Vergleich attachment.php - 1.8.0 - 1.8.20

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 21Zeile 21
// Find the AID we're looking for
if(isset($mybb->input['thumbnail']))
{

// Find the AID we're looking for
if(isset($mybb->input['thumbnail']))
{

	$aid = $mybb->get_input('thumbnail', 1);

	$aid = $mybb->get_input('thumbnail', MyBB::INPUT_INT);

}
else
{

}
else
{

	$aid = $mybb->get_input('aid', 1);

	$aid = $mybb->get_input('aid', MyBB::INPUT_INT);

}


}


$pid = $mybb->get_input('pid', 1);

$pid = $mybb->get_input('pid', MyBB::INPUT_INT);


// Select attachment data from database
if($aid)


// Select attachment data from database
if($aid)

Zeile 47Zeile 47
{
error($lang->error_invalidattachment);
}

{
error($lang->error_invalidattachment);
}

 

if($attachment['thumbnail'] == '' && isset($mybb->input['thumbnail']))
{
error($lang->error_invalidattachment);
}

$attachtypes = (array)$cache->read('attachtypes');
$ext = get_extension($attachment['filename']);

if(empty($attachtypes[$ext]))
{
error($lang->error_invalidattachment);
}

$attachtype = $attachtypes[$ext];


$pid = $attachment['pid'];

// Don't check the permissions on preview
if($pid || $attachment['uid'] != $mybb->user['uid'])
{
$post = get_post($pid);

$pid = $attachment['pid'];

// Don't check the permissions on preview
if($pid || $attachment['uid'] != $mybb->user['uid'])
{
$post = get_post($pid);

	$thread = get_thread($post['tid']);

if(!$thread && !isset($mybb->input['thumbnail']))
{
error($lang->error_invalidthread);
}
$fid = $thread['fid'];

// Get forum info
$forum = get_forum($fid);

// Permissions
$forumpermissions = forum_permissions($fid);

if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']) || ($forumpermissions['candlattachments'] == 0 && !$mybb->input['thumbnail']))
{
error_no_permission();
}

// Error if attachment is invalid or not visible
if(!$attachment['attachname'] || (!is_moderator($fid, "canviewunapprove") && ($attachment['visible'] != 1 || $thread['visible'] != 1 || $post['visible'] != 1)))
{
error($lang->error_invalidattachment);
}










	// Check permissions if the post is not a draft
if($post['visible'] != -2)
{
$thread = get_thread($post['tid']);

if(!$thread && !isset($mybb->input['thumbnail']))
{
error($lang->error_invalidthread);
}
$fid = $thread['fid'];

// Get forum info
$forum = get_forum($fid);

// Permissions
$forumpermissions = forum_permissions($fid);

if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']) || ($forumpermissions['candlattachments'] == 0 && !$mybb->input['thumbnail']))
{
error_no_permission();
}

// Error if attachment is invalid or not visible
if(!$attachment['attachname'] || (!is_moderator($fid, "canviewunapprove") && ($attachment['visible'] != 1 || $thread['visible'] != 1 || $post['visible'] != 1)))
{
error($lang->error_invalidattachment);
}

if($attachtype['forums'] != -1 && strpos(','.$attachtype['forums'].',', ','.$fid.',') === false)
{
error_no_permission();
}
}

}

}





if(!isset($mybb->input['thumbnail'])) // Only increment the download count if this is not a thumbnail
{

if(!isset($mybb->input['thumbnail'])) // Only increment the download count if this is not a thumbnail
{

 
	if(!is_member($attachtype['groups']))
{
error_no_permission();
}


	$attachupdate = array(
"downloads" => $attachment['downloads']+1,
);

	$attachupdate = array(
"downloads" => $attachment['downloads']+1,
);

Zeile 93Zeile 123
$plugins->run_hooks("attachment_end");

if(isset($mybb->input['thumbnail']))

$plugins->run_hooks("attachment_end");

if(isset($mybb->input['thumbnail']))

{






{
if(!file_exists($mybb->settings['uploadspath']."/".$attachment['thumbnail']))
{
error($lang->error_invalidattachment);
}


	$ext = get_extension($attachment['thumbnail']);
switch($ext)
{

	$ext = get_extension($attachment['thumbnail']);
switch($ext)
{

Zeile 102Zeile 137
			break;
case "bmp":
$type = "image/bmp";

			break;
case "bmp":
$type = "image/bmp";

			break;

			break;

		case "png":
$type = "image/png";
break;

		case "png":
$type = "image/png";
break;

Zeile 129Zeile 164
}
else
{

}
else
{

 
	if(!file_exists($mybb->settings['uploadspath']."/".$attachment['attachname']))
{
error($lang->error_invalidattachment);
}


	$ext = get_extension($attachment['filename']);

switch($attachment['filetype'])

	$ext = get_extension($attachment['filename']);

switch($attachment['filetype'])