Vergleich inc/functions_upload.php - 1.6.11 - 1.6.17

Zeile 439	Zeile 439
$ret['error'] = $lang->error_alreadyuploaded; return $ret;	$ret['error'] = $lang->error_alreadyuploaded; return $ret;
	} // Check to see how many attachments exist for this post already if($mybb->settings['maxattachments'] > 0 && $update_attachment == false) { $query = $db->simple_select("attachments", "COUNT(aid) AS numattachs", $uploaded_query); $attachcount = $db->fetch_field($query, "numattachs"); if($attachcount >= $mybb->settings['maxattachments']) { $ret['error'] = $lang->sprintf($lang->error_maxattachpost, $mybb->settings['maxattachments']); return $ret; }
} $month_dir = '';	} $month_dir = '';
Zeile 458	Zeile 470
} // All seems to be good, lets move the attachment!	} // All seems to be good, lets move the attachment!
$filename = "post_".$mybb->user['uid']."_".TIME_NOW."_".md5(random_str()).".attach";	$filename = "post_".$mybb->user['uid']."_".TIME_NOW."_".md5(random_str()).".attach";
$file = upload_file($attachment, $mybb->settings['uploadspath']."/".$month_dir, $filename); // Failed to create the attachment in the monthly directory, just throw it in the main directory	$file = upload_file($attachment, $mybb->settings['uploadspath']."/".$month_dir, $filename); // Failed to create the attachment in the monthly directory, just throw it in the main directory
Zeile 467	Zeile 479
{ $file = upload_file($attachment, $mybb->settings['uploadspath'].'/', $filename); }	{ $file = upload_file($attachment, $mybb->settings['uploadspath'].'/', $filename); }
if($month_dir)	elseif($month_dir)
{ $filename = $month_dir."/".$filename; }	{ $filename = $month_dir."/".$filename; }
Zeile 516	Zeile 527
{ case "image/gif": $img_type = 1;	{ case "image/gif": $img_type = 1;
break;	break;
case "image/jpeg": case "image/x-jpg": case "image/x-jpeg":	case "image/jpeg": case "image/x-jpg": case "image/x-jpeg":
Zeile 535	Zeile 546
$supported_mimes = array(); $attachtypes = $cache->read("attachtypes"); foreach($attachtypes as $attachtype)	$supported_mimes = array(); $attachtypes = $cache->read("attachtypes"); foreach($attachtypes as $attachtype)
{	{
if(!empty($attachtype['mimetype'])) { $supported_mimes[] = $attachtype['mimetype']; }	if(!empty($attachtype['mimetype'])) { $supported_mimes[] = $attachtype['mimetype']; }
}	}
// Check if the uploaded file type matches the correct image type (returned by getimagesize) $img_dimensions = @getimagesize($mybb->settings['uploadspath']."/".$filename);	// Check if the uploaded file type matches the correct image type (returned by getimagesize) $img_dimensions = @getimagesize($mybb->settings['uploadspath']."/".$filename);
Zeile 554	Zeile 565
finfo_close($file_info); } else if(function_exists("mime_content_type"))	finfo_close($file_info); } else if(function_exists("mime_content_type"))
{	{
$mime = mime_content_type(MYBB_ROOT.$file_path);	$mime = mime_content_type(MYBB_ROOT.$file_path);
}	}
if(!is_array($img_dimensions) \|\| ($img_dimensions[2] != $img_type && !in_array($mime, $supported_mimes)))	if(!is_array($img_dimensions) \|\| ($img_dimensions[2] != $img_type && !in_array($mime, $supported_mimes)))
{	{
@unlink($mybb->settings['uploadspath']."/".$filename); $ret['error'] = $lang->error_uploadfailed; return $ret;	@unlink($mybb->settings['uploadspath']."/".$filename); $ret['error'] = $lang->error_uploadfailed; return $ret;
Zeile 573	Zeile 584
$attacharray['thumbnail'] = $thumbnail['filename']; } elseif($thumbnail['code'] == 4)	$attacharray['thumbnail'] = $thumbnail['filename']; } elseif($thumbnail['code'] == 4)
{	{
$attacharray['thumbnail'] = "SMALL";	$attacharray['thumbnail'] = "SMALL";
} }	} }
if($forum['modattachments'] == 1 && !is_moderator($forum['fid'], "", $mybb->user['uid']))	if($forum['modattachments'] == 1 && !is_moderator($forum['fid'], "", $mybb->user['uid']))
{	{
$attacharray['visible'] = 0;	$attacharray['visible'] = 0;
}	}
else	else
{	{
$attacharray['visible'] = 1; }	$attacharray['visible'] = 1; }
$attacharray = $plugins->run_hooks("upload_attachment_do_insert", $attacharray);	$attacharray = $plugins->run_hooks("upload_attachment_do_insert", $attacharray);
if($prevattach['aid'] && $update_attachment == true) { unset($attacharray['downloads']); // Keep our download count if we're updating an attachment $db->update_query("attachments", $attacharray, "aid='".$db->escape_string($prevattach['aid'])."'");	if($prevattach['aid'] && $update_attachment == true) { unset($attacharray['downloads']); // Keep our download count if we're updating an attachment $db->update_query("attachments", $attacharray, "aid='".$db->escape_string($prevattach['aid'])."'");
	// Remove old attachment file // Check if this attachment is referenced in any other posts. If it isn't, then we are safe to delete the actual file. $query = $db->simple_select("attachments", "COUNT(aid) as numreferences", "attachname='".$db->escape_string($prevattach['attachname'])."'"); if($db->fetch_field($query, "numreferences") == 0) { @unlink($mybb->settings['uploadspath']."/".$prevattach['attachname']); if($prevattach['thumbnail']) { @unlink($mybb->settings['uploadspath']."/".$prevattach['thumbnail']); } $date_directory = explode('/', $prevattach['attachname']); if(@is_dir($mybb->settings['uploadspath']."/".$date_directory[0])) { @rmdir($mybb->settings['uploadspath']."/".$date_directory[0]); } }
$aid = $prevattach['aid']; } else	$aid = $prevattach['aid']; } else
Zeile 629	Zeile 659
} $upload['original_filename'] = preg_replace("#/$#", "", $file['name']); // Make the filename safe	} $upload['original_filename'] = preg_replace("#/$#", "", $file['name']); // Make the filename safe
$upload['original_filename'] = utf8_handle_4byte_string($upload['original_filename']);
$filename = preg_replace("#/$#", "", $filename); // Make the filename safe $moved = @move_uploaded_file($file['tmp_name'], $path."/".$filename);	$filename = preg_replace("#/$#", "", $filename); // Make the filename safe $moved = @move_uploaded_file($file['tmp_name'], $path."/".$filename);