makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/10820] Inject IE version in function

Browse source 
PHPBB3-10820
This commit is contained in:
Dhruv 2013-06-05 00:14:46 +05:30
parent cae8c36037
commit 56e27a9908
1 changed files with 9 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
phpBB/download/file.php
View file

@ -285,7 +285,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHME
$db->sql_query($sql); $db->sql_query($sql);
} }
if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !phpbb_is_greater_ie7($user->browser)) if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && !phpbb_is_greater_ie_version($user->browser, 7))
{ {
wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']); wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']);
file_gc(); file_gc();
@ -344,7 +344,7 @@ function send_avatar_to_browser($file, $browser)
$image_data = @getimagesize($file_path); $image_data = @getimagesize($file_path);
header('Content-Type: ' . image_type_to_mime_type($image_data[2])); header('Content-Type: ' . image_type_to_mime_type($image_data[2]));
if (!phpbb_is_greater_ie7($browser)) if (!phpbb_is_greater_ie_version($browser, 7))
{ {
header('Content-Disposition: attachment; ' . header_filename($file)); header('Content-Disposition: attachment; ' . header_filename($file));
@ -479,7 +479,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
// Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. // Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer.
header('Content-Type: ' . $attachment['mimetype']); header('Content-Type: ' . $attachment['mimetype']);
if (phpbb_is_greater_ie7($user->browser)) if (phpbb_is_greater_ie_version($user->browser, 7))
{ {
header('X-Content-Type-Options: nosniff'); header('X-Content-Type-Options: nosniff');
} }
@ -491,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
} }
else else
{ {
if (empty($user->browser) || !phpbb_is_greater_ie7($user->browser)) if (empty($user->browser) || !phpbb_is_greater_ie_version($user->browser, 7))
{ {
header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false)) if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false))
@ -502,7 +502,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
else else
{ {
header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename']))); header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
if (phpbb_is_greater_ie7($user->browser) && (strpos($attachment['mimetype'], 'image') !== 0)) if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0))
{ {
header('X-Download-Options: noopen'); header('X-Download-Options: noopen');
} }
@ -680,7 +680,7 @@ function set_modified_headers($stamp, $browser)
// let's see if we have to send the file at all // let's see if we have to send the file at all
$last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false;
if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie7($browser)) if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie_version($browser, 7))
{ {
if ($last_load !== false && $last_load >= $stamp) if ($last_load !== false && $last_load >= $stamp)
{ {
@ -713,15 +713,16 @@ function file_gc()
* Check if the browser is internet explorer version 7+ * Check if the browser is internet explorer version 7+
* *
* @param string $user_agent User agent HTTP header * @param string $user_agent User agent HTTP header
* @param int $version IE version to check against
* *
* @return bool true if internet explorer version is greater than 7 * @return bool true if internet explorer version is greater than 7
*/ */
function phpbb_is_greater_ie7($user_agent) function phpbb_is_greater_ie_version($user_agent, $version)
{ {
if (preg_match('/msie (\d+)/', strtolower($user_agent), $matches)) if (preg_match('/msie (\d+)/', strtolower($user_agent), $matches))
{ {
$ie_version = (int) $matches[1]; $ie_version = (int) $matches[1];
return ($ie_version > 7); return ($ie_version > $version);
} }
else else
{ {