function send_file_to_browser($attachment, $upload_dir)
{
global $bb_cfg, $lang, $userdata;
$filename = $upload_dir == '' ? $attachment['physical_filename'] : $upload_dir . '/' . $attachment['physical_filename'];
$gotit = false;
if (@(!file_exists(@amod_realpath($filename)))) {
bb_die($lang['ERROR_NO_ATTACHMENT'] . "<br /><br />" . $filename . "<br /><br />" . $lang['TOR_NOT_FOUND']);
} else {
$gotit = true;
}
// Correct the mime type - we force application/octet-stream for all files, except images
// Please do not change this, it is a security precaution
if (!strstr($attachment['mimetype'], 'image')) {
$attachment['mimetype'] = 'application/octet-stream';
}
//bt
if (!(isset($_GET['original']) && !IS_USER)) {
include INC_DIR . 'functions_torrent.php';
send_torrent_with_passkey($filename);
}
// Now the tricky part... let's dance
header('Pragma: public');
$real_filename = clean_filename(basename($attachment['real_filename']));
$mimetype = $attachment['mimetype'] . ';';
$charset = "charset={$bb_cfg['lang'][$userdata['user_lang']]['encoding']};";
// Send out the Headers
header("Content-Type: {$mimetype} {$charset} name=\"{$real_filename}\"");
header("Content-Disposition: inline; filename=\"{$real_filename}\"");
unset($real_filename);
// Now send the File Contents to the Browser
if ($gotit) {
$size = @filesize($filename);
if ($size) {
header("Content-length: {$size}");
}
readfile($filename);
} else {
bb_die($lang['ERROR_NO_ATTACHMENT'] . "<br /><br />" . $filename . "<br /><br />" . $lang['TOR_NOT_FOUND']);
}
exit;
}
/**
* Check if Thumbnail exist
*/
function thumbnail_exists($filename)
{
global $upload_dir, $config;
$filename = basename($filename);
if (!intval($config['allow_ftp_upload'])) {
if (!@file_exists(@amod_realpath($upload_dir . '/' . THUMB_DIR . '/t_' . $filename))) {
return false;
} else {
return true;
}
} else {
$found = false;
$conn_id = attach_init_ftp(MODE_THUMBNAIL);
$file_listing = array();
$filename = 't_' . $filename;
$file_listing = @ftp_rawlist($conn_id, $filename);
for ($i = 0, $size = sizeof($file_listing); $i < $size; $i++) {
if (ereg("([-d])[rwxst-]{9}.* ([0-9]*) ([a-zA-Z]+[0-9: ]*[0-9]) ([0-9]{2}:[0-9]{2}) (.+)", $file_listing[$i], $regs)) {
if ($regs[1] == 'd') {
$dirinfo[0] = 1;
// Directory == 1
}
$dirinfo[1] = $regs[2];
// Size
$dirinfo[2] = $regs[3];
// Date
$dirinfo[3] = $regs[4];
// Filename
$dirinfo[4] = $regs[5];
// Time
}
if ($dirinfo[0] != 1 && $dirinfo[4] == $filename) {
$found = true;
}
}
@ftp_quit($conn_id);
return $found;
}
}
function move_uploaded_attachment($upload_mode, $file)
{
global $error, $error_msg, $lang, $upload_dir;
if (!is_uploaded_file($file)) {
message_die(GENERAL_ERROR, 'Unable to upload file. The given source has not been uploaded.', __LINE__, __FILE__);
}
switch ($upload_mode) {
case 'copy':
/*
$ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
$tmp_path = ( !@$ini_val('safe_mode') ) ? '' : $upload_dir . '/tmp';
if ($tmp_path != '')
{
$tmp_filename = tempnam($tmp_path, 't0000');
$fd = fopen($file, 'r');
$data = fread ($fd, $this->filesize);
fclose ($fd);
$fptr = @fopen($tmp_filename, 'wb');
$bytes_written = @fwrite($fptr, $data, $this->filesize);
@fclose($fptr);
$file = $tmp_filename;
}
*/
if (!@copy($file, $upload_dir . '/' . $this->attach_filename)) {
if (!@move_uploaded_file($file, $upload_dir . '/' . $this->attach_filename)) {
$error = TRUE;
if (!empty($error_msg)) {
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['General_upload_error'], './' . $upload_dir . '/' . $this->attach_filename);
return;
}
}
@chmod($upload_dir . '/' . $this->attach_filename, 0666);
break;
case 'move':
if (!@move_uploaded_file($file, $upload_dir . '/' . $this->attach_filename)) {
if (!@copy($file, $upload_dir . '/' . $this->attach_filename)) {
$error = TRUE;
if (!empty($error_msg)) {
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['General_upload_error'], './' . $upload_dir . '/' . $this->attach_filename);
return;
}
}
@chmod($upload_dir . '/' . $this->attach_filename, 0666);
/* if ($tmp_path != '')
{
unlink_attach($file);
}*/
break;
case 'ftp':
ftp_file($file, $this->attach_filename, $this->type);
break;
}
if (!$error && $this->thumbnail == 1) {
if ($upload_mode == 'ftp') {
$source = $file;
$dest_file = THUMB_DIR . '/t_' . $this->attach_filename;
} else {
$source = $upload_dir . '/' . $this->attach_filename;
$dest_file = amod_realpath($upload_dir);
$dest_file .= '/' . THUMB_DIR . '/t_' . $this->attach_filename;
}
if (!create_thumbnail($source, $dest_file, $this->type)) {
if (!$file || !create_thumbnail($file, $dest_file, $this->type)) {
$this->thumbnail = 0;
}
}
}
}
function move_uploaded_attachment($upload_mode, $file)
{
global $error, $error_msg, $lang, $upload_dir;
if (!is_uploaded_file($file)) {
message_die(GENERAL_ERROR, 'Unable to upload file. The given source has not been uploaded.', __LINE__, __FILE__);
}
switch ($upload_mode) {
case 'copy':
if (!@copy($file, $upload_dir . '/' . basename($this->attach_filename))) {
if (!@move_uploaded_file($file, $upload_dir . '/' . basename($this->attach_filename))) {
$error = TRUE;
if (!empty($error_msg)) {
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['General_upload_error'], './' . $upload_dir . '/' . $this->attach_filename);
return;
}
}
@chmod($upload_dir . '/' . basename($this->attach_filename), 0666);
break;
case 'move':
if (!@move_uploaded_file($file, $upload_dir . '/' . basename($this->attach_filename))) {
if (!@copy($file, $upload_dir . '/' . basename($this->attach_filename))) {
$error = TRUE;
if (!empty($error_msg)) {
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['General_upload_error'], './' . $upload_dir . '/' . $this->attach_filename);
return;
}
}
@chmod($upload_dir . '/' . $this->attach_filename, 0666);
break;
case 'ftp':
ftp_file($file, basename($this->attach_filename), $this->type);
break;
}
if (!$error && $this->thumbnail == 1) {
if ($upload_mode == 'ftp') {
$source = $file;
$dest_file = THUMB_DIR . '/t_' . basename($this->attach_filename);
} else {
$source = $upload_dir . '/' . basename($this->attach_filename);
$dest_file = amod_realpath($upload_dir);
$dest_file .= '/' . THUMB_DIR . '/t_' . basename($this->attach_filename);
}
if (!create_thumbnail($source, $dest_file, $this->type)) {
if (!$file || !create_thumbnail($file, $dest_file, $this->type)) {
$this->thumbnail = 0;
}
}
}
}
function thumbnail_exists($filename)
{
global $upload_dir, $attach_config;
if (!intval($attach_config['allow_ftp_upload'])) {
$found = file_exists(amod_realpath($upload_dir . '/' . THUMB_DIR . '/t_' . $filename));
} else {
include_once 'includes/classes/cpg_ftp.php';
$ftp = new cpg_ftp($attach_config['ftp_server'], $attach_config['ftp_user'], $attach_config['ftp_pass'], $attach_config['ftp_path'] . '/' . THUMB_DIR, $attach_config['ftp_pasv_mode']);
$found = $ftp->exists($filename);
$ftp->close();
}
return $found;
}
private function move_uploaded_attachment($file, $filename)
{
global $error, $error_msg, $lang, $upload_dir, $attach_config;
if (intval($attach_config['allow_ftp_upload'])) {
ftp_file($filename, $this->attach_filename, $this->type);
} else {
require_once 'includes/classes/cpg_file.php';
if (!CPG_File::move_upload($file, $upload_dir . '/' . $this->attach_filename)) {
$error = TRUE;
if (!empty($error_msg)) {
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['General_upload_error'], './' . $upload_dir . '/' . $this->attach_filename);
return;
}
}
if (!$error && $this->thumbnail == 1) {
if (intval($attach_config['allow_ftp_upload'])) {
$source = $file;
$dest_file = THUMB_DIR . '/t_' . $this->attach_filename;
} else {
$source = $upload_dir . '/' . $this->attach_filename;
$dest_file = amod_realpath($upload_dir);
$dest_file .= '/' . THUMB_DIR . '/t_' . $this->attach_filename;
}
if (!create_thumbnail($file, $dest_file, $this->type)) {
if (!create_thumbnail($source, $dest_file, $this->type)) {
$this->thumbnail = 0;
}
}
}
}
for ($i = 0; $i < $num_rows; $i++) {
$attach_config[$row[$i]['config_name']] = trim($row[$i]['config_value']);
}
if ($attach_config['upload_dir'][0] == '/' || $attach_config['upload_dir'][0] != '/' && $attach_config['upload_dir'][1] == ':') {
$upload_dir = $attach_config['upload_dir'];
} else {
$upload_dir = $phpbb_root_path . $attach_config['upload_dir'];
}
$upload_dir = $upload_dir . '/' . THUMB_DIR;
$error = false;
// Does the target directory exist, is it a directory and writeable. (only test if ftp upload is disabled)
if (intval($attach_config['allow_ftp_upload']) == 0 && intval($attach_config['img_create_thumbnail']) == 1) {
if (!@file_exists(@amod_realpath($upload_dir))) {
@mkdir($upload_dir, 0755);
@chmod($upload_dir, 0777);
if (!@file_exists(@amod_realpath($upload_dir))) {
$error = TRUE;
$error_msg = sprintf($lang['Directory_does_not_exist'], $upload_dir) . '<br />';
}
}
if (!$error && !is_dir($upload_dir)) {
$error = TRUE;
$error_msg = sprintf($lang['Directory_is_not_a_dir'], $upload_dir) . '<br />';
}
if (!$error) {
if (!($fp = @fopen($upload_dir . '/0_000000.000', 'w'))) {
$error = TRUE;
$error_msg = sprintf($lang['Directory_not_writeable'], $upload_dir) . '<br />';
} else {
@fclose($fp);
@unlink($upload_dir . '/0_000000.000');
$attach_config[$row[$i]['config_name']] = trim($row[$i]['config_value']);
}
if ($attach_config['upload_dir'][0] == '/' || $attach_config['upload_dir'][0] != '/' && $attach_config['upload_dir'][1] == ':') {
$upload_dir = $attach_config['upload_dir'];
} else {
$upload_dir = $attach_config['upload_dir'];
}
$upload_dir = $upload_dir . '/' . THUMB_DIR;
$error = FALSE;
//
// Does the target directory exist, is it a directory and writeable. (only test if ftp upload is disabled)
//
if (intval($attach_config['allow_ftp_upload']) == 0 && intval($attach_config['img_create_thumbnail']) == 1) {
if (!file_exists(amod_realpath($upload_dir))) {
mkdir($upload_dir, PHP_AS_NOBODY ? 0777 : 0755);
if (!file_exists(amod_realpath($upload_dir))) {
$error = TRUE;
$error_msg = sprintf($lang['Directory_does_not_exist'], $upload_dir) . '<br />';
}
}
if (!$error && !is_dir($upload_dir)) {
$error = TRUE;
$error_msg = sprintf($lang['Directory_is_not_a_dir'], $upload_dir) . '<br />';
}
if (!$error) {
if (!($fp = fopen($upload_dir . '/0_000000.000', 'w'))) {
$error = TRUE;
$error_msg = sprintf($lang['Directory_not_writeable'], $upload_dir) . '<br />';
} else {
fclose($fp);
unlink($upload_dir . '/0_000000.000');
function send_file_to_browser($attachment, $upload_dir)
{
global $HTTP_USER_AGENT, $HTTP_SERVER_VARS, $lang, $db, $attach_config;
$filename = $upload_dir == '' ? $attachment['physical_filename'] : $upload_dir . '/' . $attachment['physical_filename'];
$gotit = false;
if (!intval($attach_config['allow_ftp_upload'])) {
if (@(!file_exists(@amod_realpath($filename)))) {
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
} else {
$gotit = true;
}
}
//
// Determine the Browser the User is using, because of some nasty incompatibilities.
// Most of the methods used in this function are from phpMyAdmin. :)
//
if (!empty($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) {
$HTTP_USER_AGENT = $HTTP_SERVER_VARS['HTTP_USER_AGENT'];
} else {
if (!isset($HTTP_USER_AGENT)) {
$HTTP_USER_AGENT = '';
}
}
if (ereg('Opera(/| )([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version)) {
$browser_version = $log_version[2];
$browser_agent = 'opera';
} else {
if (ereg('MSIE ([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version)) {
$browser_version = $log_version[1];
$browser_agent = 'ie';
} else {
if (ereg('OmniWeb/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version)) {
$browser_version = $log_version[1];
$browser_agent = 'omniweb';
} else {
if (ereg('Netscape([0-9]{1})', $HTTP_USER_AGENT, $log_version)) {
$browser_version = $log_version[1];
$browser_agent = 'netscape';
} else {
if (ereg('Mozilla/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version)) {
$browser_version = $log_version[1];
$browser_agent = 'mozilla';
} else {
if (ereg('Konqueror/([0-9].[0-9]{1,2})', $HTTP_USER_AGENT, $log_version)) {
$browser_version = $log_version[1];
$browser_agent = 'konqueror';
} else {
$browser_version = 0;
$browser_agent = 'other';
}
}
}
}
}
}
// Correct the mime type - we force application/octetstream for all files, except images
// Please do not change this, it is a security precaution
if (!strstr($attachment['mimetype'], 'image')) {
$attachment['mimetype'] = $browser_agent == 'ie' || $browser_agent == 'opera' ? 'application/octetstream' : 'application/octet-stream';
}
// Now the tricky part... let's dance
// @ob_end_clean();
// @ini_set('zlib.output_compression', 'Off');
header('Pragma: public');
// header('Content-Transfer-Encoding: none');
$real_filename = html_entity_decode(basename($attachment['real_filename']));
// Send out the Headers
header('Content-Type: ' . $attachment['mimetype'] . '; name="' . $real_filename . '"');
header('Content-Disposition: attachment; filename="' . $real_filename . '"');
unset($real_filename);
//
// Now send the File Contents to the Browser
//
if ($gotit) {
$size = @filesize($filename);
if ($size) {
header("Content-length: {$size}");
}
readfile($filename);
} else {
if (!$gotit && intval($attach_config['allow_ftp_upload'])) {
$conn_id = attach_init_ftp();
$ini_val = @phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var';
$tmp_path = !@$ini_val('safe_mode') ? '/tmp' : $upload_dir;
$tmp_filename = @tempnam($tmp_path, 't0000');
@unlink($tmp_filename);
$mode = FTP_BINARY;
if (preg_match("/text/i", $attachment['mimetype']) || preg_match("/html/i", $attachment['mimetype'])) {
$mode = FTP_ASCII;
}
$result = @ftp_get($conn_id, $tmp_filename, $filename, $mode);
if (!$result) {
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
@ftp_quit($conn_id);
$size = @filesize($tmp_filename);
if ($size) {
header("Content-length: {$size}");
}
readfile($tmp_filename);
@unlink($tmp_filename);
} else {
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
}
exit;
}
function send_file_to_browser($attachment, $upload_dir)
{
global $_SERVER, $HTTP_USER_AGENT, $HTTP_SERVER_VARS, $lang, $attach_config;
$filename = $upload_dir == '' ? $attachment['physical_filename'] : $upload_dir . '/' . $attachment['physical_filename'];
$gotit = FALSE;
if (!intval($attach_config['allow_ftp_upload'])) {
if (@(!file_exists(@amod_realpath($filename)))) {
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
} else {
$gotit = TRUE;
}
}
// Correct the mime type - we force application/octetstream for all files, except images
// Please do not change this, it is a security precaution
if (!strstr($attachment['mimetype'], 'image')) {
$attachment['mimetype'] = $browser_agent == 'ie' || $browser_agent == 'opera' ? 'application/octetstream' : 'application/octet-stream';
}
//bt
require_once FT_ROOT . 'includes/functions_torrent.php';
send_torrent_with_passkey($filename);
//bt end
// Now the tricky part... let's dance
// @ob_end_clean();
// @ini_set('zlib.output_compression', 'Off');
header('Pragma: public');
// header('Content-Transfer-Encoding: none');
// Send out the Headers
header('Content-Type: ' . $attachment['mimetype'] . '; name="' . clean_filename($attachment['real_filename']) . '"');
header('Content-Disposition: inline; filename="' . clean_filename($attachment['real_filename']) . '"');
//
// Now send the File Contents to the Browser
//
if ($gotit) {
$size = @filesize($filename);
if ($size) {
header("Content-length: {$size}");
}
readfile($filename);
} else {
if (!$gotit && intval($attach_config['allow_ftp_upload'])) {
$conn_id = attach_init_ftp();
$ini_val = @phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var';
$tmp_path = !@$ini_val('safe_mode') ? '/tmp' : $upload_dir . '/tmp';
$tmp_filename = @tempnam($tmp_path, 't0000');
@unlink($tmp_filename);
$mode = FTP_BINARY;
if (preg_match("/text/i", $attachment['mimetype']) || preg_match("/html/i", $attachment['mimetype'])) {
$mode = FTP_ASCII;
}
$result = @ftp_get($conn_id, $tmp_filename, $filename, $mode);
if (!$result) {
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
@ftp_quit($conn_id);
$size = @filesize($tmp_filename);
if ($size) {
header("Content-length: {$size}");
}
readfile($tmp_filename);
@unlink($tmp_filename);
} else {
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
}
exit;
}
function create_thumbnail($source, $new_file)
{
global $attach_config;
$source = amod_realpath($source);
$min_filesize = intval($attach_config['img_min_thumb_filesize']);
$img_filesize = file_exists(amod_realpath($source)) ? filesize($source) : false;
if (!$img_filesize || $img_filesize <= $min_filesize) {
return FALSE;
}
$size = image_getdimension($source);
if ($size[0] <= 0 && $size[1] <= 0) {
return FALSE;
}
$new_size = get_img_size_format($size[0], $size[1]);
$tmp_path = '';
$old_file = '';
if (intval($attach_config['allow_ftp_upload'])) {
$old_file = $new_file;
$tmp_path = explode('/', $source);
$tmp_path[count($tmp_path) - 1] = '';
$tmp_path = implode('/', $tmp_path);
if ($tmp_path == '') {
$tmp_path = '/tmp';
}
$value = trim($tmp_path);
if ($value[strlen($value) - 1] == '/') {
$value[strlen($value) - 1] = ' ';
}
$new_file = trim($value) . '/t00000';
}
global $MAIN_CFG;
if (!isset($MAIN_CFG['imaging']['type'])) {
//$attach_config['use_gd2']
$MAIN_CFG['imaging']['type'] = empty($attach_config['img_imagick']) ? 'gd2' : 'im';
$MAIN_CFG['imaging']['impath'] = $attach_config['img_imagick'];
$MAIN_CFG['imaging']['pbmpath'] = $attach_config['img_imagick'];
}
require_once 'includes/imaging/imaging.inc';
Graphic::resize($source, $new_size, $new_file, $size);
if (!file_exists(amod_realpath($new_file))) {
return FALSE;
}
if (intval($attach_config['allow_ftp_upload'])) {
$result = ftp_file($new_file, $old_file, $this->type, TRUE);
// True for disable error-mode
if (!$result) {
return FALSE;
}
} else {
chmod($new_file, PHP_AS_NOBODY ? 0666 : 0644);
}
return TRUE;
}
/**
* Create thumbnail
*/
function create_thumbnail($source, $new_file, $mimetype)
{
global $attach_config, $imagick;
$source = amod_realpath($source);
$min_filesize = (int) $attach_config['img_min_thumb_filesize'];
$img_filesize = @file_exists($source) ? @filesize($source) : false;
if (!$img_filesize || $img_filesize <= $min_filesize) {
return false;
}
list($width, $height, $type, ) = getimagesize($source);
if (!$width || !$height) {
return false;
}
list($new_width, $new_height) = get_img_size_format($width, $height);
$tmp_path = $old_file = '';
if (intval($attach_config['allow_ftp_upload'])) {
$old_file = $new_file;
$tmp_path = explode('/', $source);
$tmp_path[count($tmp_path) - 1] = '';
$tmp_path = implode('/', $tmp_path);
if ($tmp_path == '') {
$tmp_path = '/tmp';
}
$value = trim($tmp_path);
if ($value[strlen($value) - 1] == '/') {
$value[strlen($value) - 1] = ' ';
}
//
$new_file = tempnam(trim($value), 't00000');
// We remove it now because it gets created again later
@unlink($new_file);
}
$used_imagick = false;
if (is_imagick()) {
passthru($imagick . ' -quality 85 -antialias -sample ' . $new_width . 'x' . $new_height . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $new_file) . '"');
if (@file_exists($new_file)) {
$used_imagick = true;
}
}
if (!$used_imagick) {
$type = get_supported_image_types($type);
if ($type['gd']) {
switch ($type['format']) {
case IMG_GIF:
$image = imagecreatefromgif($source);
break;
case IMG_JPG:
$image = imagecreatefromjpeg($source);
break;
case IMG_PNG:
$image = imagecreatefrompng($source);
break;
case IMG_WBMP:
$image = imagecreatefromwbmp($source);
break;
}
if ($type['version'] == 1 || !$attach_config['use_gd2']) {
$new_image = imagecreate($new_width, $new_height);
imagecopyresized($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
} else {
$new_image = imagecreatetruecolor($new_width, $new_height);
imagecopyresampled($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
}
switch ($type['format']) {
case IMG_GIF:
imagegif($new_image, $new_file);
break;
case IMG_JPG:
imagejpeg($new_image, $new_file, 90);
break;
case IMG_PNG:
imagepng($new_image, $new_file);
break;
case IMG_WBMP:
imagewbmp($new_image, $new_file);
break;
}
imagedestroy($new_image);
}
}
if (!@file_exists($new_file)) {
return false;
}
if (intval($attach_config['allow_ftp_upload'])) {
$result = ftp_file($new_file, $old_file, $mimetype, true);
// True for disable error-mode
@unlink($new_file);
if (!$result) {
return false;
}
} else {
@chmod($new_file, 0664);
}
return true;
}
function init_display_template($template_var, $replacement, $filename = 'forums/viewtopic_attach_body.html')
{
global $template;
//
// Handle Attachment Informations
//
if (!isset($template->uncompiled_code[$template_var])) {
// If we don't have a file assigned to this handle, die.
if (!isset($template->files[$template_var])) {
die("Template->loadfile(): No file specified for attachment handle {$template_var}");
}
$filename_2 = $template->files[$template_var];
// die("Filename: $filename_2");
$str = implode("", file($filename_2));
if (empty($str)) {
die("Template->loadfile(): File {$filename_2} for attachment handle {$template_var} is empty");
}
$template->uncompiled_code[$template_var] = $str;
}
$complete_filename = $filename;
if (substr($complete_filename, 0, 1) != '/') {
$complete_filename = $template->root . '/' . $complete_filename;
}
if (!file_exists(amod_realpath($complete_filename))) {
die("Template->make_filename(): Error - file {$complete_filename} does not exist for displaying");
}
$content = implode('', file($complete_filename));
if (empty($content)) {
die('Template->loadfile(): File ' . $complete_filename . ' is empty');
}
// replace $replacement with uncompiled code in $filename
$template->uncompiled_code[$template_var] = str_replace($replacement, $content, $template->uncompiled_code[$template_var]);
//
// Force Reload on cached version
//
display_compile_cache_clear($template->files[$template_var], $template_var);
}
/**
* Check if Thumbnail exist
*/
function thumbnail_exists($filename)
{
global $upload_dir, $attach_config;
$filename = basename($filename);
if (!@file_exists(@amod_realpath($upload_dir . '/' . THUMB_DIR . '/t_' . $filename))) {
return false;
} else {
return true;
}
}
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
}
$user_id = $user_id == '-1' ? ANONYMOUS : intval($user_id);
$profiledata = get_userdata($user_id);
if ($user_id == ANONYMOUS) {
$profiledata['user_id'] = ANONYMOUS;
$profiledata['username'] = $lang['Guest'];
} else {
$profiledata['user_id'] = intval($profiledata['user_id']);
}
if ($profiledata['user_id'] != $userdata['user_id'] && $userdata['user_level'] != ADMIN) {
message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
}
$page_title = $lang['User_acp_title'];
$language = $board_config['default_lang'];
if (!@file_exists(@amod_realpath($phpbb_root_path . 'language/lang_' . $language . '/lang_admin_attach.' . $phpEx))) {
$language = $attach_config['board_lang'];
}
include $phpbb_root_path . 'language/lang_' . $language . '/lang_admin_attach.' . $phpEx;
$start = isset($HTTP_GET_VARS['start']) ? $HTTP_GET_VARS['start'] : 0;
if (isset($HTTP_POST_VARS['order'])) {
$sort_order = $HTTP_POST_VARS['order'] == 'ASC' ? 'ASC' : 'DESC';
} else {
if (isset($HTTP_GET_VARS['order'])) {
$sort_order = $HTTP_GET_VARS['order'] == 'ASC' ? 'ASC' : 'DESC';
} else {
$sort_order = '';
}
}
if (isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode'])) {
$mode = isset($HTTP_POST_VARS['mode']) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
/**
* Sync Thumbnail (if a thumbnail is no longer there, delete it)
*/
function check_thumbnail($attachment_data, $upload_dir)
{
global $config, $user, $lang;
if (!thumbnail_exists(basename($attachment_data['physical_filename']))) {
if (!intval($config['allow_ftp_upload'])) {
$source_file = $upload_dir . '/' . basename($attachment_data['physical_filename']);
$dest_file = @amod_realpath($upload_dir);
$dest_file .= '/' . THUMB_DIR . '/t_' . basename($attachment_data['physical_filename']);
} else {
$source_file = $attachment_data['physical_filename'];
$dest_file = THUMB_DIR . '/t_' . basename($attachment_data['physical_filename']);
}
if (create_thumbnail($source_file, $dest_file, $attachment_data['mimetype'])) {
return 1;
}
}
return 0;
}
function move_uploaded_attachment($upload_mode, $file)
{
global $error, $error_msg, $lang, $upload_dir;
if (!is_uploaded_file($file)) {
bb_die('Unable to upload file. The given source has not been uploaded');
}
switch ($upload_mode) {
case 'copy':
if (!@copy($file, $upload_dir . '/' . basename($this->attach_filename))) {
if (!@move_uploaded_file($file, $upload_dir . '/' . basename($this->attach_filename))) {
$error = TRUE;
if (!empty($error_msg)) {
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['GENERAL_UPLOAD_ERROR'], './' . $upload_dir . '/' . $this->attach_filename);
return;
}
}
@chmod($upload_dir . '/' . basename($this->attach_filename), 0666);
break;
case 'move':
if (!@move_uploaded_file($file, $upload_dir . '/' . basename($this->attach_filename))) {
if (!@copy($file, $upload_dir . '/' . basename($this->attach_filename))) {
$error = TRUE;
if (!empty($error_msg)) {
$error_msg .= '<br />';
}
$error_msg .= sprintf($lang['GENERAL_UPLOAD_ERROR'], './' . $upload_dir . '/' . $this->attach_filename);
return;
}
}
@chmod($upload_dir . '/' . $this->attach_filename, 0666);
break;
}
if (!$error && $this->thumbnail == 1) {
$source = $upload_dir . '/' . basename($this->attach_filename);
$dest_file = amod_realpath($upload_dir);
$dest_file .= '/' . THUMB_DIR . '/t_' . basename($this->attach_filename);
if (!create_thumbnail($source, $dest_file, $this->type)) {
if (!$file || !create_thumbnail($file, $dest_file, $this->type)) {
$this->thumbnail = 0;
}
}
}
}
// Go through all of them and make sure the Thumbnail exist. If it does not exist, unset the Thumbnail Flag
//$sql = "SELECT attach_id, physical_filename, thumbnail, mimetype FROM " . ATTACHMENTS_DESC_TABLE . " WHERE thumbnail = 1";
$sql = "SELECT attach_id, physical_filename, thumbnail, extension, mimetype FROM " . ATTACHMENTS_DESC_TABLE . " WHERE extension IN('png', 'jpg', 'jpeg')";
$result = $db->sql_query($sql);
echo '<br />';
$i = 0;
while ($row = $db->sql_fetchrow($result)) {
@flush();
echo '.';
if ($i % 50 == 0) {
echo '<br />';
}
if (!thumbnail_exists(basename($row['physical_filename']))) {
if (!intval($config['allow_ftp_upload'])) {
$source = $upload_dir . '/' . basename($row['physical_filename']);
$dest_file = @amod_realpath($upload_dir);
$dest_file .= '/' . THUMB_DIR . '/t_' . basename($row['physical_filename']);
} else {
$source = $row['physical_filename'];
$dest_file = THUMB_DIR . '/t_' . basename($row['physical_filename']);
}
if (!create_thumbnail($source, $dest_file, $row['mimetype'])) {
$info .= sprintf($lang['Sync_thumbnail_resetted'], $row['physical_filename']) . '<br />';
$sql = "UPDATE " . ATTACHMENTS_DESC_TABLE . " SET thumbnail = 0 WHERE attach_id = " . (int) $row['attach_id'];
$db->sql_query($sql);
} else {
$info .= sprintf($lang['Sync_thumbnail_recreated'], $row['physical_filename']) . '<br />';
$sql = "UPDATE " . ATTACHMENTS_DESC_TABLE . " SET thumbnail = 1 WHERE attach_id = " . (int) $row['attach_id'];
$db->sql_query($sql);
}
}
/**
* Create thumbnail
*/
function create_thumbnail($source, $new_file, $mimetype)
{
global $attach_config, $imagick;
$source = amod_realpath($source);
$min_filesize = (int) $attach_config['img_min_thumb_filesize'];
$img_filesize = @file_exists($source) ? @filesize($source) : false;
if (!$img_filesize || $img_filesize <= $min_filesize) {
return false;
}
list($width, $height, $type, ) = getimagesize($source);
if (!$width || !$height) {
return false;
}
list($new_width, $new_height) = get_img_size_format($width, $height);
$tmp_path = $old_file = '';
$used_imagick = false;
if (is_imagick()) {
passthru($imagick . ' -quality 85 -antialias -sample ' . $new_width . 'x' . $new_height . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $new_file) . '"');
if (@file_exists($new_file)) {
$used_imagick = true;
}
}
if (!$used_imagick) {
$type = get_supported_image_types($type);
if ($type['gd']) {
switch ($type['format']) {
case IMG_GIF:
$image = imagecreatefromgif($source);
break;
case IMG_JPG:
$image = imagecreatefromjpeg($source);
break;
case IMG_PNG:
$image = imagecreatefrompng($source);
break;
case IMG_WBMP:
$image = imagecreatefromwbmp($source);
break;
}
if ($type['version'] == 1 || !$attach_config['use_gd2']) {
$new_image = imagecreate($new_width, $new_height);
imagecopyresized($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
} else {
$new_image = imagecreatetruecolor($new_width, $new_height);
imagecopyresampled($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
}
switch ($type['format']) {
case IMG_GIF:
imagegif($new_image, $new_file);
break;
case IMG_JPG:
imagejpeg($new_image, $new_file, 90);
break;
case IMG_PNG:
imagepng($new_image, $new_file);
break;
case IMG_WBMP:
imagewbmp($new_image, $new_file);
break;
}
imagedestroy($new_image);
}
}
if (!@file_exists($new_file)) {
return false;
}
@chmod($new_file, 0664);
return true;
}
function create_thumbnail($source, $new_file, $mimetype)
{
global $attach_config, $imagick;
$source = amod_realpath($source);
$min_filesize = intval($attach_config['img_min_thumb_filesize']);
$img_filesize = @file_exists(@amod_realpath($source)) ? filesize($source) : false;
if (!$img_filesize || $img_filesize <= $min_filesize) {
return FALSE;
}
$size = image_getdimension($source);
if ($size[0] == 0 && $size[1] == 0) {
return FALSE;
}
$new_size = get_img_size_format($size[0], $size[1]);
$tmp_path = '';
$old_file = '';
if (intval($attach_config['allow_ftp_upload'])) {
$old_file = $new_file;
$tmp_path = explode('/', $source);
$tmp_path[count($tmp_path) - 1] = '';
$tmp_path = implode('/', $tmp_path);
if ($tmp_path == '') {
$tmp_path = '/tmp';
}
$value = trim($tmp_path);
if ($value[strlen($value) - 1] == '/') {
$value[strlen($value) - 1] = ' ';
}
$new_file = trim($value) . '/t00000';
}
$used_imagick = FALSE;
if (is_imagick()) {
if (is_array($size) && count($size) > 0) {
passthru($imagick . ' -quality 85 -antialias -sample ' . $new_size[0] . 'x' . $new_size[1] . ' "' . str_replace('\\', '/', $source) . '" +profile "*" "' . str_replace('\\', '/', $new_file) . '"');
if (@file_exists(@amod_realpath($new_file))) {
$used_imagick = TRUE;
}
}
}
if (!$used_imagick) {
$type = $size[2];
$supported_types = get_supported_image_types();
if (in_array($type, $supported_types)) {
switch ($type) {
case '1':
$im = imagecreatefromgif($source);
$new_im = imagecreate($new_size[0], $new_size[1]);
imagecopyresized($new_im, $im, 0, 0, 0, 0, $new_size[0], $new_size[1], $size[0], $size[1]);
imagegif($new_im, $new_file);
break;
case '2':
$im = imagecreatefromjpeg($source);
$new_im = intval($attach_config['use_gd2']) ? @imagecreatetruecolor($new_size[0], $new_size[1]) : imagecreate($new_size[0], $new_size[1]);
imagecopyresized($new_im, $im, 0, 0, 0, 0, $new_size[0], $new_size[1], $size[0], $size[1]);
imagejpeg($new_im, $new_file, 90);
break;
case '3':
$im = imagecreatefrompng($source);
$new_im = intval($attach_config['use_gd2']) ? @imagecreatetruecolor($new_size[0], $new_size[1]) : imagecreate($new_size[0], $new_size[1]);
imagecopyresized($new_im, $im, 0, 0, 0, 0, $new_size[0], $new_size[1], $size[0], $size[1]);
imagepng($new_im, $new_file);
break;
}
}
}
if (!@file_exists(@amod_realpath($new_file))) {
return FALSE;
}
if (intval($attach_config['allow_ftp_upload'])) {
$result = ftp_file($new_file, $old_file, $this->type, TRUE);
// True for disable error-mode
if (!$result) {
return FALSE;
}
} else {
@chmod($new_file, 0664);
}
return TRUE;
}
function send_file_to_browser($attachment, $upload_dir)
{
global $_SERVER, $lang, $db, $attach_config, $board_config;
$filename = $upload_dir == '' ? $attachment['physical_filename'] : $upload_dir . '/' . $attachment['physical_filename'];
$gotit = FALSE;
if (!intval($attach_config['allow_ftp_upload'])) {
if (!file_exists(amod_realpath($filename))) {
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
} else {
$gotit = TRUE;
}
}
//
// Determine the Browser the User is using, because of some nasty incompatibilities.
// Most of the methods used in this function are from phpMyAdmin. :)
//
$HTTP_USER_AGENT = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (preg_match('#Opera(/| )([0-9].[0-9]{1,2})#', $HTTP_USER_AGENT)) {
$browser_agent = 'opera';
} else {
if (preg_match('#MSIE ([0-9].[0-9]{1,2})#', $HTTP_USER_AGENT)) {
$browser_agent = 'ie';
} else {
if (preg_match('#OmniWeb/([0-9].[0-9]{1,2})#', $HTTP_USER_AGENT)) {
$browser_agent = 'omniweb';
} else {
if (preg_match('#Netscape([0-9]{1})#', $HTTP_USER_AGENT)) {
$browser_agent = 'netscape';
} else {
if (preg_match('#Mozilla/([0-9].[0-9]{1,2})#', $HTTP_USER_AGENT)) {
$browser_agent = 'mozilla';
} else {
if (preg_match('#Konqueror/([0-9].[0-9]{1,2})#', $HTTP_USER_AGENT)) {
$browser_agent = 'konqueror';
} else {
$browser_agent = 'other';
}
}
}
}
}
}
if (GZIPSUPPORT) {
while (ob_end_clean()) {
}
header('Content-Encoding: none');
}
// Now the tricky part... let's dance
/*
header('Pragma: public');
header('Content-Transfer-Encoding: none');
header("Expires: 0"); // set expiration time
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
*/
//
// Now send the File Contents to the Browser
//
if ($gotit) {
$size = filesize($filename);
if ($attachment['mimetype'] == 'application/x-zip-compressed') {
if (intval($attach_config['allow_ftp_upload'])) {
if (trim($attach_config['download_path']) == '') {
message_die(GENERAL_ERROR, 'Physical Download not possible with the current Attachment Setting');
}
$url = trim($attach_config['download_path']) . '/' . $attachment['physical_filename'];
$redirect_path = $url;
} else {
$redirect_path = '/' . $upload_dir . '/' . $attachment['physical_filename'];
}
URL::redirect($redirect_path);
} else {
// Correct the mime type - we force application/octetstream for all files, except images
// Please do not change this, it is a security precaution
if (false === stripos($attachment['mimetype'], 'image')) {
$attachment['mimetype'] = $browser_agent == 'ie' || $browser_agent == 'opera' ? 'application/octetstream' : 'application/octet-stream';
}
if (!($fp = fopen($filename, 'rb'))) {
cpg_error('Could not open file for sending');
}
// Send out the Headers
header('Content-Type: ' . $attachment['mimetype'] . '; name="' . $attachment['real_filename'] . '"');
header('Content-Disposition: inline; filename="' . $attachment['real_filename'] . '"');
print fread($fp, $size);
fclose($fp);
}
} else {
if (!$gotit && intval($attach_config['allow_ftp_upload'])) {
$tmp_path = !ini_get('safe_mode') ? '/tmp' : $upload_dir . '/tmp';
$tmp_filename = tempnam($tmp_path, 't0000');
unlink($tmp_filename);
include_once 'includes/classes/cpg_ftp.php';
$ftp = new cpg_ftp($attach_config['ftp_server'], $attach_config['ftp_user'], $attach_config['ftp_pass'], $attach_config['ftp_path'], $attach_config['ftp_pasv_mode']);
$mode = FTP_BINARY;
if (preg_match("/text/i", $attachment['mimetype']) || preg_match("/html/i", $attachment['mimetype'])) {
$mode = FTP_ASCII;
}
$result = ftp_get($ftp->connect_id, $tmp_filename, $filename, $mode);
$ftp->close();
if (!$result) {
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
$size = filesize($tmp_filename);
if ($size) {
header("Content-length: {$size}");
}
if ($attachment['mimetype'] == 'application/x-zip-compressed') {
if (intval($attach_config['allow_ftp_upload'])) {
if (trim($attach_config['download_path']) == '') {
message_die(GENERAL_ERROR, 'Physical Download not possible with the current Attachment Setting');
}
$url = trim($attach_config['download_path']) . '/' . $attachment['physical_filename'];
$redirect_path = $url;
} else {
$redirect_path = $upload_dir . '/' . $attachment['physical_filename'];
}
URL::redirect($redirect_path);
} else {
// Correct the mime type - we force application/octetstream for all files, except images
// Please do not change this, it is a security precaution
if (!strstr($attachment['mimetype'], 'image')) {
$attachment['mimetype'] = $browser_agent == 'ie' || $browser_agent == 'opera' ? 'application/octetstream' : 'application/octet-stream';
}
// Send out the Headers
header('Content-Type: ' . $attachment['mimetype'] . '; name="' . $attachment['real_filename'] . '"');
header('Content-Disposition: inline; filename="' . $attachment['real_filename'] . '"');
print readfile($filename);
unlink($tmp_filename);
}
} else {
message_die(GENERAL_ERROR, $lang['Error_no_attachment'] . "<br /><br /><b>404 File Not Found:</b> The File <i>" . $filename . "</i> does not exist.");
}
}
exit;
}