Vergleich inc/functions_upload.php - 1.6.8 - 1.6.10

Zeile 6	Zeile 6
* Website: http://mybb.com * License: http://mybb.com/about/license *	* Website: http://mybb.com * License: http://mybb.com/about/license *
* $Id: functions_upload.php 5760 2012-03-09 15:40:38Z Tomm $	* $Id$
*/	*/
Zeile 346	Zeile 346
global $db, $theme, $templates, $posthash, $pid, $tid, $forum, $mybb, $lang, $plugins, $cache; $posthash = $db->escape_string($mybb->input['posthash']);	global $db, $theme, $templates, $posthash, $pid, $tid, $forum, $mybb, $lang, $plugins, $cache; $posthash = $db->escape_string($mybb->input['posthash']);
	$pid = intval($pid);
if(isset($attachment['error']) && $attachment['error'] != 0) {	if(isset($attachment['error']) && $attachment['error'] != 0) {
Zeile 418	Zeile 419
$forumpermissions = forum_permissions($forum['fid']); // Check if an attachment with this name is already in the post	$forumpermissions = forum_permissions($forum['fid']); // Check if an attachment with this name is already in the post
$query = $db->simple_select("attachments", "*", "filename='".$db->escape_string($attachment['name'])."' AND (posthash='$posthash' OR (pid='".intval($pid)."' AND pid!='0'))");	if($pid != 0) { $uploaded_query = "pid='{$pid}'"; } else { $uploaded_query = "posthash='{$posthash}'"; } $query = $db->simple_select("attachments", "*", "filename='".$db->escape_string($attachment['name'])."' AND ".$uploaded_query);
$prevattach = $db->fetch_array($query); if($prevattach['aid'] && $update_attachment == false) {	$prevattach = $db->fetch_array($query); if($prevattach['aid'] && $update_attachment == false) {
Zeile 488	Zeile 497
// Generate the array for the insert_query $attacharray = array(	// Generate the array for the insert_query $attacharray = array(
"pid" => intval($pid),	"pid" => $pid,
"posthash" => $posthash, "uid" => $mybb->user['uid'], "filename" => $db->escape_string($file['original_filename']),	"posthash" => $posthash, "uid" => $mybb->user['uid'], "filename" => $db->escape_string($file['original_filename']),
Zeile 504	Zeile 513
{ // Check a list of known MIME types to establish what kind of image we're uploading switch(my_strtolower($file['type']))	{ // Check a list of known MIME types to establish what kind of image we're uploading switch(my_strtolower($file['type']))
{	{
case "image/gif": $img_type = 1;	case "image/gif": $img_type = 1;
break;	break;
case "image/jpeg": case "image/x-jpg": case "image/x-jpeg":	case "image/jpeg": case "image/x-jpg": case "image/x-jpeg":
Zeile 526	Zeile 535
$supported_mimes = array(); $attachtypes = $cache->read("attachtypes"); foreach($attachtypes as $attachtype)	$supported_mimes = array(); $attachtypes = $cache->read("attachtypes"); foreach($attachtypes as $attachtype)
{	{
if(!empty($attachtype['mimetype'])) { $supported_mimes[] = $attachtype['mimetype']; }	if(!empty($attachtype['mimetype'])) { $supported_mimes[] = $attachtype['mimetype']; }
}	}
// Check if the uploaded file type matches the correct image type (returned by getimagesize) $img_dimensions = @getimagesize($mybb->settings['uploadspath']."/".$filename);	// Check if the uploaded file type matches the correct image type (returned by getimagesize) $img_dimensions = @getimagesize($mybb->settings['uploadspath']."/".$filename);
Zeile 547	Zeile 556
else if(function_exists("mime_content_type")) { $mime = mime_content_type(MYBB_ROOT.$file_path);	else if(function_exists("mime_content_type")) { $mime = mime_content_type(MYBB_ROOT.$file_path);
}	}
if(!is_array($img_dimensions) \|\| ($img_dimensions[2] != $img_type && !in_array($mime, $supported_mimes))) {	if(!is_array($img_dimensions) \|\| ($img_dimensions[2] != $img_type && !in_array($mime, $supported_mimes))) {
Zeile 590	Zeile 599
$aid = $db->insert_query("attachments", $attacharray); }	$aid = $db->insert_query("attachments", $attacharray); }
if($tid)	if($pid)
{ update_thread_counters($tid, array("attachmentcount" => "+1")); }	{ update_thread_counters($tid, array("attachmentcount" => "+1")); }