Zeile 32 | Zeile 32 |
---|
$query = $db->simple_select("attachments", "aid, attachname, thumbnail, visible", "aid='{$aid}' AND pid='{$pid}'"); $attachment = $db->fetch_array($query); }
|
$query = $db->simple_select("attachments", "aid, attachname, thumbnail, visible", "aid='{$aid}' AND pid='{$pid}'"); $attachment = $db->fetch_array($query); }
|
|
|
$plugins->run_hooks("remove_attachment_do_delete", $attachment);
|
$plugins->run_hooks("remove_attachment_do_delete", $attachment);
|
|
|
$db->delete_query("attachments", "aid='{$attachment['aid']}'");
|
$db->delete_query("attachments", "aid='{$attachment['aid']}'");
|
if(defined('IN_ADMINCP')) { $uploadpath = '../'.$mybb->settings['uploadspath']; } else { $uploadpath = $mybb->settings['uploadspath'];
| if(defined('IN_ADMINCP')) { $uploadpath = '../'.$mybb->settings['uploadspath']; } else { $uploadpath = $mybb->settings['uploadspath'];
|
}
|
}
|
|
|
// Check if this attachment is referenced in any other posts. If it isn't, then we are safe to delete the actual file. $query = $db->simple_select("attachments", "COUNT(aid) as numreferences", "attachname='".$db->escape_string($attachment['attachname'])."'"); if($db->fetch_field($query, "numreferences") == 0)
| // Check if this attachment is referenced in any other posts. If it isn't, then we are safe to delete the actual file. $query = $db->simple_select("attachments", "COUNT(aid) as numreferences", "attachname='".$db->escape_string($attachment['attachname'])."'"); if($db->fetch_field($query, "numreferences") == 0)
|
Zeile 61 | Zeile 61 |
---|
{ @rmdir($uploadpath."/".$date_directory[0]); }
|
{ @rmdir($uploadpath."/".$date_directory[0]); }
|
}
| }
|
if($attachment['visible'] == 1 && $pid) { $post = get_post($pid);
| if($attachment['visible'] == 1 && $pid) { $post = get_post($pid);
|
Zeile 79 | Zeile 79 |
---|
function remove_attachments($pid, $posthash="") { global $db, $mybb, $plugins;
|
function remove_attachments($pid, $posthash="") { global $db, $mybb, $plugins;
|
|
|
if($pid) { $post = get_post($pid);
| if($pid) { $post = get_post($pid);
|
Zeile 88 | Zeile 88 |
---|
if($posthash != "" && !$pid) { $query = $db->simple_select("attachments", "*", "posthash='$posthash'");
|
if($posthash != "" && !$pid) { $query = $db->simple_select("attachments", "*", "posthash='$posthash'");
|
} else
| } else
|
{ $query = $db->simple_select("attachments", "*", "pid='$pid'");
|
{ $query = $db->simple_select("attachments", "*", "pid='$pid'");
|
}
| }
|
if(defined('IN_ADMINCP')) { $uploadpath = '../'.$mybb->settings['uploadspath']; } else
|
if(defined('IN_ADMINCP')) { $uploadpath = '../'.$mybb->settings['uploadspath']; } else
|
{
| {
|
$uploadpath = $mybb->settings['uploadspath']; }
| $uploadpath = $mybb->settings['uploadspath']; }
|
Zeile 107 | Zeile 107 |
---|
while($attachment = $db->fetch_array($query)) { if($attachment['visible'] == 1)
|
while($attachment = $db->fetch_array($query)) { if($attachment['visible'] == 1)
|
{
| {
|
$num_attachments++; }
|
$num_attachments++; }
|
|
|
$plugins->run_hooks("remove_attachments_do_delete", $attachment);
|
$plugins->run_hooks("remove_attachments_do_delete", $attachment);
|
|
|
$db->delete_query("attachments", "aid='".$attachment['aid']."'");
|
$db->delete_query("attachments", "aid='".$attachment['aid']."'");
|
|
|
// Check if this attachment is referenced in any other posts. If it isn't, then we are safe to delete the actual file. $query2 = $db->simple_select("attachments", "COUNT(aid) as numreferences", "attachname='".$db->escape_string($attachment['attachname'])."'"); if($db->fetch_field($query2, "numreferences") == 0)
| // Check if this attachment is referenced in any other posts. If it isn't, then we are safe to delete the actual file. $query2 = $db->simple_select("attachments", "COUNT(aid) as numreferences", "attachname='".$db->escape_string($attachment['attachname'])."'"); if($db->fetch_field($query2, "numreferences") == 0)
|
Zeile 132 | Zeile 132 |
---|
} } }
|
} } }
|
|
|
if($post['tid'])
|
if($post['tid'])
|
{ update_thread_counters($post['tid'], array("attachmentcount" => "-{$num_attachments}")); } }
| { update_thread_counters($post['tid'], array("attachmentcount" => "-{$num_attachments}")); } }
|
/** * Remove any matching avatars for a specific user ID
| /** * Remove any matching avatars for a specific user ID
|
Zeile 148 | Zeile 148 |
---|
function remove_avatars($uid, $exclude="") { global $mybb, $plugins;
|
function remove_avatars($uid, $exclude="") { global $mybb, $plugins;
|
|
|
if(defined('IN_ADMINCP'))
|
if(defined('IN_ADMINCP'))
|
{
| {
|
$avatarpath = '../'.$mybb->settings['avataruploadpath']; } else { $avatarpath = $mybb->settings['avataruploadpath'];
|
$avatarpath = '../'.$mybb->settings['avataruploadpath']; } else { $avatarpath = $mybb->settings['avataruploadpath'];
|
}
| }
|
$dir = opendir($avatarpath); if($dir) { while($file = @readdir($dir)) { $plugins->run_hooks("remove_avatars_do_delete", $file);
|
$dir = opendir($avatarpath); if($dir) { while($file = @readdir($dir)) { $plugins->run_hooks("remove_avatars_do_delete", $file);
|
|
|
if(preg_match("#avatar_".$uid."\.#", $file) && is_file($avatarpath."/".$file) && $file != $exclude) { @unlink($avatarpath."/".$file);
| if(preg_match("#avatar_".$uid."\.#", $file) && is_file($avatarpath."/".$file) && $file != $exclude) { @unlink($avatarpath."/".$file);
|
Zeile 183 | Zeile 183 |
---|
* @return array Array of errors if any, otherwise filename of successful. */ function upload_avatar($avatar=array(), $uid=0)
|
* @return array Array of errors if any, otherwise filename of successful. */ function upload_avatar($avatar=array(), $uid=0)
|
{
| {
|
global $db, $mybb, $lang, $plugins;
|
global $db, $mybb, $lang, $plugins;
|
|
|
if(!$uid) { $uid = $mybb->user['uid'];
| if(!$uid) { $uid = $mybb->user['uid'];
|
Zeile 197 | Zeile 197 |
---|
}
if(!is_uploaded_file($avatar['tmp_name']))
|
}
if(!is_uploaded_file($avatar['tmp_name']))
|
{ $ret['error'] = $lang->error_uploadfailed;
| { $ret['error'] = $lang->error_uploadfailed;
|
return $ret; }
// Check we have a valid extension $ext = get_extension(my_strtolower($avatar['name']));
|
return $ret; }
// Check we have a valid extension $ext = get_extension(my_strtolower($avatar['name']));
|
if(!preg_match("#^(gif|jpg|jpeg|jpe|bmp|png)$#i", $ext))
| if(!preg_match("#^(gif|jpg|jpeg|jpe|bmp|png)$#i", $ext))
|
{ $ret['error'] = $lang->error_avatartype; return $ret; }
|
{ $ret['error'] = $lang->error_avatartype; return $ret; }
|
|
|
if(defined('IN_ADMINCP')) { $avatarpath = '../'.$mybb->settings['avataruploadpath']; $lang->load("messages", true);
|
if(defined('IN_ADMINCP')) { $avatarpath = '../'.$mybb->settings['avataruploadpath']; $lang->load("messages", true);
|
}
| }
|
else { $avatarpath = $mybb->settings['avataruploadpath']; }
|
else { $avatarpath = $mybb->settings['avataruploadpath']; }
|
|
|
$filename = "avatar_".$uid.".".$ext; $file = upload_file($avatar, $avatarpath, $filename); if($file['error']) {
|
$filename = "avatar_".$uid.".".$ext; $file = upload_file($avatar, $avatarpath, $filename); if($file['error']) {
|
@unlink($avatarpath."/".$filename);
| @unlink($avatarpath."/".$filename);
|
$ret['error'] = $lang->error_uploadfailed; return $ret;
|
$ret['error'] = $lang->error_uploadfailed; return $ret;
|
}
| }
|
// Lets just double check that it exists
|
// Lets just double check that it exists
|
Zeile 237 | Zeile 237 |
---|
@unlink($avatarpath."/".$filename); return $ret; }
|
@unlink($avatarpath."/".$filename); return $ret; }
|
|
|
// Check if this is a valid image or not $img_dimensions = @getimagesize($avatarpath."/".$filename); if(!is_array($img_dimensions))
| // Check if this is a valid image or not $img_dimensions = @getimagesize($avatarpath."/".$filename); if(!is_array($img_dimensions))
|
Zeile 246 | Zeile 246 |
---|
$ret['error'] = $lang->error_uploadfailed; return $ret; }
|
$ret['error'] = $lang->error_uploadfailed; return $ret; }
|
|
|
// Check avatar dimensions if($mybb->settings['maxavatardims'] != '') {
| // Check avatar dimensions if($mybb->settings['maxavatardims'] != '') {
|
Zeile 263 | Zeile 263 |
---|
$ret['error'] = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $ret['error'] .= "<br /><br />".$lang->error_avatarresizefailed; @unlink($avatarpath."/".$filename);
|
$ret['error'] = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); $ret['error'] .= "<br /><br />".$lang->error_avatarresizefailed; @unlink($avatarpath."/".$filename);
|
return $ret;
| return $ret;
|
} else {
| } else {
|
Zeile 282 | Zeile 282 |
---|
} @unlink($avatarpath."/".$filename); return $ret;
|
} @unlink($avatarpath."/".$filename); return $ret;
|
}
| }
|
} }
|
} }
|
|
|
// Next check the file size if($avatar['size'] > ($mybb->settings['avatarsize']*1024) && $mybb->settings['avatarsize'] > 0)
|
// Next check the file size if($avatar['size'] > ($mybb->settings['avatarsize']*1024) && $mybb->settings['avatarsize'] > 0)
|
{
| {
|
@unlink($avatarpath."/".$filename); $ret['error'] = $lang->error_uploadsize;
|
@unlink($avatarpath."/".$filename); $ret['error'] = $lang->error_uploadsize;
|
return $ret; }
| return $ret; }
|
// Check a list of known MIME types to establish what kind of avatar we're uploading switch(my_strtolower($avatar['type'])) {
| // Check a list of known MIME types to establish what kind of avatar we're uploading switch(my_strtolower($avatar['type'])) {
|
Zeile 306 | Zeile 306 |
---|
case "image/pjpeg": case "image/jpg": $img_type = 2;
|
case "image/pjpeg": case "image/jpg": $img_type = 2;
|
break;
| break;
|
case "image/png": case "image/x-png": $img_type = 3;
| case "image/png": case "image/x-png": $img_type = 3;
|
Zeile 314 | Zeile 314 |
---|
default: $img_type = 0; }
|
default: $img_type = 0; }
|
|
|
// Check if the uploaded file type matches the correct image type (returned by getimagesize) if($img_dimensions[2] != $img_type || $img_type == 0) { $ret['error'] = $lang->error_uploadfailed; @unlink($avatarpath."/".$filename);
|
// Check if the uploaded file type matches the correct image type (returned by getimagesize) if($img_dimensions[2] != $img_type || $img_type == 0) { $ret['error'] = $lang->error_uploadfailed; @unlink($avatarpath."/".$filename);
|
return $ret;
| return $ret;
|
} // Everything is okay so lets delete old avatars for this user remove_avatars($uid, $filename);
| } // Everything is okay so lets delete old avatars for this user remove_avatars($uid, $filename);
|
Zeile 344 | Zeile 344 |
---|
function upload_attachment($attachment, $update_attachment=false) { global $db, $theme, $templates, $posthash, $pid, $tid, $forum, $mybb, $lang, $plugins, $cache;
|
function upload_attachment($attachment, $update_attachment=false) { global $db, $theme, $templates, $posthash, $pid, $tid, $forum, $mybb, $lang, $plugins, $cache;
|
|
|
$posthash = $db->escape_string($mybb->input['posthash']); $pid = intval($pid);
| $posthash = $db->escape_string($mybb->input['posthash']); $pid = intval($pid);
|
Zeile 367 | Zeile 367 |
---|
break; case 6: // UPLOAD_ERR_NO_TMP_DIR $ret['error'] .= $lang->error_uploadfailed_php6;
|
break; case 6: // UPLOAD_ERR_NO_TMP_DIR $ret['error'] .= $lang->error_uploadfailed_php6;
|
break;
| break;
|
case 7: // UPLOAD_ERR_CANT_WRITE $ret['error'] .= $lang->error_uploadfailed_php7; break;
| case 7: // UPLOAD_ERR_CANT_WRITE $ret['error'] .= $lang->error_uploadfailed_php7; break;
|
Zeile 377 | Zeile 377 |
---|
} return $ret; }
|
} return $ret; }
|
|
|
if(!is_uploaded_file($attachment['tmp_name']) || empty($attachment['tmp_name'])) { $ret['error'] = $lang->error_uploadfailed.$lang->error_uploadfailed_php4; return $ret; }
|
if(!is_uploaded_file($attachment['tmp_name']) || empty($attachment['tmp_name'])) { $ret['error'] = $lang->error_uploadfailed.$lang->error_uploadfailed_php4; return $ret; }
|
|
|
$ext = get_extension($attachment['name']); // Check if we have a valid extension $query = $db->simple_select("attachtypes", "*", "extension='".$db->escape_string($ext)."'");
| $ext = get_extension($attachment['name']); // Check if we have a valid extension $query = $db->simple_select("attachtypes", "*", "extension='".$db->escape_string($ext)."'");
|
Zeile 393 | Zeile 393 |
---|
$ret['error'] = $lang->error_attachtype; return $ret; }
|
$ret['error'] = $lang->error_attachtype; return $ret; }
|
|
|
// Check the size if($attachment['size'] > $attachtype['maxsize']*1024 && $attachtype['maxsize'] != "") {
| // Check the size if($attachment['size'] > $attachtype['maxsize']*1024 && $attachtype['maxsize'] != "") {
|
Zeile 456 | Zeile 456 |
---|
} } }
|
} } }
|
|
|
// All seems to be good, lets move the attachment! $filename = "post_".$mybb->user['uid']."_".TIME_NOW."_".md5(random_str()).".attach";
|
// All seems to be good, lets move the attachment! $filename = "post_".$mybb->user['uid']."_".TIME_NOW."_".md5(random_str()).".attach";
|
|
|
$file = upload_file($attachment, $mybb->settings['uploadspath']."/".$month_dir, $filename);
|
$file = upload_file($attachment, $mybb->settings['uploadspath']."/".$month_dir, $filename);
|
|
|
// Failed to create the attachment in the monthly directory, just throw it in the main directory if($file['error'] && $month_dir)
|
// Failed to create the attachment in the monthly directory, just throw it in the main directory if($file['error'] && $month_dir)
|
{ $file = upload_file($attachment, $mybb->settings['uploadspath'].'/', $filename); }
if($month_dir) {
| { $file = upload_file($attachment, $mybb->settings['uploadspath'].'/', $filename); } elseif($month_dir) {
|
$filename = $month_dir."/".$filename; }
|
$filename = $month_dir."/".$filename; }
|
|
|
if($file['error']) { $ret['error'] = $lang->error_uploadfailed.$lang->error_uploadfailed_detail;
| if($file['error']) { $ret['error'] = $lang->error_uploadfailed.$lang->error_uploadfailed_detail;
|
Zeile 483 | Zeile 482 |
---|
break; case 2: $ret['error'] .= $lang->error_uploadfailed_movefailed;
|
break; case 2: $ret['error'] .= $lang->error_uploadfailed_movefailed;
|
break; }
| break; }
|
return $ret; }
| return $ret; }
|
Zeile 531 | Zeile 530 |
---|
default: $img_type = 0; }
|
default: $img_type = 0; }
|
|
|
$supported_mimes = array(); $attachtypes = $cache->read("attachtypes"); foreach($attachtypes as $attachtype)
| $supported_mimes = array(); $attachtypes = $cache->read("attachtypes"); foreach($attachtypes as $attachtype)
|
Zeile 554 | Zeile 553 |
---|
finfo_close($file_info); } else if(function_exists("mime_content_type"))
|
finfo_close($file_info); } else if(function_exists("mime_content_type"))
|
{
| {
|
$mime = mime_content_type(MYBB_ROOT.$file_path);
|
$mime = mime_content_type(MYBB_ROOT.$file_path);
|
}
| }
|
if(!is_array($img_dimensions) || ($img_dimensions[2] != $img_type && !in_array($mime, $supported_mimes))) { @unlink($mybb->settings['uploadspath']."/".$filename); $ret['error'] = $lang->error_uploadfailed;
|
if(!is_array($img_dimensions) || ($img_dimensions[2] != $img_type && !in_array($mime, $supported_mimes))) { @unlink($mybb->settings['uploadspath']."/".$filename); $ret['error'] = $lang->error_uploadfailed;
|
return $ret; }
| return $ret; }
|
require_once MYBB_ROOT."inc/functions_image.php"; $thumbname = str_replace(".attach", "_thumb.$ext", $filename); $thumbnail = generate_thumbnail($mybb->settings['uploadspath']."/".$filename, $mybb->settings['uploadspath'], $thumbname, $mybb->settings['attachthumbh'], $mybb->settings['attachthumbw']);
|
require_once MYBB_ROOT."inc/functions_image.php"; $thumbname = str_replace(".attach", "_thumb.$ext", $filename); $thumbnail = generate_thumbnail($mybb->settings['uploadspath']."/".$filename, $mybb->settings['uploadspath'], $thumbname, $mybb->settings['attachthumbh'], $mybb->settings['attachthumbw']);
|
|
|
if($thumbnail['filename'])
|
if($thumbnail['filename'])
|
{
| {
|
$attacharray['thumbnail'] = $thumbnail['filename']; } elseif($thumbnail['code'] == 4) { $attacharray['thumbnail'] = "SMALL";
|
$attacharray['thumbnail'] = $thumbnail['filename']; } elseif($thumbnail['code'] == 4) { $attacharray['thumbnail'] = "SMALL";
|
}
| }
|
} if($forum['modattachments'] == 1 && !is_moderator($forum['fid'], "", $mybb->user['uid'])) {
| } if($forum['modattachments'] == 1 && !is_moderator($forum['fid'], "", $mybb->user['uid'])) {
|
Zeile 585 | Zeile 584 |
---|
{ $attacharray['visible'] = 1; }
|
{ $attacharray['visible'] = 1; }
|
|
|
$attacharray = $plugins->run_hooks("upload_attachment_do_insert", $attacharray);
|
$attacharray = $plugins->run_hooks("upload_attachment_do_insert", $attacharray);
|
|
|
if($prevattach['aid'] && $update_attachment == true) { unset($attacharray['downloads']); // Keep our download count if we're updating an attachment
| if($prevattach['aid'] && $update_attachment == true) { unset($attacharray['downloads']); // Keep our download count if we're updating an attachment
|
Zeile 597 | Zeile 596 |
---|
else { $aid = $db->insert_query("attachments", $attacharray);
|
else { $aid = $db->insert_query("attachments", $attacharray);
|
}
if($pid) { update_thread_counters($tid, array("attachmentcount" => "+1"));
| if($pid) { update_thread_counters($tid, array("attachmentcount" => "+1")); }
|
} $ret['aid'] = $aid; return $ret;
| } $ret['aid'] = $aid; return $ret;
|
Zeile 617 | Zeile 615 |
---|
function upload_file($file, $path, $filename="") { global $plugins;
|
function upload_file($file, $path, $filename="") { global $plugins;
|
|
|
if(empty($file['name']) || $file['name'] == "none" || $file['size'] < 1) { $upload['error'] = 1; return $upload;
|
if(empty($file['name']) || $file['name'] == "none" || $file['size'] < 1) { $upload['error'] = 1; return $upload;
|
}
| }
|
if(!$filename) { $filename = $file['name']; }
|
if(!$filename) { $filename = $file['name']; }
|
|
|
$upload['original_filename'] = preg_replace("#/$#", "", $file['name']); // Make the filename safe $filename = preg_replace("#/$#", "", $filename); // Make the filename safe $moved = @move_uploaded_file($file['tmp_name'], $path."/".$filename);
|
$upload['original_filename'] = preg_replace("#/$#", "", $file['name']); // Make the filename safe $filename = preg_replace("#/$#", "", $filename); // Make the filename safe $moved = @move_uploaded_file($file['tmp_name'], $path."/".$filename);
|
|
|
if(!$moved) { $upload['error'] = 2;
| if(!$moved) { $upload['error'] = 2;
|