($attachment, $upload_dir, $category)
{
global $_CLASS, $config;
$filename = $upload_dir . '/' . $attachment['physical_filename'];
if (!@file_exists($filename)) {
trigger_error($_CLASS['core_user']->lang['ERROR_NO_ATTACHMENT'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['FILE_NOT_FOUND_404'], $filename));
}
// Determine the Browser the User is using, because of some nasty incompatibilities.
// borrowed from phpMyAdmin. :)
$user_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
}
}
blog_plugins::plugin_do('download_before_send');
if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && strpos($attachment['mimetype'], 'image') === 0 && strpos(strtolower($user->browser), 'msie') !== false) {
wrap_img_in_html(append_sid('./blog.' . $phpEx, 'page=download&id=' . $attachment['attach_id']), $attachment['real_filename']);
} else {
// Determine the 'presenting'-method
if ($download_mode == PHYSICAL_LINK) {
// This presenting method should no longer be used
if (!@is_dir($phpbb_root_path . $config['upload_path'])) {
trigger_error($user->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']);
}
redirect($phpbb_root_path . $config['upload_path'] . '/' . $attachment['physical_filename']);
exit;
} else {
send_file_to_browser($attachment, $config['upload_path'] . '/blog_mod', $display_cat);
exit;
}
}
blog_plugins::plugin_do('download_end');
/**
* Wraps an url into a simple html page. Used to display attachments in IE.
* this is a workaround for now; might be moved to template system later
* direct any complaints to 1 Microsoft Way, Redmond
*/
function wrap_img_in_html($src, $title)
{
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd">';
echo '<html>';
echo '<head>';
echo '<meta http-equiv="content-type" content="text/html; charset=UTF-8" />';
}
if (intval($attach_config['allow_ftp_upload'])) {
if (trim($attach_config['download_path']) == '') {
message_die(GENERAL_ERROR, 'Physical Download not possible with the current Attachment Setting');
}
$url = trim($attach_config['download_path']) . '/' . $attachment['physical_filename'];
$redirect_path = $url;
} else {
$url = $upload_dir . '/' . $attachment['physical_filename'];
// $url = preg_replace('/^\/?(.*?\/)?$/', '\1', trim($url));
$redirect_path = $server_protocol . $server_name . $server_port . $script_name . $url;
}
// Redirect via an HTML form for PITA webservers
if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE'))) {
header('Refresh: 0; URL=' . $redirect_path);
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $redirect_path . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $redirect_path . '">HERE</a> to be redirected</div></body></html>';
exit;
}
// Behave as per HTTP/1.1 spec for others
header('Location: ' . $redirect_path);
exit;
} else {
if (intval($attach_config['allow_ftp_upload'])) {
// We do not need a download path, we are not downloading physically
send_file_to_browser($attachment, '');
exit;
} else {
send_file_to_browser($attachment, $upload_dir);
exit;
}
}
SET download_count = download_count + 1
WHERE attachment_id = ' . $attachment['attachment_id'];
phpbb::$db->sql_query($sql);
// Update download count for the contrib object as well
if ($attachment['object_type'] == TITANIA_CONTRIB) {
$sql = 'UPDATE ' . TITANIA_CONTRIBS_TABLE . '
SET contrib_downloads = contrib_downloads + 1
WHERE contrib_id = ' . $attachment['object_id'];
phpbb::$db->sql_query($sql);
}
}
if (!$thumbnail && $mode === 'view' && strpos($attachment['mimetype'], 'image') === 0 && (strpos(strtolower(phpbb::$user->browser), 'msie') !== false && strpos(strtolower(phpbb::$user->browser), 'msie 8.0') === false)) {
wrap_img_in_html(titania_url::build_url('download', array('id' => $attachment['attachment_id'])), $attachment['real_filename']);
file_gc();
} else {
send_file_to_browser($attachment, titania::$config->upload_path);
file_gc();
}
/**
* Wraps an url into a simple html page. Used to display attachments in IE.
* this is a workaround for now; might be moved to template system later
* direct any complaints to 1 Microsoft Way, Redmond
*/
function wrap_img_in_html($src, $title)
{
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd">';
echo '<html>';
echo '<head>';
echo '<meta http-equiv="content-type" content="text/html; charset=UTF-8" />';
echo '<title>' . $title . '</title>';
echo '</head>';
function main($action)
{
global $db, $config, $template, $theme, $user, $lang;
global $gen_simple_header, $starttime, $debug;
global $cms_config_vars, $cms_page;
global $pafiledb_config, $pafiledb_user, $pafiledb_functions;
$cat_id = request_var('cat_id', 0);
$file_id = request_var('file_id', 0);
$action = request_var('action', '');
if (!empty($file_id)) {
$file_id = $file_id;
} elseif ($file_id == 0 && $action != '') {
$file_id_array = array();
$file_id_array = explode('=', $action);
$file_id = $file_id_array[1];
} else {
message_die(GENERAL_MESSAGE, $lang['File_not_exist']);
}
$mirror_id = request_var('mirror_id', 0);
$sql = 'SELECT *
FROM ' . PA_FILES_TABLE . " AS f\n\t\t\tWHERE f.file_id = {$file_id}";
$result = $db->sql_query($sql);
//=========================================================================
// Id doesn't match with any file in the database another nice error message
//=========================================================================
if (!($file_data = $db->sql_fetchrow($result))) {
message_die(GENERAL_MESSAGE, $lang['File_not_exist']);
}
$db->sql_freeresult($result);
//=========================================================================
// Check if the user is authorized to download the file
//=========================================================================
if (!$this->auth[$file_data['file_catid']]['auth_download']) {
if (!$user->data['session_logged_in']) {
redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=dload.' . PHP_EXT . '&action=download&file_id=' . $file_id, true));
}
$message = sprintf($lang['Sorry_auth_download'], $this->auth[$file_data['file_catid']]['auth_download_type']);
message_die(GENERAL_MESSAGE, $message);
}
//=========================================================================
// Check for hot links
// Borrowed from Smartor Album mod, thanks Smartor
//=========================================================================
$url_referer = !empty($_SERVER['HTTP_REFERER']) ? (string) $_SERVER['HTTP_REFERER'] : '';
if ($pafiledb_config['hotlink_prevent'] && !empty($url_referer)) {
$check_referer = explode('?', $url_referer);
$check_referer = trim($check_referer[0]);
$good_referers = array();
if ($pafiledb_config['hotlink_allowed'] != '') {
$good_referers = explode(',', $pafiledb_config['hotlink_allowed']);
}
$good_referers[] = $config['server_name'];
$errored = true;
for ($i = 0; $i < sizeof($good_referers); $i++) {
$good_referers[$i] = trim($good_referers[$i]);
if (!empty($good_referers[$i]) && strstr($check_referer, $good_referers[$i]) !== false) {
$errored = false;
break;
}
}
if ($errored) {
message_die(GENERAL_MESSAGE, $lang['Directly_linked']);
}
}
$sql = 'SELECT *
FROM ' . PA_MIRRORS_TABLE . " AS f\n\t\t\tWHERE f.file_id = {$file_id}\n\t\t\tORDER BY mirror_id";
$result = $db->sql_query($sql);
$mirrors_data = array();
while ($row = $db->sql_fetchrow($result)) {
$mirrors_data[$row['mirror_id']] = $row;
}
$db->sql_freeresult($result);
if (!empty($mirrors_data) && !$mirror_id) {
$this->generate_category_nav($file_data['file_catid']);
$template->assign_vars(array('L_INDEX' => sprintf($lang['Forum_Index'], $config['sitename']), 'L_MIRRORS' => $lang['Mirrors'], 'L_MIRROR_LOCATION' => $lang['Mirror_location'], 'L_DOWNLOAD' => $lang['Download_file'], 'L_HOME' => $lang['Home'], 'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($config['default_dateformat'], time(), $config['board_timezone'])), 'U_INDEX_HOME' => append_sid(CMS_PAGE_HOME), 'U_DOWNLOAD_HOME' => append_sid('dload.' . PHP_EXT), 'FILE_NAME' => $file_data['file_name'], 'DOWNLOAD' => $pafiledb_config['settings_dbname']));
$template->assign_block_vars('mirror_row', array('U_DOWNLOAD' => append_sid('dload.' . PHP_EXT . '?action=download&file_id=' . $file_id . '&mirror_id=-1'), 'MIRROR_LOCATION' => $config['sitename']));
foreach ($mirrors_data as $mir_id => $mirror_data) {
$template->assign_block_vars('mirror_row', array('U_DOWNLOAD' => append_sid('dload.' . PHP_EXT . '?action=download&file_id=' . $file_id . '&mirror_id=' . $mir_id), 'MIRROR_LOCATION' => $mirror_data['mirror_location']));
}
page_header('', true);
$this->display($lang['Download'], 'pa_mirrors_body.tpl');
page_footer(true, '', true);
} elseif (!empty($mirrors_data) && $mirror_id == -1 || empty($mirrors_data)) {
$real_filename = $file_data['real_name'];
//$real_filename = '"' . $file_data['real_name'] . '"';
$physical_filename = $file_data['unique_name'];
$upload_dir = !empty($file_data['upload_dir']) ? $file_data['upload_dir'] : $pafiledb_config['upload_dir'];
$file_url = $file_data['file_dlurl'];
} elseif ($mirror_id > 0 && !empty($mirrors_data[$mirror_id])) {
$real_filename = $mirrors_data[$mirror_id]['real_name'];
//$real_filename = '"' . $mirrors_data[$mirror_id]['real_name'] . '"';
$physical_filename = $mirrors_data[$mirror_id]['unique_name'];
$upload_dir = !empty($mirrors_data[$mirror_id]['upload_dir']) ? $mirrors_data[$mirror_id]['upload_dir'] : $pafiledb_config['upload_dir'];
$file_url = $mirrors_data[$mirror_id]['file_dlurl'];
} else {
message_die(GENERAL_MESSAGE, 'Mirror doesn\'t exist');
}
//=========================================================================
// Update download counter and the last downloaded date
//=========================================================================
$current_time = time();
$file_dls = intval($file_data['file_dls']) + 1;
$sql = 'UPDATE ' . PA_FILES_TABLE . "\n\t\t\tSET file_dls = {$file_dls}, file_last = {$current_time}\n\t\t\tWHERE file_id = {$file_id}";
$db->sql_query($sql);
//=========================================================================
// Update downloader Info for the given file
//=========================================================================
$pafiledb_user->update_downloader_info($file_id);
if (!empty($file_url)) {
$file_url = !strstr($file_url, '://') && strpos($file_url, DOWNLOADS_PATH) === false ? 'http://' . $file_url : (strpos($file_url, DOWNLOADS_PATH) && !strstr($file_url, '://') ? IP_ROOT_PATH . $file_url : $file_url);
pa_redirect($file_url);
} else {
//=========================================================================
// now send the file to the user so he can enjoy it :D
//=========================================================================
/*
if($pafiledb_functions->get_extension($physical_filename) == 'pdf')
{
$file_url = IP_ROOT_PATH . $upload_dir . $physical_filename;
pa_redirect($file_url);
}
elseif(!send_file_to_browser($real_filename, 'application/force-download', $physical_filename, IP_ROOT_PATH . $upload_dir))
{
$file_url = IP_ROOT_PATH . $upload_dir . $physical_filename;
pa_redirect($file_url);
}
*/
if ($pafiledb_functions->get_extension($physical_filename) == 'pdf') {
$mimetype = 'application/pdf';
} else {
$mimetype = 'application/force-download';
}
if (!send_file_to_browser($real_filename, $mimetype, $physical_filename, IP_ROOT_PATH . $upload_dir)) {
message_die(GENERAL_ERROR, $lang['Error_no_download'] . '<br /><br /><b>404 File Not Found:</b> The File <i>' . $real_filename . '</i> does not exist.');
}
}
}
define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
}
require TITANIA_ROOT . 'common.' . PHP_EXT;
phpbb::$user->add_lang('viewtopic');
// Thank you sun.
if (isset($_SERVER['CONTENT_TYPE'])) {
if ($_SERVER['CONTENT_TYPE'] === 'application/x-java-archive') {
exit;
}
} else {
if (isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], 'Java') !== false) {
exit;
}
}
$revision_id = request_var('id', 0);
send_file_to_browser($revision_id, titania::$config->modx_storage_path);
file_gc();
/**
* Send file to browser
*/
function send_file_to_browser($attachment, $upload_dir)
{
$filename = $upload_dir . $attachment;
if (!@file_exists($filename)) {
trigger_error(phpbb::$user->lang['ERROR_NO_ATTACHMENT'] . '<br /><br />' . sprintf(phpbb::$user->lang['FILE_NOT_FOUND_404'], $filename));
}
if (@ob_get_length()) {
@ob_end_clean();
}
// Now send the File Contents to the Browser
$size = @filesize($filename);
