makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-08 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/14285] Update attachment controller

Browse source 
PHPBB3-14285
This commit is contained in:
Rubén Calvo 2018-07-14 12:29:13 +02:00 committed by rubencm
parent 6232401dd7
commit d0fa8014c7
2 changed files with 19 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
phpBB/download/file.php
View file

@ -48,7 +48,6 @@ $thumbnail = $request->variable('t', false);
$response = new RedirectResponse( $response = new RedirectResponse(
$controller_helper->route('phpbb_storage_attachment', array( $controller_helper->route('phpbb_storage_attachment', array(
'id' => $attach_id, 'id' => $attach_id,
'mode' => $mode,
't' => $thumbnail, 't' => $thumbnail,
), false), ), false),
301 301

45
phpBB/phpbb/storage/controller/attachment.php
View file

@ -62,7 +62,6 @@ class attachment extends controller
public function handle($id) public function handle($id)
{ {
$attach_id = (int) $id; $attach_id = (int) $id;
$mode = $this->request->variable('mode', '');
$thumbnail = $this->request->variable('t', false); $thumbnail = $this->request->variable('t', false);
// Start session management, do not update session page. // Start session management, do not update session page.
@ -173,45 +172,31 @@ class attachment extends controller
* @var int attach_id The attachment ID * @var int attach_id The attachment ID
* @var array attachment Array with attachment data * @var array attachment Array with attachment data
* @var array extensions Array with file extensions data * @var array extensions Array with file extensions data
* @var string mode Download mode
* @var bool thumbnail Flag indicating if the file is a thumbnail * @var bool thumbnail Flag indicating if the file is a thumbnail
* @var string redirect Do a redirection instead of reading the file * @var string redirect Do a redirection instead of reading the file
* @since 3.1.6-RC1 * @since 3.1.6-RC1
* @changed 3.1.7-RC1 Fixing wrong name of a variable (replacing "extension" by "extensions") * @changed 3.1.7-RC1 Fixing wrong name of a variable (replacing "extension" by "extensions")
* @changed 3.3.0-a1 Add redirect variable * @changed 3.3.0-a1 Add redirect variable
* @changed 3.3.0-a1 Remove display_cat variable
* @changed 3.3.0-a1 Remove mode variable
*/ */
$vars = array( $vars = array(
'attach_id', 'attach_id',
'attachment', 'attachment',
'extensions', 'extensions',
'mode',
'thumbnail', 'thumbnail',
'redirect', 'redirect',
); );
extract($this->dispatcher->trigger_event('core.download_file_send_to_browser_before', compact($vars))); extract($this->dispatcher->trigger_event('core.download_file_send_to_browser_before', compact($vars)));
// If the redirect variable have been overwritten, do redirect there
if (!empty($redirect)) if (!empty($redirect))
{ {
return new RedirectResponse($redirect); return new RedirectResponse($redirect);
} }
$this->send_file_to_browser($attachment); // Check if the file exists in the storage table too
if (!$this->storage->exists($attachment['physical_filename']))
$time = new \Datetime();
$this->response->setExpires($time->modify('+1 year'));
$file = $attachment['physical_filename'];
return parent::handle($file);
}
/**
* Send file to browser
*/
protected function send_file_to_browser($attachment)
{
$filename = $attachment['physical_filename'];
if (!$this->storage->exists($filename))
{ {
throw new http_exception(404, 'ERROR_NO_ATTACHMENT'); throw new http_exception(404, 'ERROR_NO_ATTACHMENT');
} }
@ -221,34 +206,42 @@ class attachment extends controller
* *
* @event core.send_file_to_browser_before * @event core.send_file_to_browser_before
* @var array attachment Attachment data * @var array attachment Attachment data
* @var string filename Path to file, including filename
* @since 3.1.11-RC1 * @since 3.1.11-RC1
* @changed 3.3.0-a1 Removed category variable
* @changed 3.3.0-a1 Removed size variable
* @changed 3.3.0-a1 Removed filename variable
*/ */
$vars = array( $vars = array(
'attachment', 'attachment',
'filename',
); );
extract($this->dispatcher->trigger_event('core.send_file_to_browser_before', compact($vars))); extract($this->dispatcher->trigger_event('core.send_file_to_browser_before', compact($vars)));
// Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer. // Content-type header
$this->response->headers->set('Content-Type', $attachment['mimetype']); $this->response->headers->set('Content-Type', $attachment['mimetype']);
if ($this->request->variable('view', 0) === 1 || strpos($attachment['mimetype'], 'image') !== false) // Display images in browser and force download for other file types
if (strpos($attachment['mimetype'], 'image') !== false)
{ {
$disposition = $this->response->headers->makeDisposition( $disposition = $this->response->headers->makeDisposition(
ResponseHeaderBag::DISPOSITION_INLINE, ResponseHeaderBag::DISPOSITION_INLINE,
rawurlencode($filename) rawurlencode($attachment['physical_filename'])
); );
} }
else else
{ {
$disposition = $this->response->headers->makeDisposition( $disposition = $this->response->headers->makeDisposition(
ResponseHeaderBag::DISPOSITION_ATTACHMENT, ResponseHeaderBag::DISPOSITION_ATTACHMENT,
rawurlencode($filename) rawurlencode($attachment['physical_filename'])
); );
} }
$this->response->headers->set('Content-Disposition', $disposition); $this->response->headers->set('Content-Disposition', $disposition);
// Set expires header for browser cache
$time = new \Datetime();
$this->response->setExpires($time->modify('+1 year'));
return parent::handle($attachment['physical_filename']);
} }
/** /**