github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-14 18:48:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Some cleanup for attach mod (#1250)

Browse source 
* Some cleanup for attach mod

* Update displaying.php

* Update CHANGELOG.md
This commit is contained in:
Roman Kelesidis 2023-12-23 01:19:26 +07:00 committed by GitHub
commit 94f1641b5c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 45 additions and 179 deletions
Download patch file Download diff file Expand all files Collapse all files

21
library/attach_mod/displaying.php
View file

@ -179,9 +179,7 @@ function display_attachments($post_id)
$template->assign_block_vars('postrow.attach', []);
for ($i = 0; $i < $num_attachments; $i++) {
// Some basic things...
$filename = $upload_dir . '/' . basename($attachments['_' . $post_id][$i]['physical_filename']);
$thumbnail_filename = $upload_dir . '/' . THUMB_DIR . '/t_' . basename($attachments['_' . $post_id][$i]['physical_filename']);
// Checks the file existence
if (!is_file($filename)) {
@ -189,7 +187,6 @@ function display_attachments($post_id)
}
$upload_image = '';
if ($attach_config['upload_img'] && empty($upload_icons[$attachments['_' . $post_id][$i]['extension']])) {
$upload_image = '<img src="' . $attach_config['upload_img'] . '" alt="" border="0" />';
} elseif (trim($upload_icons[$attachments['_' . $post_id][$i]['extension']]) != '') {
@ -217,15 +214,13 @@ function display_attachments($post_id)
$thumbnail = false;
$link = false;
// Shows the images in topic
if (@(int)$display_categories[$attachments['_' . $post_id][$i]['extension']] == IMAGE_CAT && (int)$attach_config['img_display_inlined']) {
if ((int)$attach_config['img_link_width'] != 0 || (int)$attach_config['img_link_height'] != 0) {
// Checks the thumbnail existence
if (!is_file($thumbnail_filename)) {
continue;
}
// Get image sizes
[$width, $height] = getimagesize($filename);
// Check if image sizes is allowed
if ($width == 0 && $height == 0) {
$image = true;
} else {
@ -238,11 +233,13 @@ function display_attachments($post_id)
}
}
// Checks if image is thumbnail
if (@(int)$display_categories[$attachments['_' . $post_id][$i]['extension']] == IMAGE_CAT && $attachments['_' . $post_id][$i]['thumbnail'] == 1) {
$thumbnail = true;
$image = false;
}
// Checks whether the image should be displayed as a link
if (!$image && !$thumbnail) {
$link = true;
}
@ -278,6 +275,14 @@ function display_attachments($post_id)
}
if ($thumbnail) {
// Get the thumbnail image
$thumbnail_filename = $upload_dir . '/' . THUMB_DIR . '/t_' . basename($attachments['_' . $post_id][$i]['physical_filename']);
// Checks the thumbnail existence
if (!is_file($thumbnail_filename)) {
continue;
}
// Images, but display Thumbnail
if ($attach_config['upload_dir'][0] == '/' || ($attach_config['upload_dir'][0] != '/' && $attach_config['upload_dir'][1] == ':')) {
$thumb_source = BB_ROOT . DL_URL . $attachments['_' . $post_id][$i]['attach_id'] . '&thumb=1';

6
library/attach_mod/includes/functions_admin.php
View file

@ -146,7 +146,7 @@ function search_attachments($order_by, &$total_rows)
$search_author = stripslashes(clean_username($search_author));
// Prepare for directly going into sql query
$search_author = str_replace('*', '%', attach_mod_sql_escape($search_author));
$search_author = str_replace('*', '%', DB()->escape($search_author));
// We need the post_id's, because we want to query the Attachment Table
$sql = 'SELECT user_id FROM ' . BB_USERS . " WHERE username LIKE '$search_author'";
@ -172,13 +172,13 @@ function search_attachments($order_by, &$total_rows)
$search_keyword_fname = get_var('search_keyword_fname', '');
if ($search_keyword_fname) {
$match_word = str_replace('*', '%', $search_keyword_fname);
$where_sql[] = " (a.real_filename LIKE '" . attach_mod_sql_escape($match_word) . "') ";
$where_sql[] = " (a.real_filename LIKE '" . DB()->escape($match_word) . "') ";
}
$search_keyword_comment = get_var('search_keyword_comment', '');
if ($search_keyword_comment) {
$match_word = str_replace('*', '%', $search_keyword_comment);
$where_sql[] = " (a.comment LIKE '" . attach_mod_sql_escape($match_word) . "') ";
$where_sql[] = " (a.comment LIKE '" . DB()->escape($match_word) . "') ";
}
// Search Download Count

147
library/attach_mod/includes/functions_attach.php
View file

@ -177,38 +177,6 @@ function unlink_attach($filename, $mode = false)
return @unlink($filename);
}
/**
* Check if Attachment exist
*/
function attachment_exists($filename)
{
global $upload_dir, $attach_config;
$filename = basename($filename);
if (!@file_exists(@amod_realpath($upload_dir . '/' . $filename))) {
return false;
}
return true;
}
/**
* Check if Thumbnail exist
*/
function thumbnail_exists($filename)
{
global $upload_dir, $attach_config;
$filename = basename($filename);
if (!@file_exists(@amod_realpath($upload_dir . '/' . THUMB_DIR . '/t_' . $filename))) {
return false;
}
return true;
}
/**
* Physical Filename stored already ?
*/
@ -222,7 +190,7 @@ function physical_filename_already_stored($filename)
$sql = 'SELECT attach_id
FROM ' . BB_ATTACHMENTS_DESC . "
WHERE physical_filename = '" . attach_mod_sql_escape($filename) . "'
WHERE physical_filename = '" . DB()->escape($filename) . "'
LIMIT 1";
if (!($result = DB()->sql_query($sql))) {
@ -283,37 +251,6 @@ function get_attachments_from_post($post_id_array)
return $attachments;
}
/**
* Count Filesize of Attachments in Database based on the attachment id
*/
function get_total_attach_filesize($attach_ids)
{
if (!is_array($attach_ids) || !count($attach_ids)) {
return 0;
}
$attach_ids = implode(', ', array_map('\intval', $attach_ids));
if (!$attach_ids) {
return 0;
}
$sql = 'SELECT filesize FROM ' . BB_ATTACHMENTS_DESC . " WHERE attach_id IN ($attach_ids)";
if (!($result = DB()->sql_query($sql))) {
bb_die('Could not query total filesize');
}
$total_filesize = 0;
while ($row = DB()->sql_fetchrow($result)) {
$total_filesize += (int)$row['filesize'];
}
DB()->sql_freeresult($result);
return $total_filesize;
}
/**
* Get allowed Extensions and their respective Values
*/
@ -377,70 +314,6 @@ function attachment_sync_topic($topics)
}
}
/**
* Get Extension
*/
function get_extension($filename)
{
if (!str_contains($filename, '.')) {
return '';
}
$extension = strrchr(strtolower($filename), '.');
$extension[0] = ' ';
$extension = strtolower(trim($extension));
if (is_array($extension)) {
return '';
}
return $extension;
}
/**
* Delete Extension
*/
function delete_extension($filename)
{
return substr($filename, 0, strripos(trim($filename), '.'));
}
/**
* Check if a user is within Group
*/
function user_in_group($user_id, $group_id)
{
$user_id = (int)$user_id;
$group_id = (int)$group_id;
if (!$user_id || !$group_id) {
return false;
}
$sql = 'SELECT u.group_id
FROM ' . BB_USER_GROUP . ' u, ' . BB_GROUPS . " g
WHERE g.group_single_user = 0
AND u.group_id = g.group_id
AND u.user_id = $user_id
AND g.group_id = $group_id
LIMIT 1";
if (!($result = DB()->sql_query($sql))) {
bb_die('Could not get user group');
}
$num_rows = DB()->num_rows($result);
DB()->sql_freeresult($result);
return !($num_rows == 0);
}
/**
* Realpath replacement for attachment mod
*/
function amod_realpath($path)
{
return (function_exists('realpath')) ? realpath($path) : $path;
}
/**
* _set_var
*
@ -515,18 +388,6 @@ function get_var($var_name, $default, $multibyte = false)
return $var;
}
/**
* Escaping SQL
*/
function attach_mod_sql_escape($text)
{
if (function_exists('mysqli_real_escape_string')) {
return DB()->escape_string($text);
}
return str_replace(['\\', "'"], ['\\\\', "''"], $text);
}
/**
* Build sql statement from array for insert/update/select statements
*
@ -548,7 +409,7 @@ function attach_mod_sql_build_array($query, $assoc_ary = false)
if (null === $var) {
$values[] = 'NULL';
} elseif (is_string($var)) {
$values[] = "'" . attach_mod_sql_escape($var) . "'";
$values[] = "'" . DB()->escape($var) . "'";
} elseif (is_array($var) && is_string($var[0])) {
$values[] = $var[0];
} else {
@ -565,7 +426,7 @@ function attach_mod_sql_build_array($query, $assoc_ary = false)
if (null === $var) {
$values[] = 'NULL';
} elseif (is_string($var)) {
$values[] = "'" . attach_mod_sql_escape($var) . "'";
$values[] = "'" . DB()->escape($var) . "'";
} else {
$values[] = (is_bool($var)) ? (int)$var : $var;
}
@ -580,7 +441,7 @@ function attach_mod_sql_build_array($query, $assoc_ary = false)
if (null === $var) {
$values[] = "$key = NULL";
} elseif (is_string($var)) {
$values[] = "$key = '" . attach_mod_sql_escape($var) . "'";
$values[] = "$key = '" . DB()->escape($var) . "'";
} else {
$values[] = (is_bool($var)) ? "$key = " . (int)$var : "$key = $var";
}

2
library/attach_mod/includes/functions_thumbs.php
View file

@ -25,7 +25,7 @@ function createThumbnail(string $source, string $newFile, string $mimeType): boo
global $attach_config;
// Get the file information
$source = amod_realpath($source);
$source = realpath($source);
$min_filesize = (int)$attach_config['img_min_thumb_filesize'];
$img_filesize = file_exists($source) ? filesize($source) : false;