|
Joined: Jun 2006
Posts: 16,299 Likes: 116
|
Joined: Jun 2006
Posts: 16,299 Likes: 116 |
The number in front of the attachment is so there are no collisions (such as users uploading the same named images to your site).
As for the file in question; I'm thinking it's because of the extension .ini; does IIS have some directive that blocks certain filetypes from being dowloanded?
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
That's what I'm initially thinking but renamed a file to just .db and it didn't like that either.
I'll try one with a zip and see if that works.
As for the number strategy then why not just obfuscate the whole thing like most sites do.
Something like: mysite.com/folder/^^*H#%&w208
would equal something like: mysite.com/folder/mynewfile.zip
The filename ^^*H#%&w208 would be unique maybe use some GUID type filename creator (I'm sure PHP has something like that built-in or someone has created a script for it already)
Then the database stores that unique name AND the real name and when it downloads it to the client it renames it to the real name.
.
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
Well that is odd. It won't open/download a zip file either.
I'll have to investigate what's going on there.
|
|
|
|
Joined: Aug 2006
Posts: 1,649 Likes: 1
Pooh-Bah
|
Pooh-Bah
Joined: Aug 2006
Posts: 1,649 Likes: 1 |
Control Panel » Feature Settings » Attachments » Allowed Attachment File Extensions:
Separate with a comma. .php,.php3,.php4,.cgi,.pl,.exe,.bat,.reg not accepted.
GangsterBB.NET (Ver. 7.6.1.1) PHP Version 5.6.40 / MySQL 5.7.23-23 (was 5.6.41-84.1) / Apache 2.4.54 2007 Content Rulez Contest - Hon Mention UBB.classic 6.7.2 - RIP
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
That is for uploads. Outside of the forum in IE/FF you can't download the file even though it's there on the server so I'm betting it's not related to UBBT and just coincidence that I found it via UBBT.
.
|
|
|
|
Joined: Jun 2006
Posts: 16,299 Likes: 116
|
Joined: Jun 2006
Posts: 16,299 Likes: 116 |
sounds more like an IIS issue to me :shrug: never heard of such a thing on a *nix server lol
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
|
|
|
|
Joined: Jun 2006
Posts: 16,299 Likes: 116
|
Joined: Jun 2006
Posts: 16,299 Likes: 116 |
Well as it turns out IIS 6 does not serve up unknown MIME Types on purpose for security reasons. lol i'm the man
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
Sir yes sir, I agreed it had to be IIS. Just could not see how UBBT could be involved except for the file name.
@Rick If you can please think of another way to handle attachments without pre-pending a number to it. I would really like to see attachments retain their ORIGINAL file names like other Web apps do.
Thanks.
|
|
|
|
Joined: Jun 2006
Posts: 16,299 Likes: 116
|
Joined: Jun 2006
Posts: 16,299 Likes: 116 |
@Rick If you can please think of another way to handle attachments without pre-pending a number to it. I would really like to see attachments retain their ORIGINAL file names like other Web apps do. this would be hard, considering the risk of file collisions...
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
Well I've not programmed in PHP but have worked in VB and we setup an FTP program that assigned a unique number to files so the user would never know the real file name so they could not manually download the file and there were over 5 million files and none of them were an issue with same file name even though users could upload/download files.
Can't say I've ever been on a system that handled files this way (not saying there are not other apps out there that don't, but none that come to mind).
I see it as a very easy task using MySQL and auto generated unique keys. Add a file it gives it a unique name, but also stores what the 'REAL' name is and even if it has to do a temporary file rename or something it then gives the user back the file with the REAL name.
|
|
|
|
Joined: Jun 2006
Posts: 16,299 Likes: 116
|
Joined: Jun 2006
Posts: 16,299 Likes: 116 |
I think the file manager needs severely updated, it's way too basic at current; its one of th emany things on my huge feature list request
|
|
|
Bots
by Outdoorking - 04/13/2024 5:08 PM
|
|
|
|
|
|
2 members (Nightcrawler, Ruben),
524
guests, and
148
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|