示例#1
0
function display_attachments($forum_id, $attachment_data, &$update_count, $force_physical = false, $parse = false)
{
    global $config, $_CLASS;
    $datas = array();
    $extensions = obtain_attach_extensions();
    if (!is_array($update_count)) {
        $update_count = array();
    }
    foreach ($attachment_data as $attachment) {
        $attachment['extension'] = strtolower(trim($attachment['extension']));
        if (!extension_allowed($forum_id, $attachment['extension'], $extensions)) {
            $data['category'] = 'DENIED';
            $data['lang'] = sprintf($_CLASS['core_user']->get_lang('EXTENSION_DISABLED_AFTER_POSTING'), $attachment['extension']);
        } else {
            $filename = $config['upload_path'] . '/' . basename($attachment['physical_filename']);
            // to easy isn't it ?
            $thumbnail_filename = $config['upload_path'] . '/thumb_' . basename($attachment['physical_filename']);
            $display_cat = $extensions[$attachment['extension']]['display_cat'];
            if ($display_cat == ATTACHMENT_CATEGORY_IMAGE) {
                if ($attachment['thumbnail']) {
                    $display_cat = ATTACHMENT_CATEGORY_THUMB;
                } else {
                    if ($config['img_display_inlined']) {
                        if ($config['img_link_width'] || $config['img_link_height']) {
                            list($width, $height) = getimagesize($filename);
                            $display_cat = !$width && !$height ? ATTACHMENT_CATEGORY_IMAGE : ($width <= $config['img_link_width'] && $height <= $config['img_link_height'] ? ATTACHMENT_CATEGORY_IMAGE : ATTACHMENT_CATEGORY_NONE);
                        }
                    } else {
                        $display_cat = ATTACHMENT_CATEGORY_NONE;
                    }
                }
            }
            switch ($display_cat) {
                // Images
                case ATTACHMENT_CATEGORY_IMAGE:
                    $data['category'] = 'IMAGE';
                    $data['image_src'] = $filename;
                    //$attachment['download_count']++;
                    $update_count[] = $attachment['attach_id'];
                    break;
                    // Images, but display Thumbnail
                // Images, but display Thumbnail
                case ATTACHMENT_CATEGORY_THUMB:
                    $data['category'] = 'THUMBNAIL';
                    $data['image_src'] = $thumbnail_filename;
                    $data['link'] = !$force_physical ? generate_link('Forums&amp;file=download&amp;id=' . $attachment['attach_id']) : $filename;
                    break;
                    // Windows Media Streams
                // Windows Media Streams
                case ATTACHMENT_CATEGORY_WM:
                    $data['category'] = 'WM_STREAM';
                    $data['link'] = $filename;
                    // Viewed/Heared File ... update the download count (download.php is not called here)
                    //$attachment['download_count']++;
                    $update_count[] = $attachment['attach_id'];
                    break;
                    // Real Media Streams
                // Real Media Streams
                case ATTACHMENT_CATEGORY_RM:
                    $data['category'] = 'RM_STREAM';
                    $data['link'] = $filename;
                    // Viewed/Heared File ... update the download count (download.php is not called here)
                    //$attachment['download_count']++;
                    $update_count[] = $attachment['attach_id'];
                    break;
                default:
                    $data['category'] = 'FILE';
                    $data['link'] = !$force_physical ? generate_link('Forums&amp;file=download&amp;id=' . $attachment['attach_id']) : $filename;
                    break;
            }
            $data['lang_size'] = $attachment['filesize'] >= 1048576 ? round(round($attachment['filesize'] / 1048576 * 100) / 100, 2) . $_CLASS['core_user']->lang['MB'] : ($attachment['filesize'] >= 1024 ? round(round($attachment['filesize'] / 1024 * 100) / 100, 2) . $_CLASS['core_user']->lang['KB'] : $attachment['filesize'] . $_CLASS['core_user']->lang['BYTES']);
            $data['lang_views'] = !$attachment['download_count'] ? $_CLASS['core_user']->lang['DOWNLOAD_NONE'] : ($attachment['download_count'] == 1 ? sprintf($_CLASS['core_user']->lang['DOWNLOAD_COUNT'], $attachment['download_count']) : sprintf($_CLASS['core_user']->lang['DOWNLOAD_COUNTS'], $attachment['download_count']));
            $data['icon'] = isset($extensions[$attachment['extension']]['upload_icon']) && $extensions[$attachment['extension']]['upload_icon'] ? $config['upload_icons_path'] . '/' . trim($extensions[$attachment['extension']]['upload_icon']) : false;
            $data['name'] = basename($attachment['real_filename']);
            $data['comment'] = str_replace("\n", '<br />', censor_text($attachment['comment']));
        }
        if ($parse) {
            $_CLASS['core_template']->assign_vars_array('attachments', $data);
            $datas[] = $_CLASS['core_template']->display('modules/Forums/attachments.html', true);
        } else {
            $datas[] = $data;
        }
    }
    return $datas;
}
示例#2
0
function upload_attachment($form_name, $forum_id, $local = false, $local_storage = '', $is_message = false)
{
    global $_CLASS, $config;
    $filedata = array();
    $filedata['error'] = array();
    include_once SITE_FILE_ROOT . 'includes/forums/functions_upload.php';
    $upload = new fileupload();
    if (!$local) {
        $filedata['post_attach'] = $upload->is_valid($form_name) ? true : false;
    } else {
        $filedata['post_attach'] = true;
    }
    if (!$filedata['post_attach']) {
        $filedata['error'][] = 'No filedata found';
        return $filedata;
    }
    $extensions = obtain_attach_extensions($forum_id);
    if (!empty($extensions['_allowed_'])) {
        $upload->set_allowed_extensions(array_keys($extensions['_allowed_']));
    }
    if ($local) {
        $file = $upload->local_upload($local_storage);
    } else {
        $file = $upload->form_upload($form_name);
    }
    if ($file->init_error) {
        $filedata['post_attach'] = false;
        return $filedata;
    }
    $cat_id = isset($extensions[$file->get('extension')]['display_cat']) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE;
    // Do we have to create a thumbnail?
    $filedata['thumbnail'] = $cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail'] ? 1 : 0;
    // Check Image Size, if it is an image
    if (!$_CLASS['auth']->acl_gets('m_', 'a_') && $cat_id == ATTACHMENT_CATEGORY_IMAGE) {
        $file->upload->set_allowed_dimensions(0, 0, $config['img_max_width'], $config['img_max_height']);
    }
    if (!$_CLASS['auth']->acl_gets('a_', 'm_')) {
        $allowed_filesize = $extensions[$file->get('extension')]['max_filesize'] != 0 ? $extensions[$file->get('extension')]['max_filesize'] : ($is_message ? $config['max_filesize_pm'] : $config['max_filesize']);
        $file->upload->set_max_filesize($allowed_filesize);
    }
    $file->clean_filename('unique', $_CLASS['core_user']->data['user_id'] . '_');
    $file->move_file($config['upload_path']);
    if (!empty($file->error)) {
        $file->remove();
        $filedata['error'] = array_merge($filedata['error'], $file->error);
        $filedata['post_attach'] = false;
        return $filedata;
    }
    $filedata['filesize'] = $file->get('filesize');
    $filedata['mimetype'] = $file->get('mimetype');
    $filedata['extension'] = $file->get('extension');
    $filedata['physical_filename'] = $file->get('realname');
    $filedata['real_filename'] = $file->get('uploadname');
    $filedata['filetime'] = time();
    // Check our complete quota
    if ($config['attachment_quota']) {
        if ($config['upload_dir_size'] + $file->get('filesize') > $config['attachment_quota']) {
            $filedata['error'][] = $_CLASS['core_user']->lang['ATTACH_QUOTA_REACHED'];
            $filedata['post_attach'] = false;
            $file->remove();
            return $filedata;
        }
    }
    // Check free disk space
    if ($free_space = @disk_free_space($config['upload_path'])) {
        if ($free_space <= $file->get('filesize')) {
            $filedata['error'][] = $_CLASS['core_user']->lang['ATTACH_QUOTA_REACHED'];
            $filedata['post_attach'] = false;
            $file->remove();
            return $filedata;
        }
    }
    // Create Thumbnail
    if ($filedata['thumbnail']) {
        $source = $file->get('destination_file');
        $destination = $file->get('destination_path') . '/thumb_' . $file->get('realname');
        if (!create_thumbnail($source, $destination, $file->get('mimetype'))) {
            $filedata['thumbnail'] = 0;
        }
    }
    return $filedata;
}
示例#3
0
if ($hilit_words) {
    foreach (explode(' ', trim($hilit_words)) as $word) {
        if (trim($word)) {
            $highlight_match .= ($highlight_match != '' ? '|' : '') . str_replace('\\*', '\\w*?', preg_quote(urlencode($word), '#'));
        }
    }
    $highlight = urlencode($hilit_words);
}
// General Viewtopic URL for return links
$viewtopic_url = "Forums&amp;file=viewtopic&amp;t={$topic_id}&amp;start={$start}&amp;{$u_sort_param}" . ($highlight_match ? "&amp;hilit={$highlight}" : '');
// Grab ranks
$ranks = obtain_ranks();
// Grab icons
$icons = obtain_icons();
// Grab extensions if needed
$extensions = $topic_data['topic_attachment'] ? obtain_attach_extensions() : array();
// Moderators
$forum_moderators = get_moderators($forum_id);
// Generate Navigation links
generate_forum_nav($topic_data);
// Generate Forum Rules
generate_forum_rules($topic_data);
gen_forum_auth_level('topic', $forum_id);
// Does this topic contain a poll?
if (!empty($poll_start)) {
    $sql = 'SELECT o.*, p.bbcode_bitfield, p.bbcode_uid
		FROM ' . FORUMS_POLL_OPTIONS_TABLE . ' o, ' . FORUMS_POSTS_TABLE . " p\n\t\tWHERE o.topic_id = {$topic_id} \n\t\t\tAND p.post_id = {$topic_first_post_id}\n\t\t\tAND p.topic_id = o.topic_id\n\t\tORDER BY o.poll_option_id";
    $result = $_CLASS['core_db']->query($sql);
    $poll_info = array();
    while ($row = $_CLASS['core_db']->fetch_row_assoc($result)) {
        $poll_info[] = $row;
示例#4
0
function extension_allowed($forum_id, $extension, &$extensions)
{
    if (empty($extensions) || !is_array($extensions)) {
        $extensions = obtain_attach_extensions();
    }
    if (!isset($extensions['_allowed_'][$extension])) {
        return false;
    }
    $check = $extensions['_allowed_'][$extension];
    if (is_array($check)) {
        // Check for private messaging
        if (count($check) == 1 && $check[0] == 0) {
            return true;
        }
        return in_array($forum_id, $check);
    } else {
        return true;
    }
    return false;
}
示例#5
0
        if ($_CLASS['auth']->acl_get('u_download') && $_CLASS['auth']->acl_get('f_download', $row['forum_id'])) {
            if ($row['forum_password']) {
                // Do something else ... ?
                login_forum_box($row);
            }
        } else {
            trigger_error('SORRY_AUTH_VIEW_ATTACH');
        }
    } else {
        $row['forum_id'] = 0;
        if (!$_CLASS['auth']->acl_get('u_pm_download') || !$config['auth_download_pm']) {
            trigger_error('SORRY_AUTH_VIEW_ATTACH');
        }
    }
    // disallowed ?
    $extensions = obtain_attach_extensions();
    if (!extension_allowed($row['forum_id'], $attachment['extension'], $extensions)) {
        trigger_error(sprintf($_CLASS['core_user']->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));
    }
}
if (!download_allowed()) {
    trigger_error('LINKAGE_FORBIDDEN');
}
$download_mode = (int) $extensions[$attachment['extension']]['download_mode'];
// Fetching filename here to prevent sniffing of filename
$sql = 'SELECT attach_id, is_orphan, in_message, post_msg_id, extension, physical_filename, real_filename, mimetype
	FROM ' . FORUMS_ATTACHMENTS_TABLE . "\n\tWHERE attach_id = {$download_id}";
$result = $_CLASS['core_db']->query_limit($sql, 1);
$attachment = $_CLASS['core_db']->fetch_row_assoc($result);
$_CLASS['core_db']->free_result($result);
if (!$attachment) {