If we already have a mimetype and the guesser's guess is the default fallback,
we should keep the already existing mimetype the browser supplied. Otherwise,
platforms that might not support mimetype guessers will cause us to always
have the mimetype set to application/octet-stream on images. This will prevent
users from uploading images.
PHPBB3-13031
[ticket/12557] Fix doc block errors found by Sami for ascraeus
* n-aleha/ticket/12557ascraeus:
[ticket/12557] Fix load active module description
[ticket/12557] Fix php file description
[ticket/12557] Fix post data description for notifications
[ticket/12557] Fix pass by reference doc blocks
[ticket/12557] Fix doc block in extension base class
[ticket/12557] Fix doc block in mimetype guesser
[ticket/12557] Fix var $preserve_cr description
[ticket/12557] Fix doc block errors found by Sami
[ticket/12557] Fix doc block errors found by Sami
[ticket/12557] Fix doc block errors found by Sami
[ticket/12557] Template fixes
[ticket/12557] Search, cron and profilefields fixes
[ticket/12557] Notification fixes
[ticket/12557] Fix doc block errors found by Sami pt1
[ticket/12557] Fix doc block errors found by Sami
[ticket/12557] Fix doc block errors found by Sami
* github-marc1706/ticket/11148:
[ticket/11148] Remove unneeded variable mimetype and use type octet-stream
[ticket/11148] Change expected output with disallowed content in test
[ticket/11148] Always use the output of the mimetype guesser in get_mimetype
[ticket/11148] Get rid of extra line in mimetype guesser setter doc block
[ticket/11148] Add missing parts to docblock of get_mimetype() method
[ticket/11148] Default to application/octet-stream if no mimetype given
[ticket/11148] Use mimetype guesser for uploaded avatars
[ticket/11148] Pass mimetype guesser to upload_attachment() function
[ticket/11148] Add mimetype guesser to filespec and fileupload class
* develop-olympus:
[ticket/12755] Apply de morgan to conditional
[ticket/12755] Terminate upload loop if upload reaches filesize
[ticket/12755] Change upload in remote_upload() method to fit get_remote_file
[ticket/12755] Add language string for timed out remote upload
[ticket/12755] Add timeout to remote upload to prevent infinite loop
Terminate the upload loop if the expected filesize has been reached instead
of trying to read more bytes until the timeout has been reached.
PHPBB3-12755
The variable $mimetype is not used in the method local_upload() afterwards
so it shouldn't be assigned. The correct default mimetype should be
application/octet-stream and not application/octetstream according to RFC 2046.
PHPBB3-11148
The mimetype guesser will be used to get the mimetype of uploaded files.
Until now, this was only used for files uploaded with plupload. If a file
doesn't have a mimetype supplied, we will now try to get the correct mimetype.
PHPBB3-11148
[ticket/11226] filespec::move_file() should error correctly
* Nicofuma/ticket/11226:
[ticket/11226] Explicity set file_moved to false
[ticket/11226] Add tests
[ticket/11226] Use $user->lang()
[ticket/11226] filespec::move_file() should error correctly
* There MUST NOT be trailing whitespace at the end of lines.
* There MUST NOT be whitespace before the first content of a file.
* There MUST NOT be whitespace after the last content of a file.
* Functions MUST NOT contain multiple empty lines in a row.
PHPBB3-12458
Upload filenames are already processed via htmlspecialchars in the
type_cast_helper of the new request class. There is no need to run it through
htmlspecialchars() again in the filespec class.
PHPBB3-12211
This commit is a highly-refactored and up-to-date version of Fyorl's work
which was part of his Google Summer of Code 2012 project "Attachment
Improvements".
PHPBB3-10929
fileupload::image_types() and filespec::get_extension() are called
statically while submitting the form for the remote avatar. Make them
static as described in the ticket in order to prevent a PHP notice.
Also change the tests to use the static functions.
PHPBB3-10763
filespec::get_mimetype now uses the finfo class in order to detect the
mimetype of a given filename. filespec::is_image() now uses this method.
PHPBB3-10963
* develop-olympus:
[ticket/10908] Document that 0 filesize configuration means limited by PHP
[ticket/10908] Download files only up to max_upload_filesize if limit is 0
I added two function avatar_explanation_string() and avatar_error_wrong_size()
for easier handling of the "pixels"-languages, as they are used quite often.
PHPBB3-10345
explode('|', '') and explode('|', NULL) both return array(0 => '') which can
cause filespec::check_content() to reject everything starting with a '<'
character in case $config['mime_triggers'] is an empty string or not set.
fileupload::set_disallowed_content() now filters out empty strings by calling
array_diff() on the passed array, so setting $config['mime_triggers'] to an
empty string will turn off mime checking completely.
On the other side we want to fail safe if $config['mime_triggers'] is not set
at all. To do this, the array fileupload::$disallowed_content now contains some
default strings to be filtered out.
PHPBB3-9764
When magic_quotes_gpc is 'On' it also affects the $_FILES array and a filename
like 'bantu"s testfile.txt' will be returned as 'bantu\"s testfile.txt'.
Because utf8_basename() also strips off anything before the last backslash
the filename was returned as '"s testfile.txt'.
Calling stripslashes() before utf8_basename() solves the problem.
PHPBB3-9615
