Révision 134c7813
Ajouté par Mathieu Schiano Di Schiabica il y a environ 8 ans
drupal7/modules/file/file.module | ||
---|---|---|
529 | 529 |
// publicly accessible, with no download restrictions; for security |
530 | 530 |
// reasons all other schemes must go through the file_download_access() |
531 | 531 |
// check. |
532 |
if (in_array(file_uri_scheme($file->uri), variable_get('file_public_schema', array('public'))) || file_download_access($file->uri)) {
|
|
533 |
$fid = $file->fid;
|
|
532 |
if (!in_array(file_uri_scheme($file->uri), variable_get('file_public_schema', array('public'))) && !file_download_access($file->uri)) {
|
|
533 |
$force_default = TRUE;
|
|
534 | 534 |
} |
535 |
// If the current user doesn't have access, don't let the file be |
|
536 |
// changed. |
|
537 |
else { |
|
535 |
// Temporary files that belong to other users should never be allowed. |
|
536 |
// Since file ownership can't be determined for anonymous users, they |
|
537 |
// are not allowed to reuse temporary files at all. |
|
538 |
elseif ($file->status != FILE_STATUS_PERMANENT && (!$GLOBALS['user']->uid || $file->uid != $GLOBALS['user']->uid)) { |
|
538 | 539 |
$force_default = TRUE; |
539 | 540 |
} |
541 |
// If all checks pass, allow the file to be changed. |
|
542 |
else { |
|
543 |
$fid = $file->fid; |
|
544 |
} |
|
540 | 545 |
} |
541 | 546 |
} |
542 | 547 |
} |
Formats disponibles : Unified diff
Update to 7.43