MDL-16596 always force download of draft files - this prevents problems when editing...

diff --git a/draftfile.php b/draftfile.php
index 7ff20c380e1c2ce43585eb402fa344b4ecc6f229..2276e34a33055bcb31a4b467f134a865269e67b8 100644 (file)
--- a/draftfile.php
+++ b/draftfile.php
@@ -12,7 +12,6 @@
     disable_debugging();
 
     $relativepath = get_file_argument('draftfile.php');
-    $forcedownload = optional_param('forcedownload', 0, PARAM_BOOL);
 
     // relative path must start with '/'
     if (!$relativepath) {
@@ -64,4 +63,4 @@
     // finally send the file
     // ========================================
     session_write_close(); // unlock session during fileserving
-    send_stored_file($file, 0, false, $forcedownload);
+    send_stored_file($file, 0, false, true); // force download - security first!