Changeset 1524 in ExiteCMS for trunk/getfile.php


Ignore:
Timestamp:
07/05/08 12:58:33 (4 years ago)
Author:
hverton
Message:

added code coloring for [code] bbcode sections, and an option to download the code
fixed a bug with pm read timestamps
registration now sends a pm to the webmaster when new user activation is set to admin-approval
user activation has been extended to work with both manual approvals and with email verification

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/getfile.php

    r1435 r1524  
    262262        case "cc": 
    263263        case "c": 
     264        case "c++": 
    264265        case "hh": 
    265266        case "php": 
     
    310311 
    311312// parameter validation 
    312 if (!isset($file_id) || !isNum($file_id)) { 
    313     terminate("<b>Invalid or missing file ID.</b>"); 
    314 } 
    315313if (!isset($type)) { 
    316314    terminate("<b>Missing file type.</b>"); 
     315} 
     316switch ($type) { 
     317    case "fc": 
     318        if (!isset($forum_id) || !isNum($forum_id) || !isset($thread_id) || !isNum($thread_id) || !isset($post_id) || !isNum($post_id) || !isset($id) || !isNum($id)) { 
     319            terminate("<b>Invalid or missing message ID.</b>"); 
     320        } 
     321        break; 
     322    default: 
     323        if (!isset($file_id) || !isNum($file_id)) { 
     324            terminate("<b>Invalid or missing file ID.</b>"); 
     325        } 
    317326} 
    318327 
     
    353362        $result = dbquery("UPDATE ".$db_prefix."forum_attachments SET attach_count=attach_count+1 WHERE attach_id='$file_id'"); 
    354363        // define the required parameters for the download 
     364        $source = "file"; 
    355365        $filename = $attachment['attach_name']; 
    356366        $filepath = PATH_ATTACHMENTS; 
    357367        $downloadname = $attachment['attach_realname'] == "" ? $attachment['attach_name'] : $attachment['attach_realname']; 
     368        break; 
     369 
     370    case "fc":  // forum code blocks 
     371        // check if the requester has read access to the forum 
     372        $forum = dbarray(dbquery("SELECT * FROM ".$db_prefix."forums WHERE forum_id = '".$forum_id."'")); 
     373        if (!is_array($forum)) { 
     374            terminate("<b>Invalid or missing message ID.</b>"); 
     375        } 
     376        // if logged in, check if the user has access to this file. if not, print an error and give up 
     377        if (iMEMBER && !getfilegroup($forum['forum_access'], $userdata['user_level'])) { 
     378            terminate("<b>You don't have access to the requested file ID.</b>"); 
     379        } 
     380        // if not logged in, and authorisation required, check if userid and password is given and valid 
     381        if (!iMEMBER && $forum['forum_access'] != 0) { 
     382            // Not public, authentication is required 
     383            auth_BasicAuthentication(); 
     384        } 
     385        // check if the requested message exists, if so retrieve the information 
     386        $message = dbarray(dbquery("SELECT * FROM ".$db_prefix."posts WHERE forum_id='$forum_id' AND thread_id='$thread_id' AND post_id='$post_id'")); 
     387        if (!is_array($message)) { 
     388            terminate("<b>Invalid or missing message ID.</b>"); 
     389        } 
     390        // get the code blocks from the message body 
     391        require PATH_INCLUDES."forum_functions_include.php"; 
     392        // strip CODE bbcode, optionally perform Geshi color coding 
     393        $codeblocks = array(); 
     394        $raw_color_blocks = true; 
     395        $message = preg_replace_callback('#\[code(=.*?)?\](.*?)([\r\n]*)\[/code\]#si', '_parseubb_codeblock', $message['post_message']); 
     396        // do we have the requested code block? 
     397        if (!isset($codeblocks[$id])) { 
     398            terminate("<b>Invalid or missing message ID.</b>"); 
     399        } 
     400        $source = "var"; 
     401        $downloadname = "file.".($codeblocks[$id][1]==""?"txt":$codeblocks[$id][1]); 
     402        $downloaddata = _unhtmlentities($codeblocks[$id][0]); 
    358403        break; 
    359404 
     
    375420        } 
    376421        // define the required parameters for the download 
     422        $source = "file"; 
    377423        $filename = $attachment['pmattach_name']; 
    378424        $filepath = PATH_PM_ATTACHMENTS; 
     
    395441// define the download parameters and start the download 
    396442$object = new httpdownload; 
    397 $object->set_mime(setmime($filename)); 
    398 $object->set_byfile($filepath.$filename); 
    399 $object->set_filename($downloadname); 
    400 $object->use_resume = false; 
     443 
     444switch($source) { 
     445    case "file": 
     446        $object->set_mime(setmime($filename)); 
     447        $object->set_byfile($filepath.$filename); 
     448        $object->set_filename($downloadname); 
     449        $object->use_resume = false; 
     450        break; 
     451    case "var": 
     452        $object->set_mime(setmime($downloadname)); 
     453        $object->set_bydata($downloaddata); 
     454        $object->set_filename($downloadname); 
     455        $object->use_resume = false; 
     456        break; 
     457} 
     458 
    401459$object->download(); 
    402460?> 
Note: See TracChangeset for help on using the changeset viewer.