From f894da0d25f2ecc4c8f3c039dd9f40607137d4ca Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Thu, 9 Feb 2012 15:13:29 +0100
Subject: [PATCH] [ticket/10633] Stop leaking filename of attachments when
 thumbnail is requested

While filenames are chosen at random and there is no correlation between the
original filename and the new filesystem filename, there is a correlation
between filesystem filename and filesytem filename of thumbnails.

Adjust error message to no longer include the physical filename and make it
consistent with the error message that is shown when there is no attachment at
all.

This information was mostly useless for regular users (i.e. non-admins) anyway.

PHPBB3-10633
---
 phpBB/download/file.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/phpBB/download/file.php b/phpBB/download/file.php
index c17f0cf018..bf277c69fa 100644
--- a/phpBB/download/file.php
+++ b/phpBB/download/file.php
@@ -424,7 +424,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 	if (!@file_exists($filename))
 	{
 		send_status_line(404, 'Not Found');
-		trigger_error($user->lang['ERROR_NO_ATTACHMENT'] . '<br /><br />' . sprintf($user->lang['FILE_NOT_FOUND_404'], $filename));
+		trigger_error('ERROR_NO_ATTACHMENT');
 	}
 
 	// Correct the mime type - we force application/octetstream for all files, except images