Probably should the following rows in attachment.php do the job if configured in settings ...
PHP Code:
header("Cache-control: max-age=31536000");
header("Expires: " . gmdate("D, d M Y H:i:s",time()+31536000) . "GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s",$attachmentinfo[dateline]) . "GMT");
header("Content-disposition:$attachment filename=$attachmentinfo[filename]");
header("Content-Length: ".strlen($attachmentinfo[filedata]));
$extension=strtolower(substr(strrchr($attachmentinfo[filename],"."),1));
I.e. to store (echo $attachmentinfo[filedata];) the same stream instead of into DB to a configurable path.... and modify the url to the path for example in a new field of the attachment table...
Yeah. My problem was exactly: how to write the bin output to the server ?
I also tried to follow the same path of Kier's hack about avatars (look here ), and I think another way could be to intercept the file, even with the random name that some php SHOULD know, when it's still on the server in the TMP directory...
Move it from there to the requested dir and bypass all the attachment.php job but the url creation linking to that directory.
For security reasons, anyway, I think should be better to make ONLY an AdminCP explicit feature to save the attachment file on the server, remove it from the DB and relink the post to new location. Nothing else...
(an automated url-location of executable files could be dangerous....)
01-15-2002, 03:57 PM
Threaded Mode