Disable inline-expanding for non-images
This commit is contained in:
Savetheinternet
parent
cbb1bc1031
commit
0bad03d3a2
@ -336,7 +336,9 @@
|
||||
$this->embed;
|
||||
} elseif(!empty($this->file) && $this->file != 'deleted') {
|
||||
// File info
|
||||
$built .= '<p class="fileinfo">File: <a href="' . $config['uri_img'] . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' .
|
||||
$built .= '<p class="fileinfo">' .
|
||||
'File: <a href="' . $config['uri_img'] . $this->file . '">' . $this->file . '</a> ' .
|
||||
'<span class="unimportant">(' .
|
||||
// Filesize
|
||||
format_bytes($this->filesize) .
|
||||
// File dimensions
|
||||
@ -355,7 +357,17 @@
|
||||
|
||||
$built .= ')</span></p>' .
|
||||
// Thumbnail
|
||||
'<a href="' . $config['uri_img'] . $this->file.'" target="_blank"><img src="' . $config['uri_thumb'] . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" alt="" /></a>';
|
||||
'<a href="' .
|
||||
$config['uri_img'] .$this->file .
|
||||
'" target="_blank"' .
|
||||
($this->thumb == 'file' ? ' class="file"' : '') .
|
||||
'><img src="' .
|
||||
($this->thumb == 'file' ?
|
||||
$config['file_thumb']
|
||||
:
|
||||
$config['uri_thumb'] . $this->thumb
|
||||
) .
|
||||
'" style="width:' . $this->thumbx . 'px;height:' . $this->thumby . 'px;" alt="" /></a>';
|
||||
} elseif($this->file == 'deleted') {
|
||||
$built .= '<img src="' . $config['image_deleted'] . '" alt="" />';
|
||||
}
|
||||
@ -482,10 +494,10 @@
|
||||
// Actual embedding
|
||||
$this->embed;
|
||||
} elseif(!empty($this->file) && $this->file != 'deleted') {
|
||||
// Image, not embedded shit
|
||||
$built =
|
||||
// File link
|
||||
'<p class="fileinfo">File: <a href="' . $config['uri_img'] . $this->file .'">' . $this->file . '</a> <span class="unimportant">(' .
|
||||
// File info
|
||||
$built = '<p class="fileinfo">' .
|
||||
'File: <a href="' . $config['uri_img'] . $this->file . '">' . $this->file . '</a> ' .
|
||||
'<span class="unimportant">(' .
|
||||
// Filesize
|
||||
format_bytes($this->filesize) .
|
||||
// File dimensions
|
||||
@ -504,7 +516,17 @@
|
||||
|
||||
$built .= ')</span></p>' .
|
||||
// Thumbnail
|
||||
'<a href="' . $config['uri_img'] . $this->file.'" target="_blank"><img src="' . $config['uri_thumb'] . $this->thumb.'" style="width:'.$this->thumbx.'px;height:'.$this->thumby.'px;" alt="" /></a>';
|
||||
'<a href="' .
|
||||
$config['uri_img'] .$this->file .
|
||||
'" target="_blank"' .
|
||||
($this->thumb == 'file' ? ' class="file"' : '') .
|
||||
'><img src="' .
|
||||
($this->thumb == 'file' ?
|
||||
$config['file_thumb']
|
||||
:
|
||||
$config['uri_thumb'] . $this->thumb
|
||||
) .
|
||||
'" style="width:' . $this->thumbx . 'px;height:' . $this->thumby . 'px;" alt="" /></a>';
|
||||
} elseif($this->file == 'deleted') {
|
||||
$built = '<img src="' . $config['image_deleted'] . '" alt="" />';
|
||||
}
|
||||
|
||||
2
main.js
2
main.js
@ -134,7 +134,7 @@ function rememberStuff() {
|
||||
function init_expanding() {
|
||||
link = document.getElementsByTagName('a');
|
||||
for ( i in link ) {
|
||||
if(typeof link[i] == "object" && link[i].childNodes[0].src) {
|
||||
if(typeof link[i] == "object" && link[i].childNodes[0].src && link[i].className != 'file') {
|
||||
link[i].onclick = function(e) {
|
||||
if(e.which == 2) {
|
||||
return true;
|
||||
|
||||
15
post.php
15
post.php
@ -411,15 +411,14 @@
|
||||
if(!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files']))
|
||||
error($config['error']['unknownext']);
|
||||
|
||||
if(in_array($post['extension'], $config['allowed_ext_files']))
|
||||
$__file = true;
|
||||
$is_an_image = !in_array($post['extension'], $config['allowed_ext_files']);
|
||||
|
||||
// Just trim the filename if it's too long
|
||||
if(strlen($post['filename']) > 30) $post['filename'] = substr($post['filename'], 0, 27).'…';
|
||||
// Move the uploaded file
|
||||
if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error($config['error']['nomove']);
|
||||
|
||||
if(!isset($__file)) {
|
||||
if($is_an_image) {
|
||||
// Check IE MIME type detection XSS exploit
|
||||
$buffer = file_get_contents($post['file'], null, null, null, 255);
|
||||
if(preg_match($config['ie_mime_type_detection'], $buffer)) {
|
||||
@ -494,9 +493,12 @@
|
||||
}
|
||||
$image->destroy();
|
||||
} else {
|
||||
copy($config['file_thumb'], $post['thumb']);
|
||||
// not an image
|
||||
|
||||
$size = @getimagesize($post['thumb']);
|
||||
//copy($config['file_thumb'], $post['thumb']);
|
||||
$post['thumb'] = 'file';
|
||||
|
||||
$size = @getimagesize($config['file_thumb']);
|
||||
$post['thumbwidth'] = $size[0];
|
||||
$post['thumbheight'] = $size[1];
|
||||
}
|
||||
@ -530,7 +532,8 @@
|
||||
// Remove DIR_* before inserting them into the database.
|
||||
if($post['has_file']) {
|
||||
$post['file'] = substr_replace($post['file'], '', 0, strlen($board['dir'] . $config['dir']['img']));
|
||||
$post['thumb'] = substr_replace($post['thumb'], '', 0, strlen($board['dir'] . $config['dir']['thumb']));
|
||||
if($is_an_image)
|
||||
$post['thumb'] = substr_replace($post['thumb'], '', 0, strlen($board['dir'] . $config['dir']['thumb']));
|
||||
}
|
||||
|
||||
// Todo: Validate some more, remove messy code, allow more specific configuration
|
||||
|
||||
@ -134,7 +134,7 @@ function rememberStuff() {
|
||||
function init_expanding() {
|
||||
link = document.getElementsByTagName('a');
|
||||
for ( i in link ) {
|
||||
if(typeof link[i] == "object" && link[i].childNodes[0].src) {
|
||||
if(typeof link[i] == "object" && link[i].childNodes[0].src && link[i].className != 'file') {
|
||||
link[i].onclick = function(e) {
|
||||
if(e.which == 2) {
|
||||
return true;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user