2 files changed, 38 insertions, 3 deletions

diff --git a/application/models/file_mod.php b/application/models/file_mod.php
index 26d384fa9..e65529971 100644
--- a/application/models/file_mod.php
+++ b/application/models/file_mod.php
@@ -83,8 +83,6 @@ class File_mod extends CI_Model {
 	// TODO: Should only update not insert; see new_id()
 	function add_file($hash, $id, $filename)
 	{
-		$this->muser->require_access();
-
 		$userid = $this->muser->get_userid();
 
 		$mimetype = exec("perl ".FCPATH.'scripts/mimetype '.escapeshellarg($filename).' '.escapeshellarg($this->file($hash)));
@@ -95,10 +93,31 @@ class File_mod extends CI_Model {
 			array($hash, $id, $filename, $userid, time(), $mimetype, $filesize));
 	}
 
+	function adopt($id)
+	{
+		$userid = $this->muser->get_userid();
+
+		$this->db->query("
+			UPDATE files
+			SET user = ?
+			WHERE id = ?
+			", array($userid, $id));
+	}
+
 	function show_url($id, $mode)
 	{
 		$redirect = false;
 
+		if (!$this->muser->logged_in()) {
+			// keep the upload but require the user to login
+			$this->session->set_userdata("last_upload", array(
+				"id" => $id,
+				"mode" => $mode
+			));
+			$this->session->set_flashdata("uri", "file/claim_id");
+			$this->muser->require_access();
+		}
+
 		if ($mode) {
 			$this->data['url'] = site_url($id).'/'.$mode;
 		} else {
@@ -191,6 +210,12 @@ class File_mod extends CI_Model {
 			return;
 		}
 
+		// don't allow unowned files to be downloaded
+		if ($filedata["user"] == 0) {
+			$this->non_existent();
+			return;
+		}
+
 		// MODIFIED SINCE SUPPORT -- START
 		// helps to keep traffic low when reloading
 		$etag = strtolower($filedata["hash"]."-".$filedata["date"]);
diff --git a/application/models/muser.php b/application/models/muser.php
index 532fdeb1a..169182c46 100644
--- a/application/models/muser.php
+++ b/application/models/muser.php
@@ -47,11 +47,19 @@ class Muser extends CI_Model {
 
 	function get_username()
 	{
+		if (!$this->logged_in()) {
+			return "";
+		}
+
 		return $this->session->userdata('username');
 	}
 
 	function get_userid()
 	{
+		if (!$this->logged_in()) {
+			return 0;
+		}
+
 		$query = $this->db->query("
 			SELECT id
 			FROM users
@@ -69,7 +77,9 @@ class Muser extends CI_Model {
 				echo "FileBin requires you to have an account, please go to the homepage for more information.\n";
 				exit();
 			} else {
-				$this->session->set_flashdata("uri", $this->uri->uri_string());
+				if (!$this->session->userdata("flash:new:uri")) {
+					$this->session->set_flashdata("uri", $this->uri->uri_string());
+				}
 				redirect('user/login');
 			}
 		}