git-svn-id: http://redmine.rubyforge.org/svn/trunk@642 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/0.6.0
@@ -19,18 +19,13 @@ class AttachmentsController < ApplicationController | |||
layout 'base' | |||
before_filter :find_project, :check_project_privacy | |||
# sends an attachment | |||
def download | |||
send_file @attachment.diskfile, :filename => @attachment.filename | |||
rescue | |||
render_404 | |||
end | |||
# sends an image to be displayed inline | |||
def show | |||
render(:nothing => true, :status => 404) and return unless @attachment.diskfile =~ /\.(jpeg|jpg|gif|png)$/i | |||
send_file @attachment.diskfile, :filename => @attachment.filename, :type => "image/#{$1}", :disposition => 'inline' | |||
# images are sent inline | |||
send_file @attachment.diskfile, :filename => @attachment.filename, | |||
:type => @attachment.content_type, | |||
:disposition => (@attachment.image? ? 'inline' : 'attachment') | |||
rescue | |||
# in case the disk file was deleted | |||
render_404 | |||
end | |||
@@ -163,7 +163,7 @@ module ApplicationHelper | |||
rf = Regexp.new(filename, Regexp::IGNORECASE) | |||
# search for the picture in attachments | |||
if found = attachments.detect { |att| att.filename =~ rf } | |||
image_url = url_for :controller => 'attachments', :action => 'show', :id => found.id | |||
image_url = url_for :controller => 'attachments', :action => 'download', :id => found.id | |||
"!#{align}#{image_url}!" | |||
else | |||
"!#{align}#{filename}!" |
@@ -84,6 +84,10 @@ class Attachment < ActiveRecord::Base | |||
container.is_a?(Project) ? container : container.project | |||
end | |||
def image? | |||
self.filename =~ /\.(jpeg|jpg|gif|png)$/i | |||
end | |||
private | |||
def sanitize_filename(value) | |||
# get only the filename, not the whole path |