[ticket/11226] filespec::move_file() should error correctly
* Nicofuma/ticket/11226:
[ticket/11226] Explicity set file_moved to false
[ticket/11226] Add tests
[ticket/11226] Use $user->lang()
[ticket/11226] filespec::move_file() should error correctly
* There MUST NOT be trailing whitespace at the end of lines.
* There MUST NOT be whitespace before the first content of a file.
* There MUST NOT be whitespace after the last content of a file.
* Functions MUST NOT contain multiple empty lines in a row.
PHPBB3-12458
Upload filenames are already processed via htmlspecialchars in the
type_cast_helper of the new request class. There is no need to run it through
htmlspecialchars() again in the filespec class.
PHPBB3-12211
This commit is a highly-refactored and up-to-date version of Fyorl's work
which was part of his Google Summer of Code 2012 project "Attachment
Improvements".
PHPBB3-10929
fileupload::image_types() and filespec::get_extension() are called
statically while submitting the form for the remote avatar. Make them
static as described in the ticket in order to prevent a PHP notice.
Also change the tests to use the static functions.
PHPBB3-10763
filespec::get_mimetype now uses the finfo class in order to detect the
mimetype of a given filename. filespec::is_image() now uses this method.
PHPBB3-10963
* develop-olympus:
[ticket/10908] Document that 0 filesize configuration means limited by PHP
[ticket/10908] Download files only up to max_upload_filesize if limit is 0
I added two function avatar_explanation_string() and avatar_error_wrong_size()
for easier handling of the "pixels"-languages, as they are used quite often.
PHPBB3-10345
explode('|', '') and explode('|', NULL) both return array(0 => '') which can
cause filespec::check_content() to reject everything starting with a '<'
character in case $config['mime_triggers'] is an empty string or not set.
fileupload::set_disallowed_content() now filters out empty strings by calling
array_diff() on the passed array, so setting $config['mime_triggers'] to an
empty string will turn off mime checking completely.
On the other side we want to fail safe if $config['mime_triggers'] is not set
at all. To do this, the array fileupload::$disallowed_content now contains some
default strings to be filtered out.
PHPBB3-9764
When magic_quotes_gpc is 'On' it also affects the $_FILES array and a filename
like 'bantu"s testfile.txt' will be returned as 'bantu\"s testfile.txt'.
Because utf8_basename() also strips off anything before the last backslash
the filename was returned as '"s testfile.txt'.
Calling stripslashes() before utf8_basename() solves the problem.
PHPBB3-9615
Remember that the recent changes broke compatibility with old uploaded avatars and that there were changes to the database entries.
git-svn-id: file:///svn/phpbb/trunk@7453 89ea8834-ac86-4346-8a33-228a782c2dd0
-Route all avatar downloads through download.php - adrien
-Change the way inline attachments are delivered
-Fixes a few (unreported) bugs, notably avatar upload during group generation
-#10079
git-svn-id: file:///svn/phpbb/trunk@7429 89ea8834-ac86-4346-8a33-228a782c2dd0
