github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-19 13:01:12 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Fixed extensions issue (#1218)

Browse source 
* Fixed extensions issue

* Update CHANGELOG.md
This commit is contained in:
Roman Kelesidis 2023-12-18 16:24:23 +07:00 committed by GitHub
commit 6660bf26e4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 15 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -20,6 +20,7 @@
- Limit execution time for forum file-listing [\#1211](https://github.com/torrentpier/torrentpier/pull/1211) ([kovalensky](https://github.com/kovalensky), [belomaxorka](https://github.com/belomaxorka))
- Some reported bugfixes [\#1214](https://github.com/torrentpier/torrentpier/pull/1214) ([belomaxorka](https://github.com/belomaxorka))
- Minor improvements [\#1215](https://github.com/torrentpier/torrentpier/pull/1215), [\#1217](https://github.com/torrentpier/torrentpier/pull/1217) ([belomaxorka](https://github.com/belomaxorka))
- Fixed extensions issue [\#1218](https://github.com/torrentpier/torrentpier/pull/1218) ([belomaxorka](https://github.com/belomaxorka))
## [v2.4.0-rc2](https://github.com/torrentpier/torrentpier/tree/v2.4.0-rc2) (2023-12-12)
[Full Changelog](https://github.com/torrentpier/torrentpier/compare/v2.4.0-rc1...v2.4.0-rc2)

5
dl.php
View file

@ -173,12 +173,15 @@ $num_rows = count($rows);
$allowed_extensions = $download_mode = [];
for ($i = 0; $i < $num_rows; $i++) {
$extension = strtolower(trim($rows[$i]['extension']));
// Get allowed extensions
if ((int)$rows[$i]['allow_group'] === 1) {
$allowed_extensions[] = $extension;
}
$download_mode[$extension] = $rows[$i]['download_mode'];
}
// Disallowed
if (!in_array($attachment['extension'], $allowed_extensions)) {
if (!in_array($attachment['extension'], $allowed_extensions) && !IS_ADMIN) {
bb_die(sprintf($lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']) . '<br /><br />' . $lang['FILENAME'] . ":&nbsp;" . $attachment['physical_filename']);
}

5
library/attach_mod/displaying.php
View file

@ -28,11 +28,14 @@ function init_complete_extensions_data()
$GLOBALS['datastore']->update('attach_extensions');
$extension_informations = get_extension_informations();
}
$allowed_extensions = [];
$allowed_extensions = [];
for ($i = 0, $size = count($extension_informations); $i < $size; $i++) {
$extension = strtolower(trim($extension_informations[$i]['extension']));
// Get allowed extensions
if ((int)$extension_informations[$i]['allow_group'] === 1) {
$allowed_extensions[] = $extension;
}
$display_categories[$extension] = (int)$extension_informations[$i]['cat_id'];
$download_modes[$extension] = (int)$extension_informations[$i]['download_mode'];
$upload_icons[$extension] = trim($extension_informations[$i]['upload_icon']);

9
library/includes/datastore/build_attach_extensions.php
View file

@ -11,16 +11,11 @@ if (!defined('BB_ROOT')) {
die(basename(__FILE__));
}
// Don't count on forbidden extensions table, because it is not allowed to allow forbidden extensions at all
$extensions = DB()->fetch_rowset("
SELECT
e.extension, g.cat_id, g.download_mode, g.upload_icon
FROM
SELECT e.extension, g.cat_id, g.download_mode, g.upload_icon, g.allow_group FROM
" . BB_EXTENSIONS . " e,
" . BB_EXTENSION_GROUPS . " g
WHERE
e.group_id = g.group_id
AND g.allow_group = 1
WHERE e.group_id = g.group_id
");
$this->store('attach_extensions', $extensions);