dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Followup r86622: add initial QUnit test cases for jquery.textSelection module.
[lhc/web/wiklou.git] / includes / StreamFile.php
1 <?php
2 /**
3 * Functions related to the output of file content
4 *
5 * @file
6 */
7
8 /**
9 * @param $fname string
10 * @param $headers array
11 */
12 function wfStreamFile( $fname, $headers = array() ) {
13 wfSuppressWarnings();
14 $stat = stat( $fname );
15 wfRestoreWarnings();
16 if ( !$stat ) {
17 header( 'HTTP/1.0 404 Not Found' );
18 header( 'Cache-Control: no-cache' );
19 header( 'Content-Type: text/html; charset=utf-8' );
20 $encFile = htmlspecialchars( $fname );
21 $encScript = htmlspecialchars( $_SERVER['SCRIPT_NAME'] );
22 echo "<html><body>
23 <h1>File not found</h1>
24 <p>Although this PHP script ($encScript) exists, the file requested for output
25 ($encFile) does not.</p>
26 </body></html>
27 ";
28 return;
29 }
30
31 header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s', $stat['mtime'] ) . ' GMT' );
32
33 // Cancel output buffering and gzipping if set
34 wfResetOutputBuffers();
35
36 $type = wfGetType( $fname );
37 if ( $type and $type!="unknown/unknown") {
38 header("Content-type: $type");
39 } else {
40 header('Content-type: application/x-wiki');
41 }
42
43 // Don't stream it out as text/html if there was a PHP error
44 if ( headers_sent() ) {
45 echo "Headers already sent, terminating.\n";
46 return;
47 }
48
49 global $wgLanguageCode;
50 header( "Content-Disposition: inline;filename*=utf-8'$wgLanguageCode'" . urlencode( basename( $fname ) ) );
51
52 foreach ( $headers as $header ) {
53 header( $header );
54 }
55
56 if ( !empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
57 $modsince = preg_replace( '/;.*$/', '', $_SERVER['HTTP_IF_MODIFIED_SINCE'] );
58 $sinceTime = strtotime( $modsince );
59 if ( $stat['mtime'] <= $sinceTime ) {
60 ini_set('zlib.output_compression', 0);
61 header( "HTTP/1.0 304 Not Modified" );
62 return;
63 }
64 }
65
66 header( 'Content-Length: ' . $stat['size'] );
67
68 readfile( $fname );
69 }
70
71 /**
72 * @param $filename string
73 * @param $safe bool
74 * @return null|string
75 */
76 function wfGetType( $filename, $safe = true ) {
77 global $wgTrivialMimeDetection;
78
79 $ext = strrchr($filename, '.');
80 $ext = $ext === false ? '' : strtolower( substr( $ext, 1 ) );
81
82 # trivial detection by file extension,
83 # used for thumbnails (thumb.php)
84 if ($wgTrivialMimeDetection) {
85 switch ($ext) {
86 case 'gif': return 'image/gif';
87 case 'png': return 'image/png';
88 case 'jpg': return 'image/jpeg';
89 case 'jpeg': return 'image/jpeg';
90 }
91
92 return 'unknown/unknown';
93 }
94
95 $magic = MimeMagic::singleton();
96 // Use the extension only, rather than magic numbers, to avoid opening
97 // up vulnerabilities due to uploads of files with allowed extensions
98 // but disallowed types.
99 $type = $magic->guessTypesForExtension( $ext );
100
101 /**
102 * Double-check some security settings that were done on upload but might
103 * have changed since.
104 */
105 if ( $safe ) {
106 global $wgFileBlacklist, $wgCheckFileExtensions, $wgStrictFileExtensions,
107 $wgFileExtensions, $wgVerifyMimeType, $wgMimeTypeBlacklist;
108 list( , $extList ) = UploadBase::splitExtensions( $filename );
109 if ( UploadBase::checkFileExtensionList( $extList, $wgFileBlacklist ) ) {
110 return 'unknown/unknown';
111 }
112 if ( $wgCheckFileExtensions && $wgStrictFileExtensions
113 && !UploadBase::checkFileExtensionList( $extList, $wgFileExtensions ) )
114 {
115 return 'unknown/unknown';
116 }
117 if ( $wgVerifyMimeType && in_array( strtolower( $type ), $wgMimeTypeBlacklist ) ) {
118 return 'unknown/unknown';
119 }
120 }
121 return $type;
122 }
Wiklou, le Wiki du Wiklou