root / tags / milestone_3 / phpBB / download.php
View | Annotate | Download (8 KB)
| 1 | <?php
|
|---|---|
| 2 | /**
|
| 3 | * |
| 4 | * @package phpBB3 |
| 5 | * @version $Id: download.php 5247 2005-10-02 18:47:06Z acydburn $ |
| 6 | * @copyright (c) 2005 phpBB Group |
| 7 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License |
| 8 | * |
| 9 | */ |
| 10 | |
| 11 | /**
|
| 12 | */ |
| 13 | define('IN_PHPBB', true); |
| 14 | $phpbb_root_path = './';
|
| 15 | $phpEx = substr(strrchr(__FILE__, '.'), 1); |
| 16 | include($phpbb_root_path . 'common.'.$phpEx); |
| 17 | |
| 18 | $download_id = request_var('id', 0); |
| 19 | |
| 20 | // Thumbnails are not handled by this file by default - but for modders this should be interesting. ;)
|
| 21 | $thumbnail = request_var('t', false); |
| 22 | |
| 23 | // Start session management
|
| 24 | $user->session_begin(); |
| 25 | $auth->acl($user->data); |
| 26 | $user->setup('viewtopic');
|
| 27 | |
| 28 | if (!$download_id)
|
| 29 | {
|
| 30 | trigger_error('NO_ATTACHMENT_SELECTED');
|
| 31 | } |
| 32 | |
| 33 | if (!$config['allow_attachments'] && !$config['allow_pm_attach']) |
| 34 | {
|
| 35 | trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');
|
| 36 | } |
| 37 | |
| 38 | $sql = 'SELECT attach_id, in_message, post_msg_id, extension
|
| 39 | FROM ' . ATTACHMENTS_TABLE . " |
| 40 | WHERE attach_id = $download_id";
|
| 41 | $result = $db->sql_query_limit($sql, 1);
|
| 42 | |
| 43 | if (!($attachment = $db->sql_fetchrow($result)))
|
| 44 | {
|
| 45 | trigger_error('ERROR_NO_ATTACHMENT');
|
| 46 | } |
| 47 | $db->sql_freeresult($result); |
| 48 | |
| 49 | if ((!$attachment['in_message'] && !$config['allow_attachments']) || ($attachment['in_message'] && !$config['allow_pm_attach'])) |
| 50 | {
|
| 51 | trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');
|
| 52 | } |
| 53 | |
| 54 | $row = array();
|
| 55 | if (!$attachment['in_message']) |
| 56 | {
|
| 57 | //
|
| 58 | $sql = 'SELECT p.forum_id, f.forum_password, f.parent_id
|
| 59 | FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f |
| 60 | WHERE p.post_id = ' . $attachment['post_msg_id'] . ' |
| 61 | AND p.forum_id = f.forum_id';
|
| 62 | $result = $db->sql_query_limit($sql, 1);
|
| 63 | $row = $db->sql_fetchrow($result); |
| 64 | $db->sql_freeresult($result); |
| 65 | |
| 66 | if ($auth->acl_gets('f_download', 'u_download', $row['forum_id'])) |
| 67 | {
|
| 68 | if ($row['forum_password']) |
| 69 | {
|
| 70 | // Do something else ... ?
|
| 71 | login_forum_box($row); |
| 72 | } |
| 73 | } |
| 74 | else
|
| 75 | {
|
| 76 | trigger_error('SORRY_AUTH_VIEW_ATTACH');
|
| 77 | } |
| 78 | } |
| 79 | else
|
| 80 | {
|
| 81 | $row['forum_id'] = 0; |
| 82 | if (!$auth->acl_get('u_pm_download') || !$config['auth_download_pm']) |
| 83 | {
|
| 84 | trigger_error('SORRY_AUTH_VIEW_ATTACH');
|
| 85 | } |
| 86 | } |
| 87 | |
| 88 | // disallowed ?
|
| 89 | $extensions = array();
|
| 90 | if (!extension_allowed($row['forum_id'], $attachment['extension'], $extensions)) |
| 91 | {
|
| 92 | trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension'])); |
| 93 | } |
| 94 | |
| 95 | if (!download_allowed())
|
| 96 | {
|
| 97 | trigger_error($user->lang['LINKAGE_FORBIDDEN']);
|
| 98 | } |
| 99 | |
| 100 | $download_mode = (int) $extensions[$attachment['extension']]['download_mode']; |
| 101 | |
| 102 | // Fetching filename here to prevent sniffing of filename
|
| 103 | $sql = 'SELECT attach_id, in_message, post_msg_id, extension, physical_filename, real_filename, mimetype
|
| 104 | FROM ' . ATTACHMENTS_TABLE . " |
| 105 | WHERE attach_id = $download_id";
|
| 106 | $result = $db->sql_query_limit($sql, 1);
|
| 107 | |
| 108 | if (!($attachment = $db->sql_fetchrow($result)))
|
| 109 | {
|
| 110 | trigger_error('ERROR_NO_ATTACHMENT');
|
| 111 | } |
| 112 | $db->sql_freeresult($result); |
| 113 | |
| 114 | $attachment['physical_filename'] = basename($attachment['physical_filename']); |
| 115 | |
| 116 | if ($thumbnail)
|
| 117 | {
|
| 118 | $attachment['physical_filename'] = 'thumb_' . $attachment['physical_filename']; |
| 119 | } |
| 120 | else
|
| 121 | {
|
| 122 | // Update download count
|
| 123 | $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' |
| 124 | SET download_count = download_count + 1 |
| 125 | WHERE attach_id = ' . $attachment['attach_id']; |
| 126 | $db->sql_query($sql); |
| 127 | } |
| 128 | |
| 129 | // Determine the 'presenting'-method
|
| 130 | if ($download_mode == PHYSICAL_LINK)
|
| 131 | {
|
| 132 | if (!@is_dir($phpbb_root_path . $config['upload_path'])) |
| 133 | {
|
| 134 | trigger_error($user->lang['PHYSICAL_DOWNLOAD_NOT_POSSIBLE']);
|
| 135 | } |
| 136 | |
| 137 | redirect($phpbb_root_path . $config['upload_path'] . '/' . $attachment['physical_filename']); |
| 138 | } |
| 139 | else
|
| 140 | {
|
| 141 | send_file_to_browser($attachment, $config['upload_path'], $extensions[$attachment['extension']]['display_cat']); |
| 142 | exit;
|
| 143 | } |
| 144 | |
| 145 | |
| 146 | /**
|
| 147 | * Send file to browser |
| 148 | */ |
| 149 | function send_file_to_browser($attachment, $upload_dir, $category)
|
| 150 | {
|
| 151 | global $user, $db, $config, $phpbb_root_path;
|
| 152 | |
| 153 | $filename = $phpbb_root_path . $upload_dir . '/' . $attachment['physical_filename']; |
| 154 | |
| 155 | if (!@file_exists($filename))
|
| 156 | {
|
| 157 | trigger_error($user->lang['ERROR_NO_ATTACHMENT'] . '<br /><br />' . sprintf($user->lang['FILE_NOT_FOUND_404'], $filename)); |
| 158 | } |
| 159 | |
| 160 | // Determine the Browser the User is using, because of some nasty incompatibilities.
|
| 161 | // borrowed from phpMyAdmin. :)
|
| 162 | $user_agent = (!empty($_SERVER['HTTP_USER_AGENT'])) ? $_SERVER['HTTP_USER_AGENT'] : ''; |
| 163 | |
| 164 | if (ereg('Opera(/| )([0-9].[0-9]{1,2})', $user_agent, $log_version)) |
| 165 | {
|
| 166 | $browser_version = $log_version[2];
|
| 167 | $browser_agent = 'opera';
|
| 168 | } |
| 169 | else if (ereg('MSIE ([0-9].[0-9]{1,2})', $user_agent, $log_version)) |
| 170 | {
|
| 171 | $browser_version = $log_version[1];
|
| 172 | $browser_agent = 'ie';
|
| 173 | } |
| 174 | else if (ereg('OmniWeb/([0-9].[0-9]{1,2})', $user_agent, $log_version)) |
| 175 | {
|
| 176 | $browser_version = $log_version[1];
|
| 177 | $browser_agent = 'omniweb';
|
| 178 | } |
| 179 | else if (ereg('(Konqueror/)(.*)(;)', $user_agent, $log_version)) |
| 180 | {
|
| 181 | $browser_version = $log_version[2];
|
| 182 | $browser_agent = 'konqueror';
|
| 183 | } |
| 184 | else if (ereg('Mozilla/([0-9].[0-9]{1,2})', $user_agent, $log_version) && ereg('Safari/([0-9]*)', $user_agent, $log_version2)) |
| 185 | {
|
| 186 | $browser_version = $log_version[1] . '.' . $log_version2[1]; |
| 187 | $browser_agent = 'safari';
|
| 188 | } |
| 189 | else if (ereg('Mozilla/([0-9].[0-9]{1,2})', $user_agent, $log_version)) |
| 190 | {
|
| 191 | $browser_version = $log_version[1];
|
| 192 | $browser_agent = 'mozilla';
|
| 193 | } |
| 194 | else
|
| 195 | {
|
| 196 | $browser_version = 0;
|
| 197 | $browser_agent = 'other';
|
| 198 | } |
| 199 | |
| 200 | // Correct the mime type - we force application/octetstream for all files, except images
|
| 201 | // Please do not change this, it is a security precaution
|
| 202 | if ($category == ATTACHMENT_CATEGORY_NONE && strpos($attachment['mimetype'], 'image') === false) |
| 203 | {
|
| 204 | $attachment['mimetype'] = ($browser_agent == 'ie' || $browser_agent == 'opera') ? 'application/octetstream' : 'application/octet-stream'; |
| 205 | } |
| 206 | |
| 207 | if (@ob_get_length())
|
| 208 | {
|
| 209 | @ob_end_clean(); |
| 210 | } |
| 211 | |
| 212 | // Now the tricky part... let's dance
|
| 213 | header('Pragma: public');
|
| 214 | |
| 215 | // Send out the Headers
|
| 216 | header('Content-Type: ' . $attachment['mimetype'] . '; name="' . $attachment['real_filename'] . '"'); |
| 217 | header('Content-Disposition: inline; filename="' . $attachment['real_filename'] . '"'); |
| 218 | |
| 219 | // Now send the File Contents to the Browser
|
| 220 | $size = @filesize($filename); |
| 221 | if ($size)
|
| 222 | {
|
| 223 | header("Content-length: $size");
|
| 224 | } |
| 225 | $result = @readfile($filename); |
| 226 | |
| 227 | if (!$result)
|
| 228 | {
|
| 229 | trigger_error('Unable to deliver file.<br />Error was: ' . $php_errormsg, E_USER_WARNING);
|
| 230 | } |
| 231 | |
| 232 | flush(); |
| 233 | exit;
|
| 234 | } |
| 235 | |
| 236 | /**
|
| 237 | * Check if downloading item is allowed |
| 238 | */ |
| 239 | function download_allowed()
|
| 240 | {
|
| 241 | global $config, $user, $db;
|
| 242 | |
| 243 | if (!$config['secure_downloads']) |
| 244 | {
|
| 245 | return true; |
| 246 | } |
| 247 | |
| 248 | $url = (getenv('HTTP_REFERER')) ? trim(getenv('HTTP_REFERER')) : trim($_SERVER['HTTP_REFERER']); |
| 249 | |
| 250 | if (!$url)
|
| 251 | {
|
| 252 | return ($config['secure_allow_empty_referer']) ? true : false; |
| 253 | } |
| 254 | |
| 255 | // Split URL into domain and script part
|
| 256 | $url = explode('?', str_replace(array('http://', 'https://'), array('', ''), $url)); |
| 257 | $hostname = trim($url[0]);
|
| 258 | unset($url);
|
| 259 | |
| 260 | $allowed = ($config['secure_allow_deny']) ? false : true; |
| 261 | $iplist = array();
|
| 262 | |
| 263 | $ip_ary = gethostbynamel($hostname); |
| 264 | |
| 265 | foreach ($ip_ary as $ip) |
| 266 | {
|
| 267 | if ($ip)
|
| 268 | {
|
| 269 | $iplist[] = $ip; |
| 270 | } |
| 271 | } |
| 272 | |
| 273 | // Check for own server...
|
| 274 | if (preg_match('#^.*?' . $config['server_name'] . '.*?$#i', $hostname)) |
| 275 | {
|
| 276 | $allowed = true;
|
| 277 | } |
| 278 | |
| 279 | // Get IP's and Hostnames
|
| 280 | if (!$allowed)
|
| 281 | {
|
| 282 | $sql = 'SELECT site_ip, site_hostname, ip_exclude
|
| 283 | FROM ' . SITELIST_TABLE;
|
| 284 | $result = $db->sql_query($sql); |
| 285 | |
| 286 | while ($row = $db->sql_fetchrow($result))
|
| 287 | {
|
| 288 | $site_ip = trim($row['site_ip']);
|
| 289 | $site_hostname = trim($row['site_hostname']);
|
| 290 | |
| 291 | if ($site_ip)
|
| 292 | {
|
| 293 | foreach ($iplist as $ip) |
| 294 | {
|
| 295 | if (preg_match('#^' . str_replace('*', '.*?', $site_ip) . '$#i', $ip)) |
| 296 | {
|
| 297 | if ($row['ip_exclude']) |
| 298 | {
|
| 299 | $allowed = ($config['secure_allow_deny']) ? false : true; |
| 300 | break 2; |
| 301 | } |
| 302 | else
|
| 303 | {
|
| 304 | $allowed = ($config['secure_allow_deny']) ? true : false; |
| 305 | } |
| 306 | } |
| 307 | } |
| 308 | } |
| 309 | |
| 310 | if ($site_hostname)
|
| 311 | {
|
| 312 | if (preg_match('#^' . str_replace('*', '.*?', $site_hostname) . '$#i', $hostname)) |
| 313 | {
|
| 314 | if ($row['ip_exclude']) |
| 315 | {
|
| 316 | $allowed = ($config['secure_allow_deny']) ? false : true; |
| 317 | break;
|
| 318 | } |
| 319 | else
|
| 320 | {
|
| 321 | $allowed = ($config['secure_allow_deny']) ? true : false; |
| 322 | } |
| 323 | } |
| 324 | } |
| 325 | } |
| 326 | |
| 327 | $db->sql_freeresult($result); |
| 328 | } |
| 329 | |
| 330 | return $allowed;
|
| 331 | } |
| 332 | |
| 333 | ?> |