Beehive PHP Cross Reference Discussion Forums

Source: /include/attachments.inc.php - 711 lines - 22981 bytes - Summary - Text - Print

   1  <?php
   2  
   3  /*======================================================================
   4  Copyright Project Beehive Forum 2002
   5  
   6  This file is part of Beehive Forum.
   7  
   8  Beehive Forum is free software; you can redistribute it and/or modify
   9  it under the terms of the GNU General Public License as published by
  10  the Free Software Foundation; either version 3 of the License, or
  11  (at your option) any later version.
  12  
  13  Beehive Forum is distributed in the hope that it will be useful,
  14  but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  GNU General Public License for more details.
  17  
  18  You should have received a copy of the GNU General Public License
  19  along with Beehive; if not, write to the Free Software
  20  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
  21  USA
  22  ======================================================================*/
  23  
  24  // Required includes
  25  require_once  BH_INCLUDE_PATH . 'admin.inc.php';
  26  require_once  BH_INCLUDE_PATH . 'constants.inc.php';
  27  require_once  BH_INCLUDE_PATH . 'db.inc.php';
  28  require_once  BH_INCLUDE_PATH . 'format.inc.php';
  29  require_once  BH_INCLUDE_PATH . 'forum.inc.php';
  30  require_once  BH_INCLUDE_PATH . 'html.inc.php';
  31  require_once  BH_INCLUDE_PATH . 'post.inc.php';
  32  require_once  BH_INCLUDE_PATH . 'session.inc.php';
  33  // End Required includes
  34  
  35  function attachments_get_upload_tmp_dir()
  36  {
  37      if (($upload_tmp_dir = @ini_get('upload_tmp_dir')) !== false) {
  38          if (is_writable($upload_tmp_dir)) return $upload_tmp_dir;
  39      }
  40  
  41      if (($upload_tmp_dir = @sys_get_temp_dir()) !== false) {
  42          if (is_writable($upload_tmp_dir)) return $upload_tmp_dir;
  43      }
  44  
  45      return false;
  46  }
  47  
  48  function attachments_check_dir()
  49  {
  50      if (forum_get_setting('attachments_enabled', 'N')) return false;
  51  
  52      if (!($attachment_dir = forum_get_setting('attachment_dir', null, 'attachments'))) return false;
  53  
  54      $attachment_dir = rtrim(trim($attachment_dir), '/');
  55  
  56      if (!@is_writable(attachments_get_upload_tmp_dir())) return false;
  57  
  58      @mkdir($attachment_dir, 0755, true);
  59  
  60      if (!@is_writable($attachment_dir)) return false;
  61  
  62      return $attachment_dir;
  63  }
  64  
  65  function attachments_get($uid, array $hash_array)
  66  {
  67      if (!($forum_fid = get_forum_fid())) return false;
  68  
  69      if (!$db = db::get()) return false;
  70  
  71      if (!is_numeric($uid)) return false;
  72  
  73      if (!is_array($hash_array)) $hash_array = array();
  74  
  75      $hash_array = array_filter($hash_array, 'is_md5');
  76  
  77      if (sizeof($hash_array) == 0) {
  78          return false;
  79      }
  80  
  81      $hash_list = implode("', '", $hash_array);
  82  
  83      $sql = "SELECT PAF.AID, PAF.HASH, PAF.FILENAME, PAF.MIMETYPE, ";
  84      $sql .= "PAF.FILESIZE, PAF.WIDTH, PAF.HEIGHT, PAF.THUMBNAIL, ";
  85      $sql .= "PAF.DOWNLOADS FROM POST_ATTACHMENT_FILES PAF ";
  86      $sql .= "LEFT JOIN POST_ATTACHMENT_IDS PAI ON (PAI.AID = PAF.AID ";
  87      $sql .= "AND PAI.FID = '$forum_fid') LEFT JOIN PM_ATTACHMENT_IDS PMAI ";
  88      $sql .= "ON (PMAI.AID = PAF.AID) WHERE PAF.UID = '$uid' ";
  89      $sql .= "AND PAF.HASH IN ('$hash_list') ";
  90      $sql .= "ORDER BY PAF.FILENAME";
  91  
  92      if (!($result = $db->query($sql))) return false;
  93  
  94      if ($result->num_rows == 0) return false;
  95  
  96      $attachments = array();
  97  
  98      while (($attachment_data = $result->fetch_assoc()) !== null) {
  99  
 100          $attachments[$attachment_data['HASH']] = array(
 101              "aid" => $attachment_data['AID'],
 102              "downloads" => $attachment_data['DOWNLOADS'],
 103              "filename" => rawurldecode($attachment_data['FILENAME']),
 104              "filesize" => $attachment_data['FILESIZE'],
 105              "hash" => $attachment_data['HASH'],
 106              "height" => $attachment_data['HEIGHT'],
 107              "mimetype" => $attachment_data['MIMETYPE'],
 108              "thumbnail" => $attachment_data['THUMBNAIL'],
 109              "width" => $attachment_data['WIDTH'],
 110          );
 111      }
 112  
 113      return $attachments;
 114  }
 115  
 116  function attachments_get_all($uid)
 117  {
 118      if (!($forum_fid = get_forum_fid())) return false;
 119  
 120      if (!$db = db::get()) return false;
 121  
 122      if (!is_numeric($uid)) return false;
 123  
 124      $sql = "SELECT PAF.AID, PAF.HASH, PAF.FILENAME, PAF.MIMETYPE, ";
 125      $sql .= "PAF.FILESIZE, PAF.WIDTH, PAF.HEIGHT, PAF.THUMBNAIL, ";
 126      $sql .= "PAF.DOWNLOADS FROM POST_ATTACHMENT_FILES PAF ";
 127      $sql .= "LEFT JOIN POST_ATTACHMENT_IDS PAI ON (PAI.AID = PAF.AID ";
 128      $sql .= "AND PAI.FID = '$forum_fid') LEFT JOIN PM_ATTACHMENT_IDS PMAI ";
 129      $sql .= "ON (PMAI.AID = PAF.AID) WHERE PAF.UID = '$uid' ";
 130      $sql .= "ORDER BY PAF.FILENAME";
 131  
 132      if (!($result = $db->query($sql))) return false;
 133  
 134      if ($result->num_rows == 0) return false;
 135  
 136      $attachments = array();
 137  
 138      while (($attachment_data = $result->fetch_assoc()) !== null) {
 139  
 140          $attachments[$attachment_data['HASH']] = array(
 141              "aid" => $attachment_data['AID'],
 142              "downloads" => $attachment_data['DOWNLOADS'],
 143              "filename" => rawurldecode($attachment_data['FILENAME']),
 144              "filesize" => $attachment_data['FILESIZE'],
 145              "hash" => $attachment_data['HASH'],
 146              "height" => $attachment_data['HEIGHT'],
 147              "mimetype" => $attachment_data['MIMETYPE'],
 148              "thumbnail" => $attachment_data['THUMBNAIL'],
 149              "width" => $attachment_data['WIDTH'],
 150          );
 151      }
 152  
 153      return $attachments;
 154  }
 155  
 156  function attachments_get_by_aid($aid, $uid = null)
 157  {
 158      if (!$db = db::get()) return false;
 159  
 160      if (!is_numeric($aid)) return false;
 161  
 162      if (!($attachment_dir = attachments_check_dir())) return false;
 163  
 164      $sql = "SELECT AID, UID, FILENAME, MIMETYPE, FILESIZE, WIDTH, ";
 165      $sql .= "HEIGHT, THUMBNAIL, HASH, DOWNLOADS FROM POST_ATTACHMENT_FILES ";
 166      $sql .= "WHERE AID = '$aid' ";
 167  
 168      if (isset($uid) && is_numeric($uid)) {
 169          $sql .= "AND UID = '$uid'";
 170      }
 171  
 172      if (!($result = $db->query($sql))) return false;
 173  
 174      if ($result->num_rows == 0) return false;
 175  
 176      $attachment_data = $result->fetch_assoc();
 177  
 178      return array(
 179          "aid" => $attachment_data['AID'],
 180          "downloads" => $attachment_data['DOWNLOADS'],
 181          "filename" => rawurldecode($attachment_data['FILENAME']),
 182          "filesize" => $attachment_data['FILESIZE'],
 183          "hash" => $attachment_data['HASH'],
 184          "height" => $attachment_data['HEIGHT'],
 185          "mimetype" => $attachment_data['MIMETYPE'],
 186          "thumbnail" => $attachment_data['THUMBNAIL'],
 187          "width" => $attachment_data['WIDTH'],
 188      );
 189  }
 190  
 191  function attachments_get_by_hash($hash, $uid = null)
 192  {
 193      if (!$db = db::get()) return false;
 194  
 195      if (!is_md5($hash)) return false;
 196  
 197      if (!($attachment_dir = attachments_check_dir())) return false;
 198  
 199      $sql = "SELECT AID, UID, FILENAME, MIMETYPE, FILESIZE, WIDTH, ";
 200      $sql .= "HEIGHT, THUMBNAIL, HASH, DOWNLOADS FROM POST_ATTACHMENT_FILES ";
 201      $sql .= "WHERE HASH = '$hash' ";
 202  
 203      if (isset($uid) && is_numeric($uid)) {
 204          $sql .= "AND UID = '$uid'";
 205      }
 206  
 207      if (!($result = $db->query($sql))) return false;
 208  
 209      if ($result->num_rows == 0) return false;
 210  
 211      $attachment_data = $result->fetch_assoc();
 212  
 213      return array(
 214          "aid" => $attachment_data['AID'],
 215          "downloads" => $attachment_data['DOWNLOADS'],
 216          "filename" => rawurldecode($attachment_data['FILENAME']),
 217          "filesize" => $attachment_data['FILESIZE'],
 218          "hash" => $attachment_data['HASH'],
 219          "height" => $attachment_data['HEIGHT'],
 220          "mimetype" => $attachment_data['MIMETYPE'],
 221          "thumbnail" => $attachment_data['THUMBNAIL'],
 222          "width" => $attachment_data['WIDTH'],
 223      );
 224  }
 225  
 226  function attachments_add($uid, $filename, $hash, $mimetype, $filesize, $image_width, $image_height, $thumbnail)
 227  {
 228      if (!$db = db::get()) return false;
 229  
 230      if (!is_numeric($uid)) return false;
 231  
 232      if (!is_numeric($image_width) && !is_null($image_width)) return false;
 233  
 234      if (!is_numeric($image_height) && !is_null($image_height)) return false;
 235  
 236      $filename = $db->escape(rawurlencode($filename));
 237  
 238      $mimetype = $db->escape($mimetype);
 239  
 240      $filesize = $db->escape($filesize);
 241  
 242      $image_width = is_null($image_width) ? 'NULL' : $db->escape($image_width);
 243  
 244      $image_height = is_null($image_height) ? 'NULL' : $db->escape($image_height);
 245  
 246      $thumbnail = ($thumbnail) ? 'Y' : 'N';
 247  
 248      $hash = $db->escape($hash);
 249  
 250      $sql = "INSERT INTO POST_ATTACHMENT_FILES (UID, FILENAME, MIMETYPE, FILESIZE, ";
 251      $sql .= "WIDTH, HEIGHT, THUMBNAIL, HASH) VALUES ('$uid', '$filename', '$mimetype', ";
 252      $sql .= "'$filesize', $image_width, $image_height, '$thumbnail', '$hash')";
 253  
 254      if (!$db->query($sql)) return false;
 255  
 256      return $db->insert_id;
 257  }
 258  
 259  function attachments_delete($hash)
 260  {
 261      if (!is_md5($hash)) return false;
 262  
 263      if (!$db = db::get()) return false;
 264  
 265      if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) return false;
 266  
 267      if (!($attachment_dir = attachments_check_dir())) return false;
 268  
 269      $sql = "SELECT PAF.AID, PAF.UID, PAF.FILENAME, PAI.TID, ";
 270      $sql .= "PAI.PID FROM POST_ATTACHMENT_FILES PAF ";
 271      $sql .= "LEFT JOIN POST_ATTACHMENT_IDS PAI ON (PAI.AID = PAF.AID) ";
 272      $sql .= "WHERE PAF.HASH = '$hash'";
 273  
 274      if (!($result = $db->query($sql))) return false;
 275  
 276      if ($result->num_rows == 0) return false;
 277  
 278      $attachment_data = $result->fetch_assoc();
 279  
 280      if (!isset($attachment_data['FID'])) $attachment_data['FID'] = 0;
 281  
 282      if (!(($attachment_data['UID'] == $_SESSION['UID']) || session::check_perm(USER_PERM_FOLDER_MODERATE, $attachment_data['FID']))) return false;
 283  
 284      if (isset($attachment_data['TID']) && isset($attachment_data['PID'])) {
 285  
 286          post_add_edit_text($attachment_data['TID'], $attachment_data['PID']);
 287  
 288          if (session::check_perm(USER_PERM_FOLDER_MODERATE, $attachment_data['FID']) && ($attachment_data['UID'] != $_SESSION['UID'])) {
 289  
 290              $log_data = array(
 291                  $attachment_data['TID'],
 292                  $attachment_data['PID'],
 293                  $attachment_data['FILENAME']
 294              );
 295  
 296              admin_add_log_entry(ATTACHMENTS_DELETE, $log_data);
 297          }
 298      }
 299  
 300      $sql = "DELETE QUICK FROM POST_ATTACHMENT_FILES ";
 301      $sql .= "WHERE HASH = '$hash'";
 302  
 303      if (!$db->query($sql)) return false;
 304  
 305      @unlink("$attachment_dir/$hash");
 306  
 307      @unlink("$attachment_dir/$hash.thumb");
 308  
 309      return true;
 310  }
 311  
 312  function attachments_delete_thumbnail($hash)
 313  {
 314      if (!is_md5($hash)) return false;
 315  
 316      if (!$db = db::get()) return false;
 317  
 318      if (!isset($_SESSION['UID']) || !is_numeric($_SESSION['UID'])) return false;
 319  
 320      if (!($attachment_dir = attachments_check_dir())) return false;
 321  
 322      $sql = "SELECT PAF.AID, PAF.UID, PAF.FILENAME, PAI.TID, ";
 323      $sql .= "PAI.PID FROM POST_ATTACHMENT_FILES PAF ";
 324      $sql .= "LEFT JOIN POST_ATTACHMENT_IDS PAI ON (PAI.AID = PAF.AID) ";
 325      $sql .= "WHERE PAF.HASH = '$hash'";
 326  
 327      if (!($result = $db->query($sql))) return false;
 328  
 329      if ($result->num_rows == 0) return false;
 330  
 331      $attachment_data = $result->fetch_assoc();
 332  
 333      if (!isset($attachment_data['FID'])) $attachment_data['FID'] = 0;
 334  
 335      if (!(($attachment_data['UID'] == $_SESSION['UID']) || session::check_perm(USER_PERM_FOLDER_MODERATE, $attachment_data['FID']))) return false;
 336  
 337      if (isset($attachment_data['TID']) && isset($attachment_data['PID'])) {
 338  
 339          post_add_edit_text($attachment_data['TID'], $attachment_data['PID']);
 340  
 341          if (session::check_perm(USER_PERM_FOLDER_MODERATE, $attachment_data['FID']) && ($attachment_data['UID'] != $_SESSION['UID'])) {
 342  
 343              $log_data = array(
 344                  $attachment_data['TID'],
 345                  $attachment_data['PID'],
 346                  $attachment_data['FILENAME']
 347              );
 348  
 349              admin_add_log_entry(ATTACHMENTS_DELETE, $log_data);
 350          }
 351      }
 352  
 353      @unlink("$attachment_dir/$hash.thumb");
 354  
 355      return true;
 356  }
 357  
 358  function attachments_get_free_user_space($uid)
 359  {
 360      $max_user_attachment_space = forum_get_setting('attachments_max_user_space', null, 1048576);
 361  
 362      $user_attachment_space = attachments_get_user_used_space($uid);
 363  
 364      if ($max_user_attachment_space > 0) {
 365          return (($max_user_attachment_space - $user_attachment_space) < 0) ? 0 : ($max_user_attachment_space - $user_attachment_space);
 366      }
 367  
 368      return -1;
 369  }
 370  
 371  function attachments_get_free_post_space($uid, $hash_array)
 372  {
 373      $max_post_attachment_space = forum_get_setting('attachments_max_post_space', null, 1048576);
 374  
 375      $post_attachment_space = attachments_get_post_used_space($uid, $hash_array);
 376  
 377      if ($max_post_attachment_space > 0) {
 378          return (($max_post_attachment_space - $post_attachment_space) < 0) ? 0 : ($max_post_attachment_space - $post_attachment_space);
 379      }
 380  
 381      return -1;
 382  }
 383  
 384  function attachments_check_post_space($uid, $hash_array)
 385  {
 386      $max_post_attachment_space = forum_get_setting('attachments_max_post_space', null, 1048576);
 387  
 388      $post_attachment_space = attachments_get_post_used_space($uid, $hash_array);
 389  
 390      return $post_attachment_space < $max_post_attachment_space;
 391  }
 392  
 393  function attachments_get_post_used_space($uid, $hash_array)
 394  {
 395      if (!$db = db::get()) return 0;
 396  
 397      if (!is_numeric($uid)) return 0;
 398  
 399      if (!is_array($hash_array)) return 0;
 400  
 401      $hash_array = array_filter($hash_array, 'is_md5');
 402  
 403      if (sizeof($hash_array) == 0) return 0;
 404  
 405      $hash_list = implode("', '", $hash_array);
 406  
 407      $sql = "SELECT SUM(PAF.FILESIZE) AS FILESIZE FROM POST_ATTACHMENT_FILES PAF ";
 408      $sql .= "WHERE PAF.UID = '$uid' AND PAF.HASH IN ('$hash_list')";
 409  
 410      if (!($result = $db->query($sql))) return 0;
 411  
 412      list($post_attachment_space) = $result->fetch_array(MYSQLI_NUM);
 413  
 414      return $post_attachment_space;
 415  }
 416  
 417  function attachments_get_user_used_space($uid)
 418  {
 419      if (!$db = db::get()) return 0;
 420  
 421      if (!is_numeric($uid)) return 0;
 422  
 423      $sql = "SELECT SUM(PAF.FILESIZE) AS FILESIZE FROM POST_ATTACHMENT_FILES PAF ";
 424      $sql .= "WHERE PAF.UID = '$uid'";
 425  
 426      if (!($result = $db->query($sql))) return 0;
 427  
 428      list($user_attachment_space) = $result->fetch_array(MYSQLI_NUM);
 429  
 430      return $user_attachment_space;
 431  }
 432  
 433  function attachments_form($uid, $hash_array)
 434  {
 435      if (!is_numeric($uid)) return '';
 436  
 437      if (!is_array($hash_array)) $hash_array = array();
 438  
 439      $selected_total_size = attachments_get_post_used_space($uid, $hash_array);
 440  
 441      $attachment_free_post_space = attachments_get_free_post_space($uid, $hash_array);
 442  
 443      $attachment_free_user_space = attachments_get_free_user_space($uid);
 444  
 445      $attachments_array = attachments_get($uid, $hash_array);
 446  
 447      return sprintf(
 448          '<ul>%s</ul>
 449           <div class="buttons"></div>
 450           <div class="summary">
 451             <div>
 452               <span>%s:</span>
 453               <span class="used_post_space">%s</span>
 454             </div>
 455             <div>
 456               <span>%s:</span>
 457               <span class="free_post_space">%s</span>
 458             </div>
 459             <div>
 460               <span>%s:</span>
 461               <span class="free_upload_space">%s</span>
 462             </div>
 463           </div>
 464           <div class="clearer"></div>',
 465          attachments_form_list($attachments_array, $hash_array),
 466          gettext("Total Size"),
 467          format_file_size($selected_total_size),
 468          gettext("Free Post Space"),
 469          $attachment_free_post_space >= 0
 470              ? format_file_size($attachment_free_post_space)
 471              : gettext("Unlimited"),
 472          gettext("Free Upload Space"),
 473          $attachment_free_user_space >= 0
 474              ? format_file_size($attachment_free_user_space)
 475              : gettext("Unlimited")
 476      );
 477  }
 478  
 479  function attachments_form_list($attachments_array, $hash_array)
 480  {
 481      if (!is_array($attachments_array)) $attachments_array = array();
 482  
 483      if (!is_array($hash_array)) $hash_array = array();
 484  
 485      $webtag = get_webtag();
 486  
 487      forum_check_webtag_available($webtag);
 488  
 489      $html = '';
 490  
 491      foreach ($attachments_array as $attachment) {
 492  
 493          $html .= sprintf(
 494              '<li class="attachment complete" data-hash="%1$s">
 495                 <label>
 496                   <input %2$s class="bhinputcheckbox" name="attachment[]" type="checkbox" value="%1$s" />
 497                   <span class="filename">
 498                     <a href="get_attachment.php?webtag=%3$s&amp;hash=%1$s&amp;filename=%4$s">%5$s</a>
 499                   </span>
 500                   <span class="progress"></span>
 501                   <span class="retry" title="%6$s">%7$s</span>
 502                   <span class="cancel" title="%8$s">%9$s</span>
 503                   <span class="filesize">%10$s</span>
 504                 </label>
 505               </li>',
 506              $attachment['hash'],
 507              in_array($attachment['hash'], $hash_array) ? 'checked="checked"' : '',
 508              $webtag,
 509              urlencode($attachment['filename']),
 510              format_file_name($attachment['filename']),
 511              htmlentities_array(gettext('Retry')),
 512              gettext('Retry'),
 513              htmlentities_array(gettext('Cancel')),
 514              gettext('Cancel'),
 515              format_file_size($attachment['filesize'])
 516          );
 517      }
 518  
 519      return $html;
 520  }
 521  
 522  function attachments_get_message_link($hash)
 523  {
 524      if (!$db = db::get()) return false;
 525  
 526      $hash = $db->escape($hash);
 527  
 528      $sql = "SELECT FORUMS.WEBTAG, PAI.TID, PAI.PID FROM POST_ATTACHMENT_FILES PAF ";
 529      $sql .= "INNER JOIN POST_ATTACHMENT_IDS PAI ON (PAI.AID = PAF.AID) ";
 530      $sql .= "INNER JOIN FORUMS ON (FORUMS.FID = PAI.FID) ";
 531      $sql .= "WHERE PAF.HASH = '$hash'";
 532  
 533      if (!($result = $db->query($sql))) return false;
 534  
 535      if ($result->num_rows == 0) return false;
 536  
 537      list($forum_webtag, $tid, $pid) = $result->fetch_row();
 538  
 539      return "messages.php?webtag=$forum_webtag&amp;msg=$tid.$pid";
 540  }
 541  
 542  function attachments_get_pm_link($hash)
 543  {
 544      if (!$db = db::get()) return false;
 545  
 546      $webtag = get_webtag();
 547  
 548      forum_check_webtag_available($webtag);
 549  
 550      $hash = $db->escape($hash);
 551  
 552      $sql = "SELECT PAI.MID FROM POST_ATTACHMENT_FILES PAF ";
 553      $sql .= "INNER JOIN PM_ATTACHMENT_IDS PAI ON (PAI.AID = PAF.AID) ";
 554      $sql .= "WHERE PAF.HASH = '$hash'";
 555  
 556      if (!($result = $db->query($sql))) return false;
 557  
 558      if ($result->num_rows == 0) return false;
 559  
 560      list($mid) = $result->fetch_row();
 561  
 562      return "pm.php?webtag=$webtag&amp;mid=$mid";
 563  }
 564  
 565  function attachments_inc_download_count($hash)
 566  {
 567      if (!$db = db::get()) return false;
 568  
 569      if (!is_md5($hash)) return false;
 570  
 571      $sql = "UPDATE LOW_PRIORITY POST_ATTACHMENT_FILES ";
 572      $sql .= "SET DOWNLOADS = DOWNLOADS + 1 WHERE HASH = '$hash'";
 573  
 574      if (!$db->query($sql)) return false;
 575  
 576      return true;
 577  }
 578  
 579  function attachments_embed_check($content)
 580  {
 581      if (forum_get_setting('attachments_allow_embed', 'Y')) return false;
 582  
 583      $content_check = preg_replace_callback('/\&amp;\#([0-9]+)\;/um', 'attachments_embed_check_callback', rawurldecode($content));
 584  
 585      return preg_match("/<.+(src|background|codebase|background-image)(=|s?:s?).+get_attachment.php.+>/iu", $content_check);
 586  }
 587  
 588  function attachments_embed_check_callback($match)
 589  {
 590      return chr($match[1]);
 591  }
 592  
 593  function attachments_make_link($attachment, $show_thumbs = true, $limit_filename = false, $local_path = false, $img_tag = true)
 594  {
 595      if (!is_array($attachment)) return false;
 596  
 597      if (!is_bool($show_thumbs)) $show_thumbs = true;
 598      if (!is_bool($limit_filename)) $limit_filename = false;
 599      if (!is_bool($local_path)) $local_path = false;
 600      if (!is_bool($img_tag)) $img_tag = true;
 601  
 602      if (!($attachment_dir = attachments_check_dir())) return false;
 603  
 604      if (!isset($attachment['hash'])) return false;
 605      if (!isset($attachment['filename'])) return false;
 606      if (!isset($attachment['downloads'])) return false;
 607      if (!is_md5($attachment['hash'])) return false;
 608  
 609      $thumbnail_max_size = 100;
 610  
 611      $webtag = get_webtag();
 612  
 613      forum_check_webtag_available($webtag);
 614  
 615      if (isset($_SESSION['SHOW_THUMBS']) && is_numeric($_SESSION['SHOW_THUMBS'])) {
 616          $user_show_thumbs = $_SESSION['SHOW_THUMBS'];
 617      } else {
 618          $user_show_thumbs = 100;
 619      }
 620  
 621      if ($show_thumbs && forum_get_setting('attachment_thumbnails', 'Y') && ($user_show_thumbs > 0 || !session::logged_in())) {
 622  
 623          $thumbnail_size = array(
 624              1 => 50,
 625              2 => 100,
 626              3 => 150
 627          );
 628  
 629          $thumbnail_max_size = isset($thumbnail_size[$user_show_thumbs]) ? $thumbnail_size[$user_show_thumbs] : 100;
 630  
 631      } else {
 632  
 633          $show_thumbs = false;
 634      }
 635  
 636      if ($local_path) {
 637  
 638          $attachment_href = "attachments/{$attachment['filename']}";
 639  
 640      } else {
 641  
 642          $attachment_href = "get_attachment.php?webtag=$webtag&amp;hash={$attachment['hash']}";
 643          $attachment_href .= "&amp;filename={$attachment['filename']}";
 644      }
 645  
 646      if ($img_tag) {
 647  
 648          $title_array = array();
 649  
 650          if (mb_strlen($attachment['filename']) > 16 && $limit_filename) {
 651  
 652              $title_array[] = sprintf(gettext("Filename: %s"), $attachment['filename']);
 653              $attachment['filename'] = format_file_name($attachment['filename']);
 654          }
 655  
 656          if (isset($attachment['filesize']) && is_numeric($attachment['filesize']) && $attachment['filesize'] > 0) {
 657              $title_array[] = sprintf(gettext("Size: %s"), format_file_size($attachment['filesize']));
 658          }
 659  
 660          if ($attachment['downloads'] == 1) {
 661              $title_array[] = gettext("Downloaded: 1 time");
 662          } else {
 663              $title_array[] = sprintf(gettext("Downloaded: %d times"), $attachment['downloads']);
 664          }
 665  
 666          if (isset($attachment['width'], $attachment['height'])) {
 667              $title_array[] = sprintf(gettext("Dimensions %dx%dpx"), $attachment['width'], $attachment['height']);
 668          }
 669  
 670          $title = implode(", ", $title_array);
 671  
 672          if ($show_thumbs && isset($attachment['thumbnail']) && ($attachment['thumbnail'] == 'Y')) {
 673  
 674              $thumbnail_width = 150;
 675              $thumbnail_height = 150;
 676  
 677              while ($thumbnail_width > $thumbnail_max_size) {
 678  
 679                  $thumbnail_width--;
 680                  $thumbnail_height--;
 681              }
 682  
 683              $attachment_link = "<span class=\"attachment_thumb\"><a href=\"$attachment_href\" title=\"$title\" ";
 684              $attachment_link .= "target=\"_blank\"><img src=\"$attachment_href&amp;thumb=1\"";
 685              $attachment_link .= "border=\"0\" width=\"$thumbnail_width\" height=\"$thumbnail_height\"";
 686              $attachment_link .= "alt=\"$title\" title=\"$title\" /></a></span>";
 687  
 688          } else {
 689  
 690              $attachment_link = "<img src=\"" . html_style_image('attach.png');
 691              $attachment_link .= "\" width=\"14\" height=\"14\" border=\"0\" ";
 692              $attachment_link .= "alt=\"" . gettext("Attachment") . "\" ";
 693              $attachment_link .= "title=\"" . gettext("Attachment") . "\" />";
 694              $attachment_link .= "<a href=\"$attachment_href\" title=\"$title\" ";
 695              $attachment_link .= "target=\"_blank\">{$attachment['filename']}</a>";
 696          }
 697  
 698          return $attachment_link;
 699      }
 700  
 701      return $attachment_href;
 702  }
 703  
 704  function attachments_get_mime_types()
 705  {
 706      if (($allowed_mimetypes = forum_get_setting('attachment_mime_types', 'strlen', false)) !== false) {
 707          return array_map('trim', explode("\n", $allowed_mimetypes));
 708      }
 709  
 710      return array();
 711  }

title

Description

title

Description

title

Description

title

title

Body