Thread: Attachments not in DB
View Single Post
  #1  
Old 01-15-2002, 03:57 PM
Jawelin Jawelin is offline
 
Join Date: Nov 2001
Posts: 557
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
GREAT!!

Probably should the following rows in attachment.php do the job if configured in settings ...
PHP Code:
header("Cache-control: max-age=31536000");
header("Expires: " gmdate("D, d M Y H:i:s",time()+31536000) . "GMT");
header("Last-Modified: " gmdate("D, d M Y H:i:s",$attachmentinfo[dateline]) . "GMT");
header("Content-disposition:$attachment filename=$attachmentinfo[filename]");
header("Content-Length: ".strlen($attachmentinfo[filedata]));
$extension=strtolower(substr(strrchr($attachmentinfo[filename],"."),1)); 
I.e. to store (echo $attachmentinfo[filedata];) the same stream instead of into DB to a configurable path.... and modify the url to the path for example in a new field of the attachment table...



Yeah. My problem was exactly: how to write the bin output to the server ?

I also tried to follow the same path of Kier's hack about avatars (look here ), and I think another way could be to intercept the file, even with the random name that some php SHOULD know, when it's still on the server in the TMP directory...
Move it from there to the requested dir and bypass all the attachment.php job but the url creation linking to that directory.

For security reasons, anyway, I think should be better to make ONLY an AdminCP explicit feature to save the attachment file on the server, remove it from the DB and relink the post to new location. Nothing else...
(an automated url-location of executable files could be dangerous....)

What do you (all of you) think about ?

Thanks a lot for your work.

Bye
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01126 seconds
  • Memory Usage 1,776KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_php
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete