From f228c0774461ba5cb79a5d1fbe976cdfd9a75d02 Mon Sep 17 00:00:00 2001 From: Savetheinternet Date: Sat, 1 Oct 2011 21:43:23 +1000 Subject: [PATCH] Disable inline-expanding for non-images --- inc/display.php | 36 +++++++++++++++++++++++++++++------- main.js | 2 +- post.php | 15 +++++++++------ templates/main.js | 2 +- 4 files changed, 40 insertions(+), 15 deletions(-) diff --git a/inc/display.php b/inc/display.php index b63fbbf1..620e0b56 100644 --- a/inc/display.php +++ b/inc/display.php @@ -336,7 +336,9 @@ $this->embed; } elseif(!empty($this->file) && $this->file != 'deleted') { // File info - $built .= '

File: ' . $this->file . ' (' . + $built .= '

' . + 'File: ' . $this->file . ' ' . + '(' . // Filesize format_bytes($this->filesize) . // File dimensions @@ -355,7 +357,17 @@ $built .= ')

' . // Thumbnail - ''; + 'thumb == 'file' ? ' class="file"' : '') . + '>'; } elseif($this->file == 'deleted') { $built .= ''; } @@ -482,10 +494,10 @@ // Actual embedding $this->embed; } elseif(!empty($this->file) && $this->file != 'deleted') { - // Image, not embedded shit - $built = - // File link - '

File: ' . $this->file . ' (' . + // File info + $built = '

' . + 'File: ' . $this->file . ' ' . + '(' . // Filesize format_bytes($this->filesize) . // File dimensions @@ -504,7 +516,17 @@ $built .= ')

' . // Thumbnail - ''; + 'thumb == 'file' ? ' class="file"' : '') . + '>'; } elseif($this->file == 'deleted') { $built = ''; } diff --git a/main.js b/main.js index d8fc0a47..c3638771 100644 --- a/main.js +++ b/main.js @@ -134,7 +134,7 @@ function rememberStuff() { function init_expanding() { link = document.getElementsByTagName('a'); for ( i in link ) { - if(typeof link[i] == "object" && link[i].childNodes[0].src) { + if(typeof link[i] == "object" && link[i].childNodes[0].src && link[i].className != 'file') { link[i].onclick = function(e) { if(e.which == 2) { return true; diff --git a/post.php b/post.php index 6d9cc309..5c9f23ea 100644 --- a/post.php +++ b/post.php @@ -411,15 +411,14 @@ if(!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files'])) error($config['error']['unknownext']); - if(in_array($post['extension'], $config['allowed_ext_files'])) - $__file = true; + $is_an_image = !in_array($post['extension'], $config['allowed_ext_files']); // Just trim the filename if it's too long if(strlen($post['filename']) > 30) $post['filename'] = substr($post['filename'], 0, 27).'…'; // Move the uploaded file if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error($config['error']['nomove']); - if(!isset($__file)) { + if($is_an_image) { // Check IE MIME type detection XSS exploit $buffer = file_get_contents($post['file'], null, null, null, 255); if(preg_match($config['ie_mime_type_detection'], $buffer)) { @@ -494,9 +493,12 @@ } $image->destroy(); } else { - copy($config['file_thumb'], $post['thumb']); + // not an image - $size = @getimagesize($post['thumb']); + //copy($config['file_thumb'], $post['thumb']); + $post['thumb'] = 'file'; + + $size = @getimagesize($config['file_thumb']); $post['thumbwidth'] = $size[0]; $post['thumbheight'] = $size[1]; } @@ -530,7 +532,8 @@ // Remove DIR_* before inserting them into the database. if($post['has_file']) { $post['file'] = substr_replace($post['file'], '', 0, strlen($board['dir'] . $config['dir']['img'])); - $post['thumb'] = substr_replace($post['thumb'], '', 0, strlen($board['dir'] . $config['dir']['thumb'])); + if($is_an_image) + $post['thumb'] = substr_replace($post['thumb'], '', 0, strlen($board['dir'] . $config['dir']['thumb'])); } // Todo: Validate some more, remove messy code, allow more specific configuration diff --git a/templates/main.js b/templates/main.js index 66d7d99d..6b4a8055 100644 --- a/templates/main.js +++ b/templates/main.js @@ -134,7 +134,7 @@ function rememberStuff() { function init_expanding() { link = document.getElementsByTagName('a'); for ( i in link ) { - if(typeof link[i] == "object" && link[i].childNodes[0].src) { + if(typeof link[i] == "object" && link[i].childNodes[0].src && link[i].className != 'file') { link[i].onclick = function(e) { if(e.which == 2) { return true;