Vergleich attachment.php - 1.8.13 - 1.8.22

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 69Zeile 69
if($pid || $attachment['uid'] != $mybb->user['uid'])
{
$post = get_post($pid);

if($pid || $attachment['uid'] != $mybb->user['uid'])
{
$post = get_post($pid);

	$thread = get_thread($post['tid']);





















	// Check permissions if the post is not a draft
if($post['visible'] != -2)
{
$thread = get_thread($post['tid']);

if(!$thread && !isset($mybb->input['thumbnail']))
{
error($lang->error_invalidthread);
}
$fid = $thread['fid'];

// Get forum info
$forum = get_forum($fid);

// Permissions
$forumpermissions = forum_permissions($fid);

if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']) || ($forumpermissions['candlattachments'] == 0 && !$mybb->input['thumbnail']))
{
error_no_permission();
}





	if(!$thread && !isset($mybb->input['thumbnail']))
{
error($lang->error_invalidthread);
}
$fid = $thread['fid'];

// Get forum info
$forum = get_forum($fid);

// Permissions
$forumpermissions = forum_permissions($fid);

if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']) || ($forumpermissions['candlattachments'] == 0 && !$mybb->input['thumbnail']))
{
error_no_permission();
}

// Error if attachment is invalid or not visible
if(!$attachment['attachname'] || (!is_moderator($fid, "canviewunapprove") && ($attachment['visible'] != 1 || $thread['visible'] != 1 || $post['visible'] != 1)))
{
error($lang->error_invalidattachment);
}

		// Error if attachment is invalid or not visible
if(!$attachment['attachname'] || (!is_moderator($fid, "canviewunapprove") && ($attachment['visible'] != 1 || $thread['visible'] != 1 || $post['visible'] != 1)))
{
error($lang->error_invalidattachment);
}






















	if($attachtype['forums'] != -1 && strpos(','.$attachtype['forums'].',', ','.$fid.',') === false)
{
error_no_permission();


		if($attachtype['forums'] != -1 && strpos(','.$attachtype['forums'].',', ','.$fid.',') === false)
{
error_no_permission();
}

	}
}


	}
}