Bump DB version

[friendica.git] / mod / attach.php

diff --git a/mod/attach.php b/mod/attach.php
index ae6540201e70f96227a1bf633aec78deaed4384e..dd7154dfe1a61033c370e3ea9cd8fea02111d26d 100644 (file)
--- a/mod/attach.php
+++ b/mod/attach.php
@@ -2,7 +2,7 @@
 
 require_once('include/security.php');
 
-function attach_init(&$a) {
+function attach_init(App $a) {
 
        if($a->argc != 2) {
                notice( t('Item not available.') . EOL);
@@ -16,7 +16,7 @@ function attach_init(&$a) {
        $r = q("SELECT * FROM `attach` WHERE `id` = %d LIMIT 1",
                intval($item_id)
        );
-       if(! count($r)) {
+       if (! dbm::is_result($r)) {
                notice( t('Item was not found.'). EOL);
                return;
        }
@@ -29,14 +29,21 @@ function attach_init(&$a) {
                dbesc($item_id)
        );
 
-       if(! count($r)) {
+       if (! dbm::is_result($r)) {
                notice( t('Permission denied.') . EOL);
                return;
        }
 
+       // Use quotes around the filename to prevent a "multiple Content-Disposition"
+       // error in Chrome for filenames with commas in them
        header('Content-type: ' . $r[0]['filetype']);
-       header('Content-disposition: attachment; filename=' . $r[0]['filename']);
+       header('Content-length: ' . $r[0]['filesize']);
+       if(isset($_GET['attachment']) && $_GET['attachment'] === '0')
+               header('Content-disposition: filename="' . $r[0]['filename'] . '"');
+       else
+               header('Content-disposition: attachment; filename="' . $r[0]['filename'] . '"');
+
        echo $r[0]['data'];
        killme();
        // NOTREACHED
-}
\ No newline at end of file
+}