Merge pull request #5221 from rubencm/ticket/15663

[ticket/15663] Remove flash support in attachments

phpBB/download/file.php

@@ -261,11 +261,6 @@ else
 		$display_cat = ATTACHMENT_CATEGORY_NONE;
 	}
 
-	if ($display_cat == ATTACHMENT_CATEGORY_FLASH && !$user->optionget('viewflash'))
-	{
-		$display_cat = ATTACHMENT_CATEGORY_NONE;
-	}
-
 	if ($thumbnail)
 	{
 		$attachment['physical_filename'] = 'thumb_' . $attachment['physical_filename'];

phpBB/includes/acp/acp_attachments.php

@@ -630,7 +630,6 @@ class acp_attachments
 				$cat_lang = array(
 					ATTACHMENT_CATEGORY_NONE		=> $user->lang['NO_FILE_CAT'],
 					ATTACHMENT_CATEGORY_IMAGE		=> $user->lang['CAT_IMAGES'],
-					ATTACHMENT_CATEGORY_FLASH		=> $user->lang['CAT_FLASH_FILES'],
 				);
 
 				$group_id = $request->variable('g', 0);
@@ -1409,7 +1408,6 @@ class acp_attachments
 		$types = array(
 			ATTACHMENT_CATEGORY_NONE		=> $user->lang['NO_FILE_CAT'],
 			ATTACHMENT_CATEGORY_IMAGE		=> $user->lang['CAT_IMAGES'],
-			ATTACHMENT_CATEGORY_FLASH		=> $user->lang['CAT_FLASH_FILES'],
 		);
 
 		if ($group_id)

phpBB/includes/compatibility_globals.php

@@ -24,6 +24,7 @@ if (!defined('IN_PHPBB'))
 define('ATTACHMENT_CATEGORY_WM', 2); // Windows Media Files - Streaming - @deprecated 3.2
 define('ATTACHMENT_CATEGORY_RM', 3); // Real Media Files - Streaming - @deprecated 3.2
 define('ATTACHMENT_CATEGORY_QUICKTIME', 6); // Quicktime/Mov files - @deprecated 3.2
+define('ATTACHMENT_CATEGORY_FLASH', 5); // Flash/SWF files - @deprecated 3.3
 
 /**
  * Sets compatibility globals in the global scope

phpBB/includes/constants.php

@@ -167,7 +167,6 @@ define('CONFIRM_REPORT', 4);
 define('ATTACHMENT_CATEGORY_NONE', 0);
 define('ATTACHMENT_CATEGORY_IMAGE', 1); // Inline Images
 define('ATTACHMENT_CATEGORY_THUMB', 4); // Not used within the database, only while displaying posts
-define('ATTACHMENT_CATEGORY_FLASH', 5); // Flash/SWF files
 
 // BBCode UID length
 define('BBCODE_UID_LEN', 8);

phpBB/includes/functions_content.php

@@ -1247,11 +1247,6 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count_a
 				$display_cat = ATTACHMENT_CATEGORY_NONE;
 			}
 
-			if ($display_cat == ATTACHMENT_CATEGORY_FLASH && !$user->optionget('viewflash'))
-			{
-				$display_cat = ATTACHMENT_CATEGORY_NONE;
-			}
-
 			$download_link = append_sid("{$phpbb_root_path}download/file.$phpEx", 'id=' . $attachment['attach_id']);
 			$l_downloaded_viewed = 'VIEWED_COUNTS';
 
@@ -1283,32 +1278,6 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count_a
 					$update_count_ary[] = $attachment['attach_id'];
 				break;
 
-				// Macromedia Flash Files
-				case ATTACHMENT_CATEGORY_FLASH:
-					try
-					{
-						$file_info = $storage_attachment->file_info($filename);
-
-						$width = $file_info->image_width;
-						$height = $file_info->image_height;
-					}
-					catch (\Exception $e)
-					{
-						$width = 0;
-						$height = 0;
-					}
-
-					$block_array += array(
-						'S_FLASH_FILE'	=> true,
-						'WIDTH'			=> $width,
-						'HEIGHT'		=> $height,
-						'U_VIEW_LINK'	=> $download_link . '&view=1',
-					);
-
-					// Viewed/Heared File ... update the download count
-					$update_count_ary[] = $attachment['attach_id'];
-				break;
-
 				default:
 					$l_downloaded_viewed = 'DOWNLOAD_COUNTS';
 

phpBB/includes/functions_download.php

@@ -206,28 +206,20 @@ function send_file_to_browser($attachment, $category)
 		header('X-Content-Type-Options: nosniff');
 	}
 
-	if ($category == ATTACHMENT_CATEGORY_FLASH && $request->variable('view', 0) === 1)
+	if (empty($user->browser) || ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7)))
 	{
-		// We use content-disposition: inline for flash files and view=1 to let it correctly play with flash player 10 - any other disposition will fail to play inline
+		header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
-		header('Content-Disposition: inline');
+		if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false))
+		{
+			header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
+		}
 	}
 	else
 	{
-		if (empty($user->browser) || ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7)))
+		header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
+		if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0))
 		{
-			header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
+			header('X-Download-Options: noopen');
-			if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false))
-			{
-				header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
-			}
-		}
-		else
-		{
-			header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
-			if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0))
-			{
-				header('X-Download-Options: noopen');
-			}
 		}
 	}
 

phpBB/install/convertors/functions_phpbb20.php

@@ -1399,10 +1399,6 @@ function phpbb_attachment_category($cat_id)
 		case 2:
 			return ATTACHMENT_CATEGORY_WM;
 		break;
-
-		case 3:
-			return ATTACHMENT_CATEGORY_FLASH;
-		break;
 	}
 
 	return ATTACHMENT_CATEGORY_NONE;

phpBB/install/schemas/schema_data.sql

@@ -739,7 +739,6 @@ INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon
 INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('ARCHIVES', 0, 1, '', 0, '');
 INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('PLAIN_TEXT', 0, 0, '', 0, '');
 INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('DOCUMENTS', 0, 0, '', 0, '');
-INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('FLASH_FILES', 5, 0, '', 0, '');
 INSERT INTO phpbb_extension_groups (group_name, cat_id, allow_group, upload_icon, max_filesize, allowed_forums) VALUES ('DOWNLOADABLE_FILES', 0, 0, '', 0, '');
 
 # -- extensions
@@ -796,8 +795,6 @@ INSERT INTO phpbb_extensions (group_id, extension) VALUES (4, 'ods');
 INSERT INTO phpbb_extensions (group_id, extension) VALUES (4, 'odt');
 INSERT INTO phpbb_extensions (group_id, extension) VALUES (4, 'rtf');
 
-INSERT INTO phpbb_extensions (group_id, extension) VALUES (5, 'swf');
-
 INSERT INTO phpbb_extensions (group_id, extension) VALUES (6, 'mp3');
 INSERT INTO phpbb_extensions (group_id, extension) VALUES (6, 'mpeg');
 INSERT INTO phpbb_extensions (group_id, extension) VALUES (6, 'mpg');

phpBB/language/en/acp/attachments.php

@@ -68,7 +68,6 @@ $lang = array_merge($lang, array(
 	'ATTACH_QUOTA_EXPLAIN'				=> 'Maximum drive space available for attachments for the whole board, with 0 being unlimited.',
 	'ATTACH_TO_POST'					=> 'Attach file to post',
 
-	'CAT_FLASH_FILES'			=> 'Flash files',
 	'CAT_IMAGES'				=> 'Images',
 	'CHECK_CONTENT'				=> 'Check attachment files',
 	'CHECK_CONTENT_EXPLAIN'		=> 'Some browsers can be tricked to assume an incorrect mimetype for uploaded files. This option ensures that such files likely to cause this are rejected.',
@@ -99,7 +98,6 @@ $lang = array_merge($lang, array(
 	'EXT_GROUP_ARCHIVES'			=> 'Archives',
 	'EXT_GROUP_DOCUMENTS'			=> 'Documents',
 	'EXT_GROUP_DOWNLOADABLE_FILES'	=> 'Downloadable Files',
-	'EXT_GROUP_FLASH_FILES'			=> 'Flash Files',
 	'EXT_GROUP_IMAGES'				=> 'Images',
 	'EXT_GROUP_PLAIN_TEXT'			=> 'Plain Text',
 

phpBB/phpbb/db/migration/data/v330/remove_attachment_flash.php

@@ -0,0 +1,86 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v330;
+
+class remove_attachment_flash extends \phpbb\db\migration\migration
+{
+	// Following constants were deprecated in 3.3
+	// and moved from constants.php to compatibility_globals.php,
+	// thus define them as class constants
+	const ATTACHMENT_CATEGORY_FLASH = 5;
+
+	protected $cat_id = array(
+			self::ATTACHMENT_CATEGORY_FLASH,
+		);
+
+	public function update_data()
+	{
+		return array(
+			array('custom', array(array($this, 'remove_flash_group'))),
+		);
+	}
+
+	public function remove_flash_group()
+	{
+		// select group ids of outdated media
+		$sql = 'SELECT group_id
+			FROM ' . EXTENSION_GROUPS_TABLE . '
+			WHERE ' . $this->db->sql_in_set('cat_id', $this->cat_id);
+		$result = $this->db->sql_query($sql);
+
+		$group_ids = array();
+		while ($group_id = (int) $this->db->sql_fetchfield('group_id'))
+		{
+			$group_ids[] = $group_id;
+		}
+		$this->db->sql_freeresult($result);
+
+		// nothing to do, admin has removed all the outdated media extension groups
+		if (empty($group_ids))
+		{
+			return true;
+		}
+
+		// get the group id of downloadable files
+		$sql = 'SELECT group_id
+			FROM ' . EXTENSION_GROUPS_TABLE . "
+			WHERE group_name = 'DOWNLOADABLE_FILES'";
+		$result = $this->db->sql_query($sql);
+		$download_id = (int) $this->db->sql_fetchfield('group_id');
+		$this->db->sql_freeresult($result);
+
+		if (empty($download_id))
+		{
+			$sql = 'UPDATE ' . EXTENSIONS_TABLE . '
+				SET group_id = 0
+				WHERE ' . $this->db->sql_in_set('group_id', $group_ids);
+		}
+		else
+		{
+			// move outdated media extensions to downloadable files
+			$sql = 'UPDATE ' . EXTENSIONS_TABLE . "
+				SET group_id = $download_id" . '
+				WHERE ' . $this->db->sql_in_set('group_id', $group_ids);
+		}
+
+		$result = $this->db->sql_query($sql);
+		$this->db->sql_freeresult($result);
+
+		// delete the now empty, outdated media extension groups
+		$sql = 'DELETE FROM ' . EXTENSION_GROUPS_TABLE . '
+			WHERE ' . $this->db->sql_in_set('group_id', $group_ids);
+		$result = $this->db->sql_query($sql);
+		$this->db->sql_freeresult($result);
+	}
+}

phpBB/styles/prosilver/template/attachment.html

@@ -29,19 +29,6 @@
 		</dl>
 		<!-- ENDIF -->
 
-		<!-- IF _file.S_FLASH_FILE -->
-			<object classid="clsid:D27CDB6E-AE6D-11CF-96B8-444553540000" codebase="http://active.macromedia.com/flash2/cabs/swflash.cab#version=5,0,0,0" width="{_file.WIDTH}" height="{_file.HEIGHT}">
-				<param name="movie" value="{_file.U_VIEW_LINK}" />
-				<param name="play" value="true" />
-				<param name="loop" value="true" />
-				<param name="quality" value="high" />
-				<param name="allowScriptAccess" value="never" />
-				<param name="allowNetworking" value="internal" />
-				<embed src="{_file.U_VIEW_LINK}" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" width="{_file.WIDTH}" height="{_file.HEIGHT}" play="true" loop="true" quality="high" allowscriptaccess="never" allownetworking="internal"></embed>
-			</object>
-			<p><a href="{_file.U_DOWNLOAD_LINK}">{_file.DOWNLOAD_NAME}</a> [ {_file.FILESIZE} {_file.SIZE_LANG} | {_file.L_DOWNLOAD_COUNT} ]</p>
-		<!-- ENDIF -->
-
 		<!-- EVENT attachment_file_append -->
 	<!-- ENDIF -->
 <!-- END _file -->