From 0f88b847fcee1d4b4745eb5ba4fec72c01e4dc5b Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Wed, 12 Jan 2011 23:55:30 +0100
Subject: [PATCH 1/4] [ticket/9790] Add $exit parameter to file_gc().

PHPBB3-9790
---
 phpBB/includes/functions_download.php | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 94d851e383..390ae7a5a4 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -417,15 +417,28 @@ function set_modified_headers($stamp, $browser)
 	return false;
 }
 
-function file_gc()
+/**
+* Garbage Collection
+*
+* @param bool $exit		Whether to die or not.
+*
+* @return void
+*/
+function file_gc($exit = true)
 {
 	global $cache, $db;
+
 	if (!empty($cache))
 	{
 		$cache->unload();
 	}
+
 	$db->sql_close();
-	exit;
+
+	if ($exit)
+	{
+		exit;
+	}
 }
 
 /**

From 19931713db35307461bfe0784f32526d24caf912 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Mon, 17 Jan 2011 22:31:59 +0100
Subject: [PATCH 2/4] [ticket/9790] Always call file_gc(false) before sending
 the file.

This also unloads the cache before the file is send.

PHPBB3-9790
---
 phpBB/includes/functions_download.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 390ae7a5a4..80b71f1301 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -224,8 +224,8 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 		header("Content-Length: $size");
 	}
 
-	// Close the db connection before sending the file
-	$db->sql_close();
+	// Close the db connection before sending the file etc.
+	file_gc(false);
 
 	if (!set_modified_headers($attachment['filetime'], $user->browser))
 	{
@@ -259,7 +259,8 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 
 		flush();
 	}
-	file_gc();
+
+	exit;
 }
 
 /**

From 6bbdc129c09b781007863fc49a9c7f9f3b1cf157 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Thu, 13 Jan 2011 00:46:19 +0100
Subject: [PATCH 3/4] [ticket/9790] Support for nginx's X-Accel-Redirect header
 for attachments.

PHPBB3-9790
---
 phpBB/docs/nginx.sample.conf          |  8 ++++++++
 phpBB/includes/functions_download.php | 10 ++++++++++
 2 files changed, 18 insertions(+)

diff --git a/phpBB/docs/nginx.sample.conf b/phpBB/docs/nginx.sample.conf
index a22a126ff4..f74e988922 100644
--- a/phpBB/docs/nginx.sample.conf
+++ b/phpBB/docs/nginx.sample.conf
@@ -3,6 +3,14 @@
 # from your system's nginx.conf.
 # Tested with nginx 0.8.35.
 
+# If you want to use the X-Accel-Redirect feature,
+# add the following to your config.php.
+#
+#  define('PHPBB_ENABLE_X_ACCEL_REDIRECT', true);
+#
+# See http://wiki.nginx.org/XSendfile for the details
+# on X-Accel-Redirect.
+
 http {
     # Compression - requires gzip and gzip static modules.
     gzip on;
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 80b71f1301..4c8f539979 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -229,6 +229,16 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 
 	if (!set_modified_headers($attachment['filetime'], $user->browser))
 	{
+		// We make sure those have to be enabled manually by defining a constant
+		// because of the potential disclosure of full attachment path
+		// in case support for features is absent in the webserver software.
+		if (defined('PHPBB_ENABLE_X_ACCEL_REDIRECT') && PHPBB_ENABLE_X_ACCEL_REDIRECT)
+		{
+			// X-Accel-Redirect - http://wiki.nginx.org/XSendfile
+			header('X-Accel-Redirect: ' . $user->page['root_script_path'] . $upload_dir . '/' . $attachment['physical_filename']);
+			exit;
+		}
+
 		// Try to deliver in chunks
 		@set_time_limit(0);
 

From f6a14cbcef93f40cf368bc1ec5351fae09982e17 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Thu, 13 Jan 2011 02:25:22 +0100
Subject: [PATCH 4/4] [ticket/9790] Support for lighttpd's X-Sendfile header
 for attachments.

PHPBB3-9790
---
 phpBB/docs/lighttpd.sample.conf       | 10 ++++++++++
 phpBB/includes/functions_download.php | 23 ++++++++---------------
 2 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/phpBB/docs/lighttpd.sample.conf b/phpBB/docs/lighttpd.sample.conf
index 5873d1c945..5862cb319d 100644
--- a/phpBB/docs/lighttpd.sample.conf
+++ b/phpBB/docs/lighttpd.sample.conf
@@ -3,6 +3,15 @@
 # from your system's lighttpd.conf.
 # Tested with lighttpd 1.4.26
 
+# If you want to use the X-Sendfile feature,
+# uncomment the 'allow-x-send-file' for the fastcgi
+# server below and add the following to your config.php
+#
+#  define('PHPBB_ENABLE_X_SENDFILE', true);
+#
+# See http://blog.lighttpd.net/articles/2006/07/02/x-sendfile
+# for the details on X-Sendfile.
+
 # Load moules
 server.modules += ( 
 	"mod_access",
@@ -54,6 +63,7 @@ $HTTP["host"] == "www.myforums.com" {
 			"bin-copy-environment" => (
 				"PATH", "SHELL", "USER"
 			),
+			#"allow-x-send-file" => "enable",
 			"broken-scriptfilename" => "enable"
 		))
 	)
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php
index 4c8f539979..63693c1db4 100644
--- a/phpBB/includes/functions_download.php
+++ b/phpBB/includes/functions_download.php
@@ -170,21 +170,6 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 	// Now the tricky part... let's dance
 	header('Pragma: public');
 
-	/**
-	* Commented out X-Sendfile support. To not expose the physical filename within the header if xsendfile is absent we need to look into methods of checking it's status.
-	*
-	* Try X-Sendfile since it is much more server friendly - only works if the path is *not* outside of the root path...
-	* lighttpd has core support for it. An apache2 module is available at http://celebnamer.celebworld.ws/stuff/mod_xsendfile/
-	*
-	* Not really ideal, but should work fine...
-	* <code>
-	*	if (strpos($upload_dir, '/') !== 0 && strpos($upload_dir, '../') === false)
-	*	{
-	*		header('X-Sendfile: ' . $filename);
-	*	}
-	* </code>
-	*/
-
 	// Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer.
 	$is_ie8 = (strpos(strtolower($user->browser), 'msie 8.0') !== false);
 	header('Content-Type: ' . $attachment['mimetype']);
@@ -238,6 +223,14 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 			header('X-Accel-Redirect: ' . $user->page['root_script_path'] . $upload_dir . '/' . $attachment['physical_filename']);
 			exit;
 		}
+		else if (defined('PHPBB_ENABLE_X_SENDFILE') && PHPBB_ENABLE_X_SENDFILE && !phpbb_http_byte_range($size))
+		{
+			// X-Sendfile - http://blog.lighttpd.net/articles/2006/07/02/x-sendfile
+			// Lighttpd's X-Sendfile does not support range requests as of 1.4.26
+			// and always requires an absolute path.
+			header('X-Sendfile: ' . dirname(__FILE__) . "/../$upload_dir/{$attachment['physical_filename']}");
+			exit;
+		}
 
 		// Try to deliver in chunks
 		@set_time_limit(0);