1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-26 21:21:32 +01:00
Commit Graph

78 Commits

Author SHA1 Message Date
Marc Alexander
106be54de3 [ticket/12211] Do not run attachment file names twice through htmlspecialchars
Upload filenames are already processed via htmlspecialchars in the
type_cast_helper of the new request class. There is no need to run it through
htmlspecialchars() again in the filespec class.

PHPBB3-12211
2014-04-11 21:10:28 +02:00
Andreas Fischer
2050a39da7 [feature/plupload/integration] Integration of Plupload
This commit is a highly-refactored and up-to-date version of Fyorl's work
which was part of his Google Summer of Code 2012 project "Attachment
Improvements".

PHPBB3-10929
2013-10-11 17:40:16 +02:00
Nils Adermann
b95fdacdd3 [ticket/11700] Move all recent code to namespaces
PHPBB3-11700
2013-09-16 00:25:27 +02:00
Nils Adermann
da2752e400 [ticket/11700] Modify all code to use the new interface names
PHPBB3-11700
2013-07-14 13:30:52 -04:00
Marc Alexander
4ae0c78782 [ticket/10763] Use self when calling get_extension() in filespec class
PHPBB3-10763
2012-12-17 19:17:32 +01:00
Marc Alexander
54d96dfac7 [ticket/10763] Make functions for remote avatars static
fileupload::image_types() and filespec::get_extension() are called
statically while submitting the form for the remote avatar. Make them
static as described in the ticket in order to prevent a PHP notice.
Also change the tests to use the static functions.

PHPBB3-10763
2012-12-17 17:42:13 +01:00
Fyorl
91b9cc90dd [ticket/10939] Modified functions_upload to not use $_FILES
PHPBB3-10939
2012-08-15 15:00:03 +01:00
Fyorl
e71474abb5 [ticket/10944] strpos now stricter and removed superfluous ternary
PHPBB3-10944
2012-07-17 17:39:19 +01:00
Fyorl
6aea4db6c7 [ticket/10944] Reverted changes in PHPBB3-10963
is_image now just checks the mimetype reported by the browser
and get_mimetype goes back to being unused.

PHPBB3-10944
2012-07-17 17:39:00 +01:00
Fyorl
4fbcf4eaad [ticket/10963] filespec::get_mimetype now used
filespec::get_mimetype now uses the finfo class in order to detect the
mimetype of a given filename. filespec::is_image() now uses this method.

PHPBB3-10963
2012-07-04 13:27:55 +01:00
Fyorl
f208b59c59 [ticket/10963] Removed superfluous ternary statement and strpos now stricter
PHPBB3-10963
2012-07-02 23:49:40 +01:00
Fyorl
03ddfbbaf1 [ticket/10963] Modified filespec::is_image() to check actual mimetype
Modified filespec::is_image() to check the Fileinfo mimetype rather than
trusting the browser.

PHPBB3-10963
2012-07-02 23:30:47 +01:00
Andreas Fischer
7edb52b9be Merge branch 'develop-olympus' into develop
* develop-olympus:
  [ticket/10908] Document that 0 filesize configuration means limited by PHP
  [ticket/10908] Download files only up to max_upload_filesize if limit is 0
2012-05-31 11:55:12 +02:00
Nils Adermann
13f30e8d9d [ticket/10908] Download files only up to max_upload_filesize if limit is 0
PHPBB3-10908
2012-05-29 14:27:25 +02:00
Unknown
7a04c9048c [ticket/9916] Updating header license and removing Version $Id$
PHPBB3-9916
2011-12-31 13:32:52 +00:00
Joas Schilling
179662e949 [ticket/10345] Use the plural function in some more places.
I added two function avatar_explanation_string() and avatar_error_wrong_size()
for easier handling of the "pixels"-languages, as they are used quite often.

PHPBB3-10345
2011-11-25 15:10:49 -05:00
Andreas Fischer
ac26bb458f [ticket/9764] Allow $config['mime_triggers'] to be an empty string.
explode('|', '') and explode('|', NULL) both return array(0 => '') which can
cause filespec::check_content() to reject everything starting with a '<'
character in case $config['mime_triggers'] is an empty string or not set.

fileupload::set_disallowed_content() now filters out empty strings by calling
array_diff() on the passed array, so setting $config['mime_triggers'] to an
empty string will turn off mime checking completely.

On the other side we want to fail safe if $config['mime_triggers'] is not set
at all. To do this, the array fileupload::$disallowed_content now contains some
default strings to be filtered out.

PHPBB3-9764
2010-10-28 22:00:04 +02:00
Andreas Fischer
dd63f57344 [ticket/9615] magic_quotes_gpc: call stripslashes() before utf8_basename()
When magic_quotes_gpc is 'On' it also affects the $_FILES array and a filename
like 'bantu"s testfile.txt' will be returned as 'bantu\"s testfile.txt'.

Because utf8_basename() also strips off anything before the last backslash
the filename was returned as '"s testfile.txt'.

Calling stripslashes() before utf8_basename() solves the problem.

PHPBB3-9615
2010-08-04 12:35:19 +02:00
Andreas Fischer
e4398ef42e [feature/remote_upload-filesize] Also check HTTP content-length before actually starting the file transfer.
PHPBB3-9517
2010-05-14 01:19:34 +02:00
Andreas Fischer
d19565756a [feature/remote_upload-filesize] When transferring files from a remote webserver, abort the transfer as soon as the allowed filesize has been exceeded.
PHPBB3-9517
2010-05-14 01:19:34 +02:00
Meik Sievertsen
3b73584430 why am i so dumb sometimes... /me hits myself with the dumbness stick...
regression from r10122

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10141 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-09-13 14:31:32 +00:00
Meik Sievertsen
a5e4ca259a Always remove temporary filename (Bug #50965)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10122 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-09-08 14:02:40 +00:00
Meik Sievertsen
2958890439 Apply locale-independent basename() to attachment filenames. New function added: utf8_basename(). (Bug #43335 - Patch by ocean=Yohsuke)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9905 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-08-01 12:28:50 +00:00
Andreas Fischer
54ee31972a Fix bug #47775 - Properly convert and show filesize information
Authorised by: naderman

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9748 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-07-11 10:05:20 +00:00
Meik Sievertsen
9134cb2175 remove hardcoded size unit for PHP_SIZE_OVERRUN error (Bug #29935)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9464 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-04-17 15:52:40 +00:00
Meik Sievertsen
4d7b9b76fa some changes for proper code documentation
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8783 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-08-23 17:23:40 +00:00
Meik Sievertsen
6c763cd8b6 change the way we do chmodd'ing. I know, my implementation really sucked... good we have motivated community members who point this out. ;) Thanks to faw for providing a way better function and for discussing and also abiding to our needs. :) LEW21 should maybe credited too... he gave the inspiration without knowing it.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8780 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-08-22 12:52:48 +00:00
Meik Sievertsen
068096531f the chmod change i already had within the changelog (by mistake). This should further secure writable directories and created files.
Installation need to be tested on different hosts.

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8763 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-08-16 19:06:18 +00:00
Henry Sudhof
fc12c00219 And more new features for reasonable paranoia.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8555 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-05-15 14:10:11 +00:00
Meik Sievertsen
fa22522236 #23525
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8522 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-04-21 13:20:41 +00:00
Meik Sievertsen
3aa3ea89f9 #22355
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8420 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-02-28 19:55:46 +00:00
Meik Sievertsen
6accc46024 some language/style/code fixes (refer to the diff of the changelog)
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8389 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-02-23 13:18:33 +00:00
Meik Sievertsen
e6c79242e6 dumdidum... sorry. ;)
git-svn-id: file:///svn/phpbb/trunk@8146 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-10-05 14:30:11 +00:00
Meik Sievertsen
e503216834 some tiny fixes...
git-svn-id: file:///svn/phpbb/trunk@8087 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-09-12 15:32:11 +00:00
Meik Sievertsen
4c44eddc90 we included a check for getimagesize() existance... now we again can suppress notices while running this function.
git-svn-id: file:///svn/phpbb/trunk@7646 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-19 16:40:56 +00:00
Meik Sievertsen
fbd7416060 #11074 - only process and check (as well as display) images if the category also matches. ;)
git-svn-id: file:///svn/phpbb/trunk@7616 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-17 13:23:13 +00:00
Meik Sievertsen
38e08367d2 label changes, language fixes...
git-svn-id: file:///svn/phpbb/trunk@7608 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-16 14:45:13 +00:00
Henry Sudhof
42ea2b5e2d #10617
git-svn-id: file:///svn/phpbb/trunk@7501 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-07 20:15:15 +00:00
Henry Sudhof
5e7a80cbd8 Still finetuning avatar uploading and delivery.
Remember that the recent changes broke compatibility with old uploaded avatars and that there were changes to the database entries.


git-svn-id: file:///svn/phpbb/trunk@7453 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-03 09:27:02 +00:00
Henry Sudhof
42251d008c Prepare to be yelled at and brace for the tide of bug reports: I had hoped we would not have to do this, but it seems that we have to.
-Route all avatar downloads through download.php - adrien
-Change the way inline attachments are delivered
-Fixes a few (unreported) bugs, notably avatar upload during group generation
-#10079


git-svn-id: file:///svn/phpbb/trunk@7429 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-04-30 10:46:17 +00:00
Meik Sievertsen
1d1b5e6446 some fixes...
git-svn-id: file:///svn/phpbb/trunk@7266 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-04-02 15:47:23 +00:00
Meik Sievertsen
fcec5b61da again... some more fixes.
git-svn-id: file:///svn/phpbb/trunk@7150 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-03-08 15:49:13 +00:00
Meik Sievertsen
7216ffe8be some fixes to be committed.
git-svn-id: file:///svn/phpbb/trunk@6975 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-02-09 14:24:34 +00:00
Meik Sievertsen
766e311ff3 adjust text for getting image dimensions as well as not suppressing warnings for getimagesize()
git-svn-id: file:///svn/phpbb/trunk@6973 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-02-07 16:32:25 +00:00
Meik Sievertsen
00aec3a339 oh my god... someone please slap me very hard for this.
git-svn-id: file:///svn/phpbb/trunk@6945 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-01-28 14:00:59 +00:00
Meik Sievertsen
9e5c25504e - added confirm box to ucp zebra (adding fried/foe)
- permission fixes for conversions
- use more appropiate error message within convertor if source tables could not be found
- other tiny fixes


git-svn-id: file:///svn/phpbb/trunk@6925 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-01-24 11:29:56 +00:00
Meik Sievertsen
48b76be50b tiny alterations
git-svn-id: file:///svn/phpbb/trunk@6846 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-01-06 19:37:09 +00:00
Igor Wiedler
eff1d378cc Merge branch 'develop-olympus' into develop 2011-01-10 23:43:04 +01:00
Igor Wiedler
af5b9a9640 [ticket/9556] Drop php closing tags, add trailing newline
Closing tags converted using Oleg's script.
remove-php-end-tags.py -a .

Trailing newlines added using the following where $ext is file extension.
find . -type f -name "*.$ext" -print | xargs printf "e %s\nw\n" | ed -s;

Extensions: php, css, html, js, xml.

PHPBB3-9556
2010-11-11 19:10:55 +01:00
Igor Wiedler
c0d645c319 Merge branch 'ticket/bantu/7252' into develop
* ticket/bantu/7252:
  [ticket/7252] Align array keys and values to "=>".
  [ticket/7252] Replace magic values with PHP constants.
  [ticket/7252] Replace magic values with PHP constants.
2010-09-12 14:48:09 +02:00