makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 22:28:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

- re-enable drafts. ;)

Browse source 
- put extension checking into a small function...


git-svn-id: file:///svn/phpbb/trunk@4862 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2004-03-11 21:17:32 +00:00
parent 7487bfce48
commit ba7008b387
4 changed files with 18 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
phpBB/download.php
View file

@ -69,11 +69,8 @@ else
trigger_error('SORRY_AUTH_VIEW_ATTACH'); trigger_error('SORRY_AUTH_VIEW_ATTACH');
} }
$extensions = array();
obtain_attach_extensions($extensions);
// disallowed ? // disallowed ?
if ((is_array($extensions['_allowed_'][$attachment['extension']]) && !in_array($row['forum_id'], $extensions['_allowed_'][$attachment['extension']])) || !isset($extensions['_allowed_'][$attachment['extension']])) if (extension_allowed($row['forum_id'], $attachment['extension']))
{ {
trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension'])); trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));
} }

2
phpBB/includes/functions_display.php
View file

@ -411,7 +411,7 @@ function display_attachments($forum_id, $blockname, $attachment_data, &$update_c
$denied = false; $denied = false;
if ((is_array($extensions['_allowed_'][$attachment['extension']]) && !in_array($forum_id, $extensions['_allowed_'][$attachment['extension']])) || !isset($extensions['_allowed_'][$attachment['extension']])) if (extension_allowed($forum_id, $attachment['extension']))
{ {
$denied = true; $denied = true;

16
phpBB/includes/functions_posting.php
View file

@ -188,7 +188,7 @@ function upload_attachment($forum_id, $filename, $local = false, $local_storage
obtain_attach_extensions($extensions); obtain_attach_extensions($extensions);
// Check Extension // Check Extension
if ((is_array($extensions['_allowed_'][$filedata['extension']]) && !in_array($forum_id, $extensions['_allowed_'][$filedata['extension']])) || !isset($extensions['_allowed_'][$filedata['extension']])) if (extension_allowed($forum_id, $filedata['extension']))
{ {
$filedata['error'][] = sprintf($user->lang['DISALLOWED_EXTENSION'], $filedata['extension']); $filedata['error'][] = sprintf($user->lang['DISALLOWED_EXTENSION'], $filedata['extension']);
$filedata['post_attach'] = false; $filedata['post_attach'] = false;
@ -503,6 +503,20 @@ function create_thumbnail($source, $new_file, $mimetype)
return true; return true;
} }
// Check if extension is allowed to be posted within forum X
function extension_allowed($forum_id, $extension)
{
global $extensions;
if (!isset($extensions) || !is_array($extensions))
{
$extensions = array();
obtain_attach_extensions($extensions);
}
return (is_array($extensions['_allowed_'][$extension]) && !in_array($forum_id, $extensions['_allowed_'][$extension])) || !isset($extensions['_allowed_'][$extension]);
}
// //
// TODO // TODO
// //

2
phpBB/posting.php
View file

@ -427,7 +427,7 @@ if ($save && $user->data['user_id'] != ANONYMOUS && $auth->acl_get('u_savedrafts
$message = (isset($_POST['message'])) ? htmlspecialchars(trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message']))) : ''; $message = (isset($_POST['message'])) ? htmlspecialchars(trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message']))) : '';
$message = preg_replace('#&(\#[0-9]+;)#', '&\1', $message); $message = preg_replace('#&(\#[0-9]+;)#', '&\1', $message);
if (!$subject && !$message) if ($subject && $message)
{ {
$sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array( $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'user_id' => $user->data['user_id'], 'user_id' => $user->data['user_id'],