[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'attachment.php');
  13  
  14  require_once  "./global.php";
  15  
  16  if($mybb->settings['enableattachments'] != 1)
  17  {
  18      error($lang->attachments_disabled);
  19  }
  20  
  21  // Find the AID we're looking for
  22  if(isset($mybb->input['thumbnail']))
  23  {
  24      $aid = $mybb->get_input('thumbnail', MyBB::INPUT_INT);
  25  }
  26  else
  27  {
  28      $aid = $mybb->get_input('aid', MyBB::INPUT_INT);
  29  }
  30  
  31  $pid = $mybb->get_input('pid', MyBB::INPUT_INT);
  32  
  33  // Select attachment data from database
  34  if($aid)
  35  {
  36      $query = $db->simple_select("attachments", "*", "aid='{$aid}'");
  37  }
  38  else
  39  {
  40      $query = $db->simple_select("attachments", "*", "pid='{$pid}'");
  41  }
  42  $attachment = $db->fetch_array($query);
  43  
  44  $plugins->run_hooks("attachment_start");
  45  
  46  if(!$attachment)
  47  {
  48      error($lang->error_invalidattachment);
  49  }
  50  
  51  if($attachment['thumbnail'] == '' && isset($mybb->input['thumbnail']))
  52  {
  53      error($lang->error_invalidattachment);
  54  }
  55  
  56  $attachtypes = (array)$cache->read('attachtypes');
  57  $ext = get_extension($attachment['filename']);
  58  
  59  if(empty($attachtypes[$ext]))
  60  {
  61      error($lang->error_invalidattachment);
  62  }
  63  
  64  $attachtype = $attachtypes[$ext];
  65  
  66  $pid = $attachment['pid'];
  67  
  68  // Don't check the permissions on preview
  69  if($pid || $attachment['uid'] != $mybb->user['uid'])
  70  {
  71      $post = get_post($pid);
  72  
  73      if(!$post)
  74      {
  75          error($lang->error_invalidthread);
  76      }
  77  
  78      // Check permissions if the post is not a draft
  79      if($post['visible'] != -2)
  80      {
  81          $thread = get_thread($post['tid']);
  82  
  83          if(!$thread && !isset($mybb->input['thumbnail']))
  84          {
  85              error($lang->error_invalidthread);
  86          }
  87          $fid = $thread['fid'];
  88  
  89          // Get forum info
  90          $forum = get_forum($fid);
  91  
  92          // Permissions
  93          $forumpermissions = forum_permissions($fid);
  94  
  95          if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']) || ($forumpermissions['candlattachments'] == 0 && empty($mybb->input['thumbnail'])))
  96          {
  97              error_no_permission();
  98          }
  99  
 100          // Error if attachment is invalid or not visible
 101          if(!$attachment['attachname'] || (!is_moderator($fid, "canviewunapprove") && ($attachment['visible'] != 1 || $thread['visible'] != 1 || $post['visible'] != 1)))
 102          {
 103              error($lang->error_invalidattachment);
 104          }
 105  
 106          if($attachtype['forums'] != -1 && strpos(','.$attachtype['forums'].',', ','.$fid.',') === false)
 107          {
 108              error_no_permission();
 109          }
 110      }
 111  }
 112  
 113  if(!isset($mybb->input['thumbnail'])) // Only increment the download count if this is not a thumbnail
 114  {
 115      if(!is_member($attachtype['groups']))
 116      {
 117          error_no_permission();
 118      }
 119  
 120      $attachupdate = array(
 121          "downloads" => $attachment['downloads']+1,
 122      );
 123      $db->update_query("attachments", $attachupdate, "aid='{$attachment['aid']}'");
 124  }
 125  
 126  // basename isn't UTF-8 safe. This is a workaround.
 127  $attachment['filename'] = ltrim(basename(' '.$attachment['filename']));
 128  
 129  $uploadspath_abs = mk_path_abs($mybb->settings['uploadspath']);
 130  
 131  $plugins->run_hooks("attachment_end");
 132  
 133  if(isset($mybb->input['thumbnail']))
 134  {
 135      if(!file_exists($uploadspath_abs."/".$attachment['thumbnail']))
 136      {
 137          error($lang->error_invalidattachment);
 138      }
 139  
 140      $ext = get_extension($attachment['thumbnail']);
 141      switch($ext)
 142      {
 143          case "gif":
 144              $type = "image/gif";
 145              break;
 146          case "bmp":
 147              $type = "image/bmp";
 148              break;
 149          case "png":
 150              $type = "image/png";
 151              break;
 152          case "jpg":
 153          case "jpeg":
 154          case "jpe":
 155              $type = "image/jpeg";
 156              break;
 157          default:
 158              $type = "image/unknown";
 159              break;
 160      }
 161  
 162      header("Content-disposition: filename=\"{$attachment['filename']}\"");
 163      header("Content-type: ".$type);
 164      $thumb = $uploadspath_abs."/".$attachment['thumbnail'];
 165      header("Content-length: ".@filesize($thumb));
 166      $handle = fopen($thumb, 'rb');
 167      while(!feof($handle))
 168      {
 169          echo fread($handle, 8192);
 170      }
 171      fclose($handle);
 172  }
 173  else
 174  {
 175      if(!file_exists($uploadspath_abs."/".$attachment['attachname']))
 176      {
 177          error($lang->error_invalidattachment);
 178      }
 179  
 180      $ext = get_extension($attachment['filename']);
 181  
 182      switch($attachment['filetype'])
 183      {
 184          case "application/pdf":
 185          case "image/bmp":
 186          case "image/gif":
 187          case "image/jpeg":
 188          case "image/pjpeg":
 189          case "image/png":
 190          case "text/plain":
 191              header("Content-type: {$attachment['filetype']}");
 192              if(!empty($attachtypes[$ext]['forcedownload']))
 193              {
 194                  $disposition = "attachment";
 195              }
 196              else
 197              {
 198                  $disposition = "inline";
 199              }
 200              break;
 201  
 202          default:
 203              $filetype = $attachment['filetype'];
 204  
 205              if(!$filetype)
 206              {
 207                  $filetype = 'application/force-download';
 208              }
 209  
 210              header("Content-type: {$filetype}");
 211              $disposition = "attachment";
 212      }
 213  
 214      if(strpos(strtolower($_SERVER['HTTP_USER_AGENT']), "msie") !== false)
 215      {
 216          header("Content-disposition: attachment; filename=\"{$attachment['filename']}\"");
 217      }
 218      else
 219      {
 220          header("Content-disposition: {$disposition}; filename=\"{$attachment['filename']}\"");
 221      }
 222  
 223      if(strpos(strtolower($_SERVER['HTTP_USER_AGENT']), "msie 6.0") !== false)
 224      {
 225          header("Expires: -1");
 226      }
 227  
 228      header("Content-length: {$attachment['filesize']}");
 229      header("Content-range: bytes=0-".($attachment['filesize']-1)."/".$attachment['filesize']);
 230      $handle = fopen($uploadspath_abs."/".$attachment['attachname'], 'rb');
 231      while(!feof($handle))
 232      {
 233          echo fread($handle, 8192);
 234      }
 235      fclose($handle);
 236  }