diff --git a/phpBB/download/file.php b/phpBB/download/file.php index 2fb42033cd..5d8e1a1cc8 100644 --- a/phpBB/download/file.php +++ b/phpBB/download/file.php @@ -24,6 +24,8 @@ if (isset($_GET['avatar'])) $config = cache::obtain_config(); $filename = $_GET['avatar']; $avatar_group = false; + $exit = false; + if ($filename[0] === 'g') { $avatar_group = true; @@ -34,55 +36,37 @@ if (isset($_GET['avatar'])) if (strpos($filename, '.') == false) { header('HTTP/1.0 403 forbidden'); - if (!empty($cache)) - { - $cache->unload(); - } - $db->sql_close(); - exit; + $exit = true; } - $ext = substr(strrchr($filename, '.'), 1); - $stamp = (int) substr(stristr($filename, '_'), 1); - $filename = (int) $filename; - - // let's see if we have to send the file at all - $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; - if (strpos(strtolower($browser), 'msie 6.0') === false) + if (!$exit) { - if ($last_load !== false && $last_load <= $stamp) - { - if (@php_sapi_name() === 'CGI') - { - header('Status: 304 Not Modified', true, 304); - } - else - { - header('HTTP/1.0 304 Not Modified', true, 304); - } - // seems that we need those too ... browsers - header('Pragma: public'); - header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000)); - exit(); - } - else - { - header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $stamp) . ' GMT'); - } + $ext = substr(strrchr($filename, '.'), 1); + $stamp = (int) substr(stristr($filename, '_'), 1); + $filename = (int) $filename; + $exit = set_modified_headers($stamp, $browser); } - - if (!in_array($ext, array('png', 'gif', 'jpg', 'jpeg')) || !$filename) + if (!$exit && !in_array($ext, array('png', 'gif', 'jpg', 'jpeg'))) { // no way such an avatar could exist. They are not following the rules, stop the show. header("HTTP/1.0 403 Forbidden"); - garbage_collection(); - exit_handler(); + $exit = true; } - - send_avatar_to_browser(($avatar_group ? 'g' : '') . $filename . '.' . $ext, $browser); - - garbage_collection(); - exit_handler(); + + + if (!$exit) + { + if (!$filename) + { + // no way such an avatar could exist. They are not following the rules, stop the show. + header("HTTP/1.0 403 Forbidden"); + } + else + { + send_avatar_to_browser(($avatar_group ? 'g' : '') . $filename . '.' . $ext, $browser); + } + } + file_gc(); } // implicit else: we are not in avatar mode @@ -105,7 +89,7 @@ if (!$config['allow_attachments'] && !$config['allow_pm_attach']) trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED'); } -$sql = 'SELECT attach_id, in_message, post_msg_id, extension, is_orphan, poster_id +$sql = 'SELECT attach_id, in_message, post_msg_id, extension, is_orphan, poster_id, filetime FROM ' . ATTACHMENTS_TABLE . " WHERE attach_id = $download_id"; $result = $db->sql_query_limit($sql, 1); @@ -216,7 +200,7 @@ if (!download_allowed()) $download_mode = (int) $extensions[$attachment['extension']]['download_mode']; // Fetching filename here to prevent sniffing of filename -$sql = 'SELECT attach_id, is_orphan, in_message, post_msg_id, extension, physical_filename, real_filename, mimetype +$sql = 'SELECT attach_id, is_orphan, in_message, post_msg_id, extension, physical_filename, real_filename, mimetype, filetime FROM ' . ATTACHMENTS_TABLE . " WHERE attach_id = $download_id"; $result = $db->sql_query_limit($sql, 1); @@ -270,12 +254,12 @@ else } redirect(PHPBB_ROOT_PATH . $config['upload_path'] . '/' . $attachment['physical_filename']); - exit; + file_gc(); } else { send_file_to_browser($attachment, $config['upload_path'], $display_cat); - exit; + file_gc(); } } @@ -460,27 +444,29 @@ function send_file_to_browser($attachment, $upload_dir, $category) { header("Content-Length: $size"); } - - // Try to deliver in chunks - @set_time_limit(0); - - $fp = @fopen($filename, 'rb'); - - if ($fp !== false) + if (!set_modified_headers($attachment['filetime'], $user->browser)) { - while (!feof($fp)) + // Try to deliver in chunks + @set_time_limit(0); + + $fp = @fopen($filename, 'rb'); + + if ($fp !== false) { - echo fread($fp, 8192); + while (!feof($fp)) + { + echo fread($fp, 8192); + } + fclose($fp); + } + else + { + @readfile($filename); } - fclose($fp); - } - else - { - @readfile($filename); - } - flush(); - exit; + flush(); + } + file_gc(); } /** @@ -612,4 +598,48 @@ function download_allowed() return $allowed; } +/** +* Check if the browser has the file already and set the appropriate headers- +* @returns false if a resend is in order. +*/ +function set_modified_headers($stamp, $browser) +{ + // let's see if we have to send the file at all + $last_load = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false; + if (strpos(strtolower($browser), 'msie 6.0') === false) + { + if ($last_load !== false && $last_load <= $stamp) + { + if (@php_sapi_name() === 'CGI') + { + header('Status: 304 Not Modified', true, 304); + } + else + { + header('HTTP/1.0 304 Not Modified', true, 304); + } + // seems that we need those too ... browsers + header('Pragma: public'); + header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000)); + return true; + } + else + { + header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $stamp) . ' GMT'); + } + } + return false; +} + +function file_gc() +{ + global $cache, $db; + if (!empty($cache)) + { + $cache->unload(); + } + $db->sql_close(); + exit; +} + ?> \ No newline at end of file