mirror of
https://github.com/vichan-devel/vichan.git
synced 2024-11-29 09:44:28 +01:00
Disable inline-expanding for non-images
This commit is contained in:
parent
dd87c4d8f7
commit
f228c07744
@ -336,7 +336,9 @@
|
|||||||
$this->embed;
|
$this->embed;
|
||||||
} elseif(!empty($this->file) && $this->file != 'deleted') {
|
} elseif(!empty($this->file) && $this->file != 'deleted') {
|
||||||
// File info
|
// File info
|
||||||
$built .= '<p class="fileinfo">File: <a href="' . $config['uri_img'] . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' .
|
$built .= '<p class="fileinfo">' .
|
||||||
|
'File: <a href="' . $config['uri_img'] . $this->file . '">' . $this->file . '</a> ' .
|
||||||
|
'<span class="unimportant">(' .
|
||||||
// Filesize
|
// Filesize
|
||||||
format_bytes($this->filesize) .
|
format_bytes($this->filesize) .
|
||||||
// File dimensions
|
// File dimensions
|
||||||
@ -355,7 +357,17 @@
|
|||||||
|
|
||||||
$built .= ')</span></p>' .
|
$built .= ')</span></p>' .
|
||||||
// Thumbnail
|
// Thumbnail
|
||||||
'<a href="' . $config['uri_img'] . $this->file.'" target="_blank"><img src="' . $config['uri_thumb'] . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" alt="" /></a>';
|
'<a href="' .
|
||||||
|
$config['uri_img'] .$this->file .
|
||||||
|
'" target="_blank"' .
|
||||||
|
($this->thumb == 'file' ? ' class="file"' : '') .
|
||||||
|
'><img src="' .
|
||||||
|
($this->thumb == 'file' ?
|
||||||
|
$config['file_thumb']
|
||||||
|
:
|
||||||
|
$config['uri_thumb'] . $this->thumb
|
||||||
|
) .
|
||||||
|
'" style="width:' . $this->thumbx . 'px;height:' . $this->thumby . 'px;" alt="" /></a>';
|
||||||
} elseif($this->file == 'deleted') {
|
} elseif($this->file == 'deleted') {
|
||||||
$built .= '<img src="' . $config['image_deleted'] . '" alt="" />';
|
$built .= '<img src="' . $config['image_deleted'] . '" alt="" />';
|
||||||
}
|
}
|
||||||
@ -482,10 +494,10 @@
|
|||||||
// Actual embedding
|
// Actual embedding
|
||||||
$this->embed;
|
$this->embed;
|
||||||
} elseif(!empty($this->file) && $this->file != 'deleted') {
|
} elseif(!empty($this->file) && $this->file != 'deleted') {
|
||||||
// Image, not embedded shit
|
// File info
|
||||||
$built =
|
$built = '<p class="fileinfo">' .
|
||||||
// File link
|
'File: <a href="' . $config['uri_img'] . $this->file . '">' . $this->file . '</a> ' .
|
||||||
'<p class="fileinfo">File: <a href="' . $config['uri_img'] . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' .
|
'<span class="unimportant">(' .
|
||||||
// Filesize
|
// Filesize
|
||||||
format_bytes($this->filesize) .
|
format_bytes($this->filesize) .
|
||||||
// File dimensions
|
// File dimensions
|
||||||
@ -504,7 +516,17 @@
|
|||||||
|
|
||||||
$built .= ')</span></p>' .
|
$built .= ')</span></p>' .
|
||||||
// Thumbnail
|
// Thumbnail
|
||||||
'<a href="' . $config['uri_img'] . $this->file.'" target="_blank"><img src="' . $config['uri_thumb'] . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" alt="" /></a>';
|
'<a href="' .
|
||||||
|
$config['uri_img'] .$this->file .
|
||||||
|
'" target="_blank"' .
|
||||||
|
($this->thumb == 'file' ? ' class="file"' : '') .
|
||||||
|
'><img src="' .
|
||||||
|
($this->thumb == 'file' ?
|
||||||
|
$config['file_thumb']
|
||||||
|
:
|
||||||
|
$config['uri_thumb'] . $this->thumb
|
||||||
|
) .
|
||||||
|
'" style="width:' . $this->thumbx . 'px;height:' . $this->thumby . 'px;" alt="" /></a>';
|
||||||
} elseif($this->file == 'deleted') {
|
} elseif($this->file == 'deleted') {
|
||||||
$built = '<img src="' . $config['image_deleted'] . '" alt="" />';
|
$built = '<img src="' . $config['image_deleted'] . '" alt="" />';
|
||||||
}
|
}
|
||||||
|
2
main.js
2
main.js
@ -134,7 +134,7 @@ function rememberStuff() {
|
|||||||
function init_expanding() {
|
function init_expanding() {
|
||||||
link = document.getElementsByTagName('a');
|
link = document.getElementsByTagName('a');
|
||||||
for ( i in link ) {
|
for ( i in link ) {
|
||||||
if(typeof link[i] == "object" && link[i].childNodes[0].src) {
|
if(typeof link[i] == "object" && link[i].childNodes[0].src && link[i].className != 'file') {
|
||||||
link[i].onclick = function(e) {
|
link[i].onclick = function(e) {
|
||||||
if(e.which == 2) {
|
if(e.which == 2) {
|
||||||
return true;
|
return true;
|
||||||
|
15
post.php
15
post.php
@ -411,15 +411,14 @@
|
|||||||
if(!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files']))
|
if(!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files']))
|
||||||
error($config['error']['unknownext']);
|
error($config['error']['unknownext']);
|
||||||
|
|
||||||
if(in_array($post['extension'], $config['allowed_ext_files']))
|
$is_an_image = !in_array($post['extension'], $config['allowed_ext_files']);
|
||||||
$__file = true;
|
|
||||||
|
|
||||||
// Just trim the filename if it's too long
|
// Just trim the filename if it's too long
|
||||||
if(strlen($post['filename']) > 30) $post['filename'] = substr($post['filename'], 0, 27).'…';
|
if(strlen($post['filename']) > 30) $post['filename'] = substr($post['filename'], 0, 27).'…';
|
||||||
// Move the uploaded file
|
// Move the uploaded file
|
||||||
if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error($config['error']['nomove']);
|
if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error($config['error']['nomove']);
|
||||||
|
|
||||||
if(!isset($__file)) {
|
if($is_an_image) {
|
||||||
// Check IE MIME type detection XSS exploit
|
// Check IE MIME type detection XSS exploit
|
||||||
$buffer = file_get_contents($post['file'], null, null, null, 255);
|
$buffer = file_get_contents($post['file'], null, null, null, 255);
|
||||||
if(preg_match($config['ie_mime_type_detection'], $buffer)) {
|
if(preg_match($config['ie_mime_type_detection'], $buffer)) {
|
||||||
@ -494,9 +493,12 @@
|
|||||||
}
|
}
|
||||||
$image->destroy();
|
$image->destroy();
|
||||||
} else {
|
} else {
|
||||||
copy($config['file_thumb'], $post['thumb']);
|
// not an image
|
||||||
|
|
||||||
$size = @getimagesize($post['thumb']);
|
//copy($config['file_thumb'], $post['thumb']);
|
||||||
|
$post['thumb'] = 'file';
|
||||||
|
|
||||||
|
$size = @getimagesize($config['file_thumb']);
|
||||||
$post['thumbwidth'] = $size[0];
|
$post['thumbwidth'] = $size[0];
|
||||||
$post['thumbheight'] = $size[1];
|
$post['thumbheight'] = $size[1];
|
||||||
}
|
}
|
||||||
@ -530,7 +532,8 @@
|
|||||||
// Remove DIR_* before inserting them into the database.
|
// Remove DIR_* before inserting them into the database.
|
||||||
if($post['has_file']) {
|
if($post['has_file']) {
|
||||||
$post['file'] = substr_replace($post['file'], '', 0, strlen($board['dir'] . $config['dir']['img']));
|
$post['file'] = substr_replace($post['file'], '', 0, strlen($board['dir'] . $config['dir']['img']));
|
||||||
$post['thumb'] = substr_replace($post['thumb'], '', 0, strlen($board['dir'] . $config['dir']['thumb']));
|
if($is_an_image)
|
||||||
|
$post['thumb'] = substr_replace($post['thumb'], '', 0, strlen($board['dir'] . $config['dir']['thumb']));
|
||||||
}
|
}
|
||||||
|
|
||||||
// Todo: Validate some more, remove messy code, allow more specific configuration
|
// Todo: Validate some more, remove messy code, allow more specific configuration
|
||||||
|
@ -134,7 +134,7 @@ function rememberStuff() {
|
|||||||
function init_expanding() {
|
function init_expanding() {
|
||||||
link = document.getElementsByTagName('a');
|
link = document.getElementsByTagName('a');
|
||||||
for ( i in link ) {
|
for ( i in link ) {
|
||||||
if(typeof link[i] == "object" && link[i].childNodes[0].src) {
|
if(typeof link[i] == "object" && link[i].childNodes[0].src && link[i].className != 'file') {
|
||||||
link[i].onclick = function(e) {
|
link[i].onclick = function(e) {
|
||||||
if(e.which == 2) {
|
if(e.which == 2) {
|
||||||
return true;
|
return true;
|
||||||
|
Loading…
Reference in New Issue
Block a user